|
200591
|
9.6 |
CRITICAL
Network
|
google
fedoraproject
debian
|
chrome
fedora
debian_linux
|
Insufficient policy enforcement in WebUI in Google Chrome prior to 87.0.4280.141 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via …
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2021-21111
|
2024-11-21 14:47 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200592
|
9.6 |
CRITICAL
Network
|
google
fedoraproject
debian
|
chrome
fedora
debian_linux
|
Use after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
|
CWE-416
Use After Free
|
CVE-2021-21110
|
2024-11-21 14:47 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200593
|
9.6 |
CRITICAL
Network
|
google
fedoraproject
debian
|
chrome
fedora
debian_linux
|
Use after free in payments in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
|
CWE-416
Use After Free
|
CVE-2021-21109
|
2024-11-21 14:47 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200594
|
9.6 |
CRITICAL
Network
|
google
fedoraproject
debian
|
chrome
fedora
debian_linux
|
Use after free in media in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
|
CWE-416
Use After Free
|
CVE-2021-21108
|
2024-11-21 14:47 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200595
|
9.6 |
CRITICAL
Network
|
google
fedoraproject
debian
|
chrome
fedora
debian_linux
|
Use after free in drag and drop in Google Chrome on Linux prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a craft…
|
CWE-416
Use After Free
|
CVE-2021-21107
|
2024-11-21 14:47 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200596
|
9.6 |
CRITICAL
Network
|
google
fedoraproject
debian
|
chrome
fedora
debian_linux
|
Use after free in autofill in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
|
CWE-416
Use After Free
|
CVE-2021-21106
|
2024-11-21 14:47 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200597
|
5.5 |
MEDIUM
Local
|
courtbouillon
|
cairosvg
|
CairoSVG is a Python (pypi) package. CairoSVG is an SVG converter based on Cairo. In CairoSVG before version 2.5.1, there is a regular expression denial of service (REDoS) vulnerability. When process…
|
-
|
CVE-2021-21236
|
2024-11-21 14:47 |
2021-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200598
|
6.5 |
MEDIUM
Network
|
kamadak-exif_project
|
kamadak-exif
|
kamadak-exif is an exif parsing library written in pure Rust. In kamadak-exif version 0.5.2, there is an infinite loop in parsing crafted PNG files. Specifically, reader::read_from_container can caus…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2021-21235
|
2024-11-21 14:47 |
2021-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200599
|
7.7 |
HIGH
Network
|
spring-boot-actuator-logview_project
|
spring-boot-actuator-logview
|
spring-boot-actuator-logview in a library that adds a simple logfile viewer as spring boot actuator endpoint. It is maven package "eu.hinsch:spring-boot-actuator-logview". In spring-boot-actuator-log…
|
-
|
CVE-2021-21234
|
2024-11-21 14:47 |
2021-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200600
|
- |
|
-
|
-
|
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or …
|
-
|
CVE-2021-20451
|
2024-11-21 14:46 |
2024-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
