C6Eed09Fc8B174B0F3Eebedcceb1E792

**Name of the Vulnerable Software and Affected Versions** Google Chrome on Linux versions prior to 149.0.7827.53 **Description** A use after free issue in Fonts allows a remote attacker to execute arbitrary code inside a sandbox by using a crafted HTML page. Use after free is a memory corruption flaw that occurs when an application continues to use a pointer after it has been freed. **Recommendations** Update to version 149.0.7827.53 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 149.0.7827.53 **Description** Insufficient validation of untrusted input in Extensions allows a remote attacker who has compromised the renderer process to bypass the same origin policy, which is a security mechanism that restricts how a document or script loaded from one origin can interact with a resource from another origin, via a crafted HTML page. **Recommendations** Update to version 149.0.7827.53 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome on Mac versions prior to 148.0.7778.179 **Description** An out of bounds read in the GPU allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. An out of bounds read occurs when a program reads data past the end or before the beginning of the intended buffer. **Recommendations** Update Google Chrome on Mac to version 148.0.7778.179 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome on Mac versions prior to 148.0.7778.179 **Description** An out of bounds read in the GPU allows a remote attacker to perform an out of bounds memory read by using a crafted HTML page. An out of bounds read occurs when a program reads data past the end or before the beginning of the intended buffer. **Recommendations** Update to version 148.0.7778.179 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 148.0.7778.168 **Description** A heap buffer overflow in WebML allows a remote attacker to execute arbitrary code inside a sandbox by using a crafted HTML page. A heap buffer overflow occurs when a program writes more data to a heap-allocated memory block than it can hold, potentially overwriting adjacent memory. **Recommendations** Update to version 148.0.7778.168 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 148.0.7778.168 **Description** An out of bounds write in WebRTC allows a remote attacker to execute arbitrary code inside a sandbox by using a crafted HTML page. An out of bounds write occurs when a program writes data past the end of an intended buffer, which can lead to memory corruption. **Recommendations** Update to version 148.0.7778.168 or later.

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.55 Description A use-after-free issue existed in the Media component of Google Chrome. This could allow a remote attacker to execute arbitrary code within a sandbox through a specially crafted HTML page. Recommendations Update Google Chrome to version 147.0.7727.55 or later.

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.55 Description A heap buffer overflow exists in the WebML component of Google Chrome. This issue could allow a remote attacker to execute arbitrary code by tricking a user into visiting a specially crafted HTML page. Recommendations Update Google Chrome to version 147.0.7727.55 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 148.0.7778.96 **Description** A Use After Free issue in the printing component allows a remote attacker who has already compromised the renderer process to potentially achieve a sandbox escape. This is triggered via a specially crafted HTML page. **Recommendations** Update to version 148.0.7778.96 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 147.0.7727.138 **Description** A heap buffer overflow exists in WebRTC, which could allow a remote attacker to potentially exploit heap corruption through a crafted HTML page. A heap buffer overflow occurs when a program writes more data to a heap-allocated memory block than it can hold, potentially leading to crashes or arbitrary code execution. **Recommendations** Update to version 147.0.7727.138 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 147.0.7727.138 **Description** A use after free (a condition where a program continues to use a memory address after it has been freed) in the GPU component allows a remote attacker to potentially perform a sandbox escape via a crafted HTML page. This occurs when modifying the surface activation group vector while iterating through existing entries. **Recommendations** Update to version 147.0.7727.138 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 147.0.7727.55 **Description** A heap buffer overflow existed in the WebML component of Google Chrome. This issue could allow a remote attacker to potentially obtain sensitive information from process memory by using a specially crafted HTML page. The security severity was rated as High. **Recommendations** Update Google Chrome to version 147.0.7727.55 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 148.0.7778.96 Microsoft Edge (affected versions not specified) **Description** An integer overflow exists in the Blink rendering engine, which is used by Google Chrome and Microsoft Edge. A remote attacker can exploit this flaw by using a crafted HTML page to trigger heap corruption, potentially leading to a denial of service or code execution. **Recommendations** Update to version 148.0.7778.96 or later. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 148.0.7778.96 **Description** A use after free issue in CSS allows a remote attacker to execute arbitrary code inside a sandbox by using a crafted HTML page. Use after free is a memory corruption flaw that occurs when an application continues to use a pointer after it has been freed. **Recommendations** Update to version 148.0.7778.96 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 148.0.7778.96 **Description** An out of bounds read exists in Fonts, which allows a remote attacker to perform an out of bounds memory read by using a crafted HTML page. An out of bounds read occurs when a program reads data past the end or before the beginning of the intended buffer. **Recommendations** Update to version 148.0.7778.96 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 146.0.7680.71 **Description** A use after free issue in WindowDialog within Google Chrome prior to version 146.0.7680.71 could allow a remote attacker who has compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page. The Chromium security severity is rated as High. **Recommendations** Update Google Chrome to version 146.0.7680.71 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 146.0.7680.71 **Description** A use-after-free issue exists in the WebMIDI component of Google Chrome. This flaw could allow a remote attacker to exploit heap corruption through a specially crafted HTML page. The security severity is rated as High. **Recommendations** Update Google Chrome to version 146.0.7680.71 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 145.0.7632.159 **Description** A heap buffer overflow exists in the WebCodecs component of Google Chrome. This issue allows a remote attacker to perform an out-of-bounds memory write by using a specially crafted HTML page. **Recommendations** Update Google Chrome to version 145.0.7632.159 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 146.0.7680.165 **Description** A heap buffer overflow exists in the WebAudio component of Google Chrome. This flaw allows a remote attacker to perform an out-of-bounds memory write through a specially crafted HTML page. **Recommendations** Update Google Chrome to version 146.0.7680.165 or later.

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.55 Description A flaw exists in the WebAudio component of Google Chrome on Mac that could allow a remote attacker to access sensitive information from process memory. This is triggered by a specially crafted HTML page. The security severity is rated as Medium. Recommendations Update Google Chrome to version 147.0.7727.55 or later.