Svn-Dys

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 149.0.7827.53 **Description** A heap buffer overflow occurs in the TabStrip component. This issue allows a remote attacker to potentially exploit heap corruption—a condition where memory allocation in the heap is corrupted—by using a crafted HTML page, provided they can convince a user to perform specific UI gestures. **Recommendations** Update to version 149.0.7827.53 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 127.0.6533.72 Microsoft Edge (affected versions not specified) **Description** The issue is related to a use after free vulnerability in the Tabs component of Google Chrome and Microsoft Edge browsers. This vulnerability can be exploited by a remote attacker who convinces a user to perform specific UI gestures, potentially leading to heap corruption via a crafted HTML page. The attacker could cause a denial of service or execute arbitrary code. **Recommendations** For Google Chrome versions prior to 127.0.6533.72, update to version 127.0.6533.72 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 127.0.6533.72 Microsoft Edge (affected versions not specified) **Description** The issue is related to a use after free vulnerability in the User Education component of Google Chrome and Microsoft Edge, which can lead to memory corruption. A remote attacker could potentially exploit this issue by convincing a user to perform specific UI gestures, allowing them to cause a denial of service or execute arbitrary code via a crafted HTML page. **Recommendations** For Google Chrome versions prior to 127.0.6533.72, update to version 127.0.6533.72 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 126.0.6478.182 Microsoft Edge (affected versions not specified) **Description** The issue is related to a use after free in the Navigation function, which could allow an attacker to exploit heap corruption via a crafted Chrome Extension. This could potentially lead to unauthorized access to protected information, execution of arbitrary code, or denial of service. An attacker would need to convince a user to install a malicious extension to exploit this issue. **Recommendations** For Google Chrome versions prior to 126.0.6478.182, update to version 126.0.6478.182 or later. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.