Ginggilbesel

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 18.7.2 iPadOS versions prior to 18.7.2 **Description** A flaw exists due to improper memory handling when processing specially designed web content. This can result in an application crash. **Recommendations** Update to iOS version 18.7.2. Update to iPadOS version 18.7.2.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 126.0.6478.114 Microsoft Edge (affected versions not specified) **Description** The issue is related to an inappropriate implementation in V8, allowing a remote attacker to perform out of bounds memory access via a crafted HTML page. This can potentially lead to the execution of arbitrary code. The vulnerability is associated with the use of memory after it has been freed. **Recommendations** For Google Chrome versions prior to 126.0.6478.114, update to version 126.0.6478.114 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 120.0.6099.109 **Description** The issue is related to a use after free in CSS, which could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page. This could lead to unauthorized access to protected information. **Recommendations** For versions prior to 120.0.6099.109, update to version 120.0.6099.109 or later to resolve the issue. As a temporary workaround, consider avoiding the use of crafted HTML pages that could trigger the heap corruption.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 102.0.5005.61 Microsoft Edge (affected versions not specified) **Description** A heap buffer overflow in DevTools allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. The issue could be exploited by a remote attacker to impact data integrity. **Recommendations** For Google Chrome versions prior to 102.0.5005.61, update to version 102.0.5005.61 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Google Chrome on Chrome OS versions prior to 102.0.5005.61 **Description** The issue is related to the use of memory after it has been freed in Tablet Mode, which could allow a remote attacker to disclose protected information by exploiting heap corruption through specific user interactions on a specially crafted web page. A remote attacker who convinces a user to engage in specific interactions could potentially exploit this. **Recommendations** For versions prior to 102.0.5005.61, update to version 102.0.5005.61 or later to resolve the issue. As a temporary workaround, consider restricting user interactions in Tablet Mode until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Google Chrome on Chrome OS versions prior to 97.0.4692.71 **Description** The issue is related to a use after free in the Screen Capture function of Google Chrome, which can lead to heap corruption. An attacker could potentially exploit this by convincing a user to perform specific gestures or by using a specially crafted web page, allowing for remote code execution. **Recommendations** For versions prior to 97.0.4692.71, update to version 97.0.4692.71 or later to resolve the issue. As a temporary workaround, consider restricting access to the Screen Capture function until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 96.0.4664.93 Microsoft Edge (affected versions not specified) **Description** The issue is related to a use after free in the window manager, which can lead to heap corruption. A remote attacker can potentially exploit this via a crafted HTML page, allowing for the execution of arbitrary code. **Recommendations** For Google Chrome versions prior to 96.0.4664.93, update to version 96.0.4664.93 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 96.0.4664.93 Microsoft Edge (affected versions not specified) **Description** The issue is related to a use after free in the screen capture function, which can lead to heap corruption. A remote attacker can potentially exploit this via a crafted HTML page, allowing for arbitrary code execution or denial of service. **Recommendations** For Google Chrome versions prior to 96.0.4664.93, update to version 96.0.4664.93 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.