Jaehun Jeong

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 99.0.4844.51 Microsoft Edge (affected versions not specified) **Description** The issue is related to an out of bounds read in the ANGLE library, which can potentially lead to heap corruption. A remote attacker could exploit this by using a crafted HTML page, allowing them to potentially reveal protected information. **Recommendations** For Google Chrome versions prior to 99.0.4844.51, update to version 99.0.4844.51 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 96.0.4664.93 Microsoft Edge (affected versions not specified) **Description** The issue is related to an integer underflow in the ANGLE library, which can be exploited by a remote attacker to potentially cause heap corruption via a crafted HTML page. This could allow the attacker to execute arbitrary code or cause a denial of service by sending a specially crafted request. **Recommendations** For Google Chrome versions prior to 96.0.4664.93, update to version 96.0.4664.93 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 93.0.4577.82 **Description** A stack buffer overflow in the ANGLE library of Google Chrome allows a remote attacker to potentially exploit stack corruption via a crafted HTML page, which could lead to a denial of service or the execution of arbitrary code. **Recommendations** For versions prior to 93.0.4577.82, update to version 93.0.4577.82 or later to resolve the issue. As a temporary workaround, consider restricting access to potentially vulnerable web pages until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 86.0.4240.183 **Description** The issue is related to insufficient policy enforcement in the ANGLE component of Google Chrome, which can lead to heap corruption. A remote attacker can potentially exploit this issue via a crafted HTML page, affecting the confidentiality, integrity, and availability of protected information. **Recommendations** For Google Chrome versions prior to 86.0.4240.183, update to version 86.0.4240.183 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Trend Micro Apex One (affected versions not specified) Trend Micro OfficeScan (affected versions not specified) **Description** A vulnerability in the ServerMigrationTool component could allow an attacker to execute arbitrary code on affected products. This requires user interaction, where the target must import a corrupted configuration file. **Recommendations** For Trend Micro Apex One, avoid importing configuration files from untrusted sources until a fix is available. For Trend Micro OfficeScan, restrict access to the ServerMigrationTool component to minimize the risk of exploitation. As a temporary workaround, consider disabling the import functionality of the ServerMigrationTool component until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Adobe Flash Player (affected versions not specified) **Description** The issue is related to a use-after-free error in memory usage. This can be exploited by a remote attacker to execute arbitrary code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.