CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 1CVE-2021-21128 – Debian Security Advisory 4846-1
https://notcve.org/view.php?id=CVE-2021-21128
25 Jan 2021 — Heap buffer overflow in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de pila en Blink en Google Chrome versiones anteriores a 88.0.4324.96, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of cod... • https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2021-21137 – Debian Security Advisory 4846-1
https://notcve.org/view.php?id=CVE-2021-21137
25 Jan 2021 — Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page. Una implementación inapropiada en DevTools en Google Chrome versiones anteriores a 88.0.4324.96, permitió a un atacante remoto obtener potencialmente información confidencial del disco por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result ... • https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-21117 – Debian Security Advisory 4846-1
https://notcve.org/view.php?id=CVE-2021-21117
25 Jan 2021 — Insufficient policy enforcement in Cryptohome in Google Chrome prior to 88.0.4324.96 allowed a local attacker to perform OS-level privilege escalation via a crafted file. Una aplicación de políticas insuficientes en Cryptohome en Google Chrome versiones anteriores a 88.0.4324.96, permitió a un atacante local llevar a cabo una escalada de privilegios a nivel del Sistema Operativo por medio de un archivo diseñado Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could ... • https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2021-21123 – Debian Security Advisory 4846-1
https://notcve.org/view.php?id=CVE-2021-21123
25 Jan 2021 — Insufficient data validation in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. Una comprobación insuficiente de datos en File System API en Google Chrome versiones anteriores a 88.0.4324.96, permitió a un atacante remoto omitir las restricciones del sistema de archivos por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the ... • https://github.com/Puliczek/CVE-2021-21123-PoC-Google-Chrome • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-21130 – Debian Security Advisory 4846-1
https://notcve.org/view.php?id=CVE-2021-21130
25 Jan 2021 — Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. Una aplicación de políticas insuficientes en File System API en Google Chrome versiones anteriores a 88.0.4324.96, permitió a un atacante remoto omitir las restricciones del sistema de archivos por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result i... • https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-21129 – Debian Security Advisory 4846-1
https://notcve.org/view.php?id=CVE-2021-21129
25 Jan 2021 — Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. Una aplicación de políticas insuficientes en File System API en Google Chrome versiones anteriores a 88.0.4324.96, permitió a un atacante remoto omitir las restricciones del sistema de archivos por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result i... • https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-21133 – Debian Security Advisory 4846-1
https://notcve.org/view.php?id=CVE-2021-21133
25 Jan 2021 — Insufficient policy enforcement in Downloads in Google Chrome prior to 88.0.4324.96 allowed an attacker who convinced a user to download files to bypass navigation restrictions via a crafted HTML page. Una aplicación de políticas insuficientes en Downloads en Google Chrome versiones anteriores a 88.0.4324.96, permitió a un atacante que convenció a un usuario de descargar archivos para omitir las restricciones de navegación por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chr... • https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2021-21139 – Debian Security Advisory 4846-1
https://notcve.org/view.php?id=CVE-2021-21139
25 Jan 2021 — Inappropriate implementation in iframe sandbox in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Una implementación inapropiada en iframe sandbox en Google Chrome versiones anteriores a 88.0.4324.96, permitió a un atacante remoto omitir las restricciones de navegación por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution ... • https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-21119 – Debian Security Advisory 4846-1
https://notcve.org/view.php?id=CVE-2021-21119
25 Jan 2021 — Use after free in Media in Google Chrome prior to 88.0.4324.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en Media en Google Chrome versiones anteriores a 88.0.4324.96, permitía a un atacante remoto que había comprometido el proceso del renderizador explotar potencialmente una corrupción de la memoria por medio de una página HTML diseñada Multiple vulnerabilities have been found ... • https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-21135 – Debian Security Advisory 4846-1
https://notcve.org/view.php?id=CVE-2021-21135
25 Jan 2021 — Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Una implementación inapropiada en Performance API en Google Chrome versiones anteriores a 88.0.4324.96, permitió a un atacante remoto filtrar datos cross-origin por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions ... • https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html • CWE-346: Origin Validation Error •