CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
25.8%
Vulnerability in the Extensions component of Microsoft Edge and Google Chrome browsers is related to
incorrect security checks for standard elements. Exploitation of the vulnerability could allow
an attacker acting remotely to gain access to sensitive information
V8 JavaScript script handler vulnerability in Google Chrome and Microsoft Edge browsers is related to
memory usage after it is freed when processing objects in memory. Exploitation of the vulnerability
could allow an attacker acting remotely to impact the confidentiality,
integrity and availability of protected information through the use of a specially craftedHTML page
The Site Isolation vulnerability in Microsoft Edge and Google Chrome browsers is related to the following
access control flaws. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to a sensitive, confidential, or confidential page.
remotely to gain access to sensitive information
A vulnerability in the Downloads section of Microsoft Edge and Google Chrome browsers is related to insufficient validation of input data.
of input data. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive information.
access to sensitive information
A vulnerability in the Dawn component of the Google Chrome browser is related to memory usage after it has been freed.
Exploitation of the vulnerability could allow a local attacker to execute arbitrary code using a specially crafted web page.
using a specially crafted web page
The ANGLE library vulnerability in Google Chrome browser is related to memory usage after its release.
freeing. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code using a specially crafted web page.
arbitrary code using a specially crafted HTML page
Vulnerability in the Performance Manager component of Google Chrome browser is related to memory usage after its release.
memory after it has been freed. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code using a specially crafted HTML page.
arbitrary code using a specially crafted HTML page
A vulnerability in the Blink display module of Microsoft Edge and Google Chrome browsers is related to an operation exceeding the buffer boundaries in memory.
out of memory buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely,
execute arbitrary code
A vulnerability in the Navigation feature of Google Chrome and Microsoft Edge browsers is related to an improperly
incorrectly implemented security checks for standard elements. Exploitation of the vulnerability could allow
an attacker acting remotely to disclose protected information using a specially crafted
HTML page
A vulnerability in the Site Isolation feature of Microsoft Edge and Google Chrome browsers is associated with an incorrect security check for standard elements.
incorrect security checks for standard elements. Exploitation of the vulnerability could allow
a remote intruder to gain unauthorized access to protected information
V8 JavaScript script handler vulnerability in Microsoft Edge and Google Chrome browsers is related to
operation exceeding the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker,
acting remotely, to execute arbitrary code through a specially crafted HTML page or file
A vulnerability in the WebAssembly component of Microsoft Edge and Google Chrome browsers is related to an operation exceeding the buffer boundaries in memory.
buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely,
execute arbitrary code
A vulnerability in the CSP (Content Security Policy) mechanism of Google Chrome and Microsoft Edge browser is related to
incorrect security checks for standard elements. Exploitation of the vulnerability could allow
an attacker acting remotely to bypass existing security restrictions using a specially crafted HTML page.
specially crafted HTML page
A vulnerability in the Prompts component of Microsoft Edge and Google Chrome browsers is related to incorrect security checks for standard elements.
security checks for standard elements. Exploitation of the vulnerability could allow an attacker acting
remotely to gain access to confidential information
V8 JavaScript script handler interface vulnerability in Google Chrome and Microsoft Edge browsers
is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow
a remote intruder to gain unauthorized access to protected information by
Opening a specially crafted malicious web page
A vulnerability in the Networks component of the Microsoft Edge and Google Chrome browsers is related to incorrectly
restriction of the displayed layers or frames of the user interface. Exploitation of the vulnerability could
Allow a remote attacker to gain access to sensitive information
A vulnerability in the Download component of Google Chrome and Microsoft Edge browser is related to a flaw in the access control.
access control flaws. Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security restrictions using a specially crafted vulnerability.
existing security restrictions through the use of a specially crafted HTML page
A vulnerability in the WebAssembly module of Google Chrome and Microsoft Edge browser is related to accessing a resource via incompatible types.
incompatible types. Exploitation of the vulnerability could allow an attacker acting remotely to execute
arbitrary code using a specially crafted HTML page
A vulnerability in the Navigation feature of Google Chrome and Microsoft Edge browser is related to an incorrectly
implemented security checks for standard elements. Exploitation of the vulnerability could allow
an attacker, acting remotely, to bypass existing security restrictions by using a specially
specially crafted HTML page
Vulnerability in the V8 JavaScript script handler of Google Chrome browser is related to data type mixing errors.
data types. Exploitation of the vulnerability could allow an attacker acting remotely to execute
arbitrary code
A vulnerability in the WebUI user interface of Microsoft Edge and Google Chrome browsers is related to access control flaws.
access control flaws. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the existing
remotely to bypass existing security restrictions.
V8 JavaScript script handler vulnerability in Google Chrome and Microsoft Edge browsers is related to
incorrectly implemented security checks for standard elements. Exploitation of the vulnerability
could allow an attacker acting remotely to execute arbitrary code or cause a denial of
service through the use of a specially crafted HTML page
A vulnerability in the Compositing component of the Google Chrome and Microsoft Edge browsers is related to writing beyond the
buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely,
execute arbitrary code using a specially crafted web page
A vulnerability in the Mojo IPC library of Microsoft Edge and Google Chrome browsers is related to memory usage
after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely,
execute arbitrary code
A vulnerability in the Dawn component of Google Chrome and Microsoft Edge browsers is related to the use of memory
after it has been freed. Exploitation of the vulnerability could allow a remote attacker,
execute arbitrary code using a specially crafted web page
Vulnerability in the WebCodecs component of Google Chrome browser is related to memory usage after its release.
memory after it has been freed. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code using a specially crafted web page.
arbitrary code using a specially crafted web page
Vulnerability in the Accessibility component of Google Chrome and Microsoft Edge browser is related to the use of memory after its release.
memory after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely,
compromise the rendering process
The ANGLE library vulnerability in Google Chrome and Microsoft Edge browsers is related to a buffer overflow in the
dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely,
execute arbitrary code using a specially crafted web page
Browser Switcher extension vulnerability in Microsoft Edge and Google Chrome browsers is related to insufficient input data validation.
input validation. Exploitation of the vulnerability could allow an attacker acting remotely,
gain access to sensitive information
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
25.8%