Vulnerabilities (CVE)

Filtered by vendor Google Subscribe
Filtered by product Chrome
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-21156 2 Fedoraproject, Google 2 Fedora, Chrome 2021-05-17 6.8 MEDIUM 8.8 HIGH
Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted script.
CVE-2021-21148 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-05-17 6.8 MEDIUM 8.8 HIGH
Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21195 1 Google 1 Chrome 2021-05-14 6.8 MEDIUM 8.8 HIGH
Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21211 2 Debian, Google 2 Debian Linux, Chrome 2021-05-14 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in Navigation in Google Chrome on iOS prior to 90.0.4430.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2021-21212 2 Debian, Google 2 Debian Linux, Chrome 2021-05-14 4.3 MEDIUM 6.5 MEDIUM
Incorrect security UI in Network Config UI in Google Chrome on ChromeOS prior to 90.0.4430.72 allowed a remote attacker to potentially compromise WiFi connection security via a malicious WAP.
CVE-2021-21210 2 Debian, Google 2 Debian Linux, Chrome 2021-05-14 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in Network in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially access local UDP ports via a crafted HTML page.
CVE-2021-21196 2 Google, Microsoft 2 Chrome, Windows 2021-05-14 6.8 MEDIUM 8.8 HIGH
Heap buffer overflow in TabStrip in Google Chrome on Windows prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21207 2 Debian, Google 2 Debian Linux, Chrome 2021-05-14 6.8 MEDIUM 8.6 HIGH
Use after free in IndexedDB in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
CVE-2021-21198 1 Google 1 Chrome 2021-05-14 4.3 MEDIUM 7.4 HIGH
Out of bounds read in IPC in Google Chrome prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2021-21206 1 Google 1 Chrome 2021-05-14 6.8 MEDIUM 8.8 HIGH
Use after free in Blink in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21202 2 Debian, Google 2 Debian Linux, Chrome 2021-05-14 6.8 MEDIUM 8.6 HIGH
Use after free in extensions in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
CVE-2021-21201 2 Debian, Google 2 Debian Linux, Chrome 2021-05-14 6.8 MEDIUM 9.6 CRITICAL
Use after free in permissions in Google Chrome prior to 90.0.4430.72 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2021-21216 2 Debian, Google 2 Debian Linux, Chrome 2021-05-14 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to spoof security UI via a crafted HTML page.
CVE-2021-21214 2 Debian, Google 2 Debian Linux, Chrome 2021-05-14 6.8 MEDIUM 8.8 HIGH
Use after free in Network API in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension.
CVE-2021-21204 3 Apple, Debian, Google 3 Mac Os X, Debian Linux, Chrome 2021-05-14 6.8 MEDIUM 8.8 HIGH
Use after free in Blink in Google Chrome on OS X prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21199 1 Google 1 Chrome 2021-05-14 6.8 MEDIUM 8.8 HIGH
Use after free in Aura in Google Chrome on Linux prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21215 2 Debian, Google 2 Debian Linux, Chrome 2021-05-14 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to spoof security UI via a crafted HTML page.
CVE-2021-21203 2 Debian, Google 2 Debian Linux, Chrome 2021-05-14 6.8 MEDIUM 8.8 HIGH
Use after free in Blink in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21228 2 Debian, Google 2 Debian Linux, Chrome 2021-05-14 4.3 MEDIUM 4.3 MEDIUM
Insufficient policy enforcement in extensions in Google Chrome prior to 90.0.4430.93 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
CVE-2021-21218 2 Debian, Google 2 Debian Linux, Chrome 2021-05-14 4.3 MEDIUM 5.5 MEDIUM
Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.