Ziling Chen

**Name of the Vulnerable Software and Affected Versions** Safari (affected versions not specified) **Description** The issue was addressed with improved memory handling. Processing maliciously crafted web content may lead to an unexpected Safari crash. **Recommendations** Update to watchOS 11.6. Update to iOS 18.6. Update to iPadOS 18.6. Update to tvOS 18.6. Update to macOS Sequoia 15.6. Update to visionOS 2.6.

Name of the Vulnerable Software and Affected Versions: Microsoft Edge (Chromium-based) (affected versions not specified) Description: The issue allows an unauthorized attacker to execute code over a network due to a 'type confusion' vulnerability in Microsoft Edge (Chromium-based), enabling remote code execution. This vulnerability permits remote attackers to execute arbitrary code and affect the system. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 105.0.5195.125 **Description** The issue is related to an out of bounds write in Storage, allowing a remote attacker to perform an out of bounds memory write via a crafted HTML page. This could potentially impact the confidentiality, integrity, and availability of protected information. **Recommendations** For Google Chrome versions prior to 105.0.5195.125, update to version 105.0.5195.125 or later to resolve the issue. As a temporary workaround, consider restricting access to crafted HTML pages that could exploit this issue.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 105.0.5195.52 Microsoft Edge (affected versions not specified) **Description** The issue is related to a use after free in WebSQL, which can be exploited by a remote attacker to potentially corrupt the heap via a crafted HTML page. This could allow the attacker to execute arbitrary code. **Recommendations** For Google Chrome versions prior to 105.0.5195.52, update to version 105.0.5195.52 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 105.0.5195.52 Microsoft Edge (affected versions not specified) **Description** The issue is related to a use after free in WebSQL, which could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page. This might enable the attacker to execute arbitrary code. **Recommendations** For Google Chrome versions prior to 105.0.5195.52, update to version 105.0.5195.52 or later. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.