|
197641
|
6.5 |
MEDIUM
Network
|
google
microsoft
|
chrome
edge_chromium
|
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
|
NVD-CWE-Other
|
CVE-2021-21130
|
2024-11-21 14:47 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197642
|
6.5 |
MEDIUM
Network
|
google
microsoft
|
chrome
edge_chromium
|
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
|
NVD-CWE-Other
|
CVE-2021-21129
|
2024-11-21 14:47 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197643
|
8.8 |
HIGH
Network
|
google
microsoft
|
chrome
edge_chromium
|
Heap buffer overflow in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
CWE-787
Out-of-bounds Write
|
CVE-2021-21128
|
2024-11-21 14:47 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197644
|
8.8 |
HIGH
Network
|
google
microsoft
|
chrome
edge_chromium
|
Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass content security policy via a crafted Chrome Extension.
|
NVD-CWE-Other
|
CVE-2021-21127
|
2024-11-21 14:47 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197645
|
6.5 |
MEDIUM
Network
|
google
microsoft
|
chrome
edge_chromium
|
Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension.
|
CWE-20
Improper Input Validation
|
CVE-2021-21126
|
2024-11-21 14:47 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197646
|
8.1 |
HIGH
Network
|
google
microsoft
|
chrome
edge_chromium
|
Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
|
CWE-59
Link Following
|
CVE-2021-21125
|
2024-11-21 14:47 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197647
|
9.6 |
CRITICAL
Network
|
google
microsoft
|
chrome
edge_chromium
|
Potential user after free in Speech Recognizer in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
|
CWE-416
Use After Free
|
CVE-2021-21124
|
2024-11-21 14:47 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197648
|
6.5 |
MEDIUM
Network
|
google
microsoft
|
chrome
edge_chromium
|
Insufficient data validation in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
|
CWE-20
Improper Input Validation
|
CVE-2021-21123
|
2024-11-21 14:47 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197649
|
8.8 |
HIGH
Network
|
google
microsoft
|
chrome
edge_chromium
|
Use after free in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
CWE-416
Use After Free
|
CVE-2021-21122
|
2024-11-21 14:47 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197650
|
9.6 |
CRITICAL
Network
|
google
microsoft
|
chrome
edge_chromium
|
Use after free in Omnibox in Google Chrome on Linux prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
|
CWE-416
Use After Free
|
CVE-2021-21121
|
2024-11-21 14:47 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
