N3Sk

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 115.0.5790.170 **Description** The issue is related to an out of bounds memory access in the ANGLE library of Google Chrome, which could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page. This could lead to arbitrary code execution or denial of service. **Recommendations** For versions prior to 115.0.5790.170, update to version 115.0.5790.170 or later to resolve the issue. As a temporary workaround, consider restricting access to potentially malicious web pages to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 114.0.5735.90 **Description** The issue is related to an out of bounds write in Swiftshader, a library used by Google Chrome. This could potentially allow a remote attacker to exploit heap corruption via a crafted HTML page. The vulnerability may enable an attacker to execute arbitrary code. **Recommendations** For Google Chrome versions prior to 114.0.5735.90, update to version 114.0.5735.90 or later to resolve the issue. As a temporary workaround, consider avoiding the use of crafted HTML pages that could trigger the out of bounds write in Swiftshader until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 108.0.5359.71 Microsoft Edge (affected versions not specified) **Description** The issue is related to a Use-After-Free vulnerability in the sign-in functionality, allowing a remote attacker to potentially exploit heap corruption via profile destruction by convincing a user to engage in specific UI interaction. This could lead to unauthorized access to confidential data, disruption of data integrity, and denial of service. **Recommendations** For Google Chrome versions prior to 108.0.5359.71, update to version 108.0.5359.71 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 99.0.4844.51 Microsoft Edge (affected versions not specified) **Description** The issue is related to an out of bounds read in the ANGLE library, which can potentially lead to heap corruption. A remote attacker could exploit this by using a crafted HTML page, allowing them to potentially reveal protected information. **Recommendations** For Google Chrome versions prior to 99.0.4844.51, update to version 99.0.4844.51 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 96.0.4664.93 Microsoft Edge (affected versions not specified) **Description** The issue is related to an integer underflow in the ANGLE library, which can be exploited by a remote attacker to potentially cause heap corruption via a crafted HTML page. This could allow the attacker to execute arbitrary code or cause a denial of service by sending a specially crafted request. **Recommendations** For Google Chrome versions prior to 96.0.4664.93, update to version 96.0.4664.93 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 93.0.4577.82 **Description** A stack buffer overflow in the ANGLE library of Google Chrome allows a remote attacker to potentially exploit stack corruption via a crafted HTML page, which could lead to a denial of service or the execution of arbitrary code. **Recommendations** For versions prior to 93.0.4577.82, update to version 93.0.4577.82 or later to resolve the issue. As a temporary workaround, consider restricting access to potentially vulnerable web pages until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 86.0.4240.183 **Description** The issue is related to insufficient policy enforcement in the ANGLE component of Google Chrome, which can lead to heap corruption. A remote attacker can potentially exploit this issue via a crafted HTML page, affecting the confidentiality, integrity, and availability of protected information. **Recommendations** For Google Chrome versions prior to 86.0.4240.183, update to version 86.0.4240.183 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Trend Micro Apex One (affected versions not specified) Trend Micro OfficeScan (affected versions not specified) **Description** A vulnerability in the ServerMigrationTool component could allow an attacker to execute arbitrary code on affected products. This requires user interaction, where the target must import a corrupted configuration file. **Recommendations** For Trend Micro Apex One, avoid importing configuration files from untrusted sources until a fix is available. For Trend Micro OfficeScan, restrict access to the ServerMigrationTool component to minimize the risk of exploitation. As a temporary workaround, consider disabling the import functionality of the ServerMigrationTool component until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Adobe Flash Player (affected versions not specified) **Description** The issue is related to a use-after-free error in memory usage. This can be exploited by a remote attacker to execute arbitrary code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.