|
195411
|
6.5 |
MEDIUM
Network
|
google
microsoft
|
chrome
edge_chromium
|
Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.
|
CWE-74
Injection
|
CVE-2021-21137
|
2024-11-21 14:47 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195412
|
6.5 |
MEDIUM
Network
|
google
microsoft
|
chrome
edge_chromium
|
Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
|
CWE-346
Origin Validation Error
|
CVE-2021-21136
|
2024-11-21 14:47 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195413
|
6.5 |
MEDIUM
Network
|
google
microsoft
|
chrome
edge_chromium
|
Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
|
CWE-346
Origin Validation Error
|
CVE-2021-21135
|
2024-11-21 14:47 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195414
|
6.5 |
MEDIUM
Network
|
google
microsoft
|
chrome
edge_chromium
|
Incorrect security UI in Page Info in Google Chrome on iOS prior to 88.0.4324.96 allowed a remote attacker to spoof security UI via a crafted HTML page.
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2021-21134
|
2024-11-21 14:47 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195415
|
6.5 |
MEDIUM
Network
|
google
microsoft
|
chrome
edge_chromium
|
Insufficient policy enforcement in Downloads in Google Chrome prior to 88.0.4324.96 allowed an attacker who convinced a user to download files to bypass navigation restrictions via a crafted HTML pag…
|
NVD-CWE-Other
|
CVE-2021-21133
|
2024-11-21 14:47 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195416
|
9.6 |
CRITICAL
Network
|
google
microsoft
|
chrome
edge_chromium
|
Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension.
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2021-21132
|
2024-11-21 14:47 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195417
|
6.5 |
MEDIUM
Network
|
google
microsoft
|
chrome
edge_chromium
|
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
|
CWE-59
CWE-434
Link Following
Unrestricted Upload of File with Dangerous Type
|
CVE-2021-21131
|
2024-11-21 14:47 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195418
|
6.5 |
MEDIUM
Network
|
google
microsoft
|
chrome
edge_chromium
|
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
|
NVD-CWE-Other
|
CVE-2021-21130
|
2024-11-21 14:47 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195419
|
6.5 |
MEDIUM
Network
|
google
microsoft
|
chrome
edge_chromium
|
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
|
NVD-CWE-Other
|
CVE-2021-21129
|
2024-11-21 14:47 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195420
|
8.8 |
HIGH
Network
|
google
microsoft
|
chrome
edge_chromium
|
Heap buffer overflow in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
CWE-787
Out-of-bounds Write
|
CVE-2021-21128
|
2024-11-21 14:47 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
