July 1, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple Dell Peripheral Manager Vulnerabilities
August 1, 2024Multiple Intel Products Vulnerabilities
August 1, 2024Multiple Dell Peripheral Manager Vulnerabilities
August 1, 2024Multiple Intel Products Vulnerabilities
August 1, 2024
Severity
Medium
Analysis Summary
CVE-2024-6990 CVSS:7.7
Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by uninitialized use in Dawn. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2924-7255 CVSS:5.7
Google Chrome could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in WebTransport. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to obtain sensitive information.
CVE-2024-7256 CVSS:6.5
Google Chrome could allow a remote attacker to bypass security restrictions, caused by insufficient data validation in Dawn. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.
Impact
- Security Bypass
- Code Execution
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2024-6990
- CVE-2024-7255
- CVE-2024-7256
Affected Vendors
Google
Affected Products
- Google Chrome 127.0
Remediation
Refer to Google Chrome Website for patch, upgrade, or suggested workaround information.