|
198921
|
8.8 |
HIGH
Network
|
google
fedoraproject
|
chrome
fedora
|
Heap buffer overflow in Tab Groups in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a craft…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-21144
|
2024-11-21 14:47 |
2021-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198922
|
8.8 |
HIGH
Network
|
google
fedoraproject
|
chrome
fedora
|
Heap buffer overflow in Extensions in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a craft…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-21143
|
2024-11-21 14:47 |
2021-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198923
|
9.6 |
CRITICAL
Network
|
google
fedoraproject
|
chrome
fedora
|
Use after free in Payments in Google Chrome on Mac prior to 88.0.4324.146 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
|
CWE-416
Use After Free
|
CVE-2021-21142
|
2024-11-21 14:47 |
2021-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198924
|
6.5 |
MEDIUM
Network
|
google
microsoft
|
chrome
edge
|
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass file extension policy via a crafted HTML page.
|
CWE-74
Injection
|
CVE-2021-21141
|
2024-11-21 14:47 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198925
|
6.8 |
MEDIUM
Physics
|
google
microsoft
|
chrome
edge
|
Uninitialized use in USB in Google Chrome prior to 88.0.4324.96 allowed a local attacker to potentially perform out of bounds memory access via via a USB device.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2021-21140
|
2024-11-21 14:47 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198926
|
6.5 |
MEDIUM
Network
|
google
microsoft
|
chrome
edge_chromium
|
Inappropriate implementation in iframe sandbox in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2021-21139
|
2024-11-21 14:47 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198927
|
8.6 |
HIGH
Local
|
google
|
chrome
|
Use after free in DevTools in Google Chrome prior to 88.0.4324.96 allowed a local attacker to potentially perform a sandbox escape via a crafted file.
|
CWE-416
Use After Free
|
CVE-2021-21138
|
2024-11-21 14:47 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198928
|
6.5 |
MEDIUM
Network
|
google
microsoft
|
chrome
edge_chromium
|
Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.
|
CWE-74
Injection
|
CVE-2021-21137
|
2024-11-21 14:47 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198929
|
6.5 |
MEDIUM
Network
|
google
microsoft
|
chrome
edge_chromium
|
Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
|
CWE-346
Origin Validation Error
|
CVE-2021-21136
|
2024-11-21 14:47 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198930
|
6.5 |
MEDIUM
Network
|
google
microsoft
|
chrome
edge_chromium
|
Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
|
CWE-346
Origin Validation Error
|
CVE-2021-21135
|
2024-11-21 14:47 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
