CVE-2024-8636 - Heap Buffer Overflow in Skia - How a Crafted HTML Page Can Hack Your Chrome
In early 2024, a serious security bug—CVE-2024-8636—was found in the Skia graphics library, which is used by Google Chrome. Chrome versions before 128.
CVE-2024-40656 - Image Disclosure via Confused Deputy Vulnerability in ConnectionServiceWrapper.java
_Discovered in mid-2024, CVE-2024-40656 exposes a local information leak risk on Android platforms. A flaw in ConnectionServiceWrapper.java's handleCreateConferenceComplete method lets malicious apps
CVE-2024-40659 - Disabling AndroidKeyStore Key Generation via Faulty Attestation Key Validation
Android’s security infrastructure greatly depends on the integrity and isolation of cryptographic keys managed by the AndroidKeyStore system. However, CVE-2024-40659 has revealed a striking
CVE-2024-8362 - Exploiting a Use-After-Free in Chrome WebAudio (Pre-128..6613.119) – Explanation, Details, and Example
---
Introduction
A critical security vulnerability, CVE-2024-8362, was discovered in Google Chrome's WebAudio implementation. This bug lets remote attackers potentially cause heap corruption
CVE-2024-7970: A Deep Dive Into the Out of Bounds Write in V8 Vulnerability in Google Chrome and How to Protect Yourself
CVE-2024-7970 is a security vulnerability found in Google Chrome's V8 JavaScript engine, affecting versions prior to 128..6613.119. It has been categorized
Episode
00:00:00
00:00:00