CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-21122 – Debian Security Advisory 4846-1
https://notcve.org/view.php?id=CVE-2021-21122
25 Jan 2021 — Use after free in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en Blink en Google Chrome versiones anteriores a 88.0.4324.96, permitía a un atacante remoto explotar una corrupción de la memoria por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions... • https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html • CWE-416: Use After Free •
CVSS: 9.6EPSS: 0%CPEs: 2EXPL: 0CVE-2021-21124 – Debian Security Advisory 4846-1
https://notcve.org/view.php?id=CVE-2021-21124
25 Jan 2021 — Potential user after free in Speech Recognizer in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Un potencial uso de la memoria previamente liberada en Speech Recognizer en Google Chrome en Android versiones anteriores a 88.0.4324.96, permitió a un atacante remoto llevar a cabo potencialmente un escape del sandbox por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chr... • https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2021-21127 – Debian Security Advisory 4846-1
https://notcve.org/view.php?id=CVE-2021-21127
25 Jan 2021 — Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass content security policy via a crafted Chrome Extension. Una aplicación de políticas insuficientes en extensions de Google Chrome versiones anteriores a 88.0.4324.96, permitió a un atacante remoto omitir la política de seguridad de contenido por medio de una Extension de Chrome diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result ... • https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html •
CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 1CVE-2021-21128 – Debian Security Advisory 4846-1
https://notcve.org/view.php?id=CVE-2021-21128
25 Jan 2021 — Heap buffer overflow in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de pila en Blink en Google Chrome versiones anteriores a 88.0.4324.96, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of cod... • https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-21129 – Debian Security Advisory 4846-1
https://notcve.org/view.php?id=CVE-2021-21129
25 Jan 2021 — Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. Una aplicación de políticas insuficientes en File System API en Google Chrome versiones anteriores a 88.0.4324.96, permitió a un atacante remoto omitir las restricciones del sistema de archivos por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result i... • https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-21134 – Debian Security Advisory 4846-1
https://notcve.org/view.php?id=CVE-2021-21134
25 Jan 2021 — Incorrect security UI in Page Info in Google Chrome on iOS prior to 88.0.4324.96 allowed a remote attacker to spoof security UI via a crafted HTML page. La Interfaz de Usuario de seguridad incorrecta en Page Info en Google Chrome en iOS versiones anteriores a 88.0.4324.96, permitió a un atacante remoto falsificar la Interfaz de Usuario de seguridad por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary ex... • https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html • CWE-290: Authentication Bypass by Spoofing •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-21118 – Debian Security Advisory 4846-1
https://notcve.org/view.php?id=CVE-2021-21118
25 Jan 2021 — Insufficient data validation in V8 in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Una comprobación insuficiente de datos en V8 en Google Chrome versiones anteriores a 88.0.4324.96, permitió a un atacante remoto llevar a cabo potencialmente un acceso a la memoria fuera de límites por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could res... • https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-21120 – Debian Security Advisory 4846-1
https://notcve.org/view.php?id=CVE-2021-21120
25 Jan 2021 — Use after free in WebSQL in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en WebSQL en Google Chrome versiones anteriores a 88.0.4324.96, permitía a un atacante remoto explotar potencialmente una corrupción de la memoria por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution ... • https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html • CWE-416: Use After Free •
CVSS: 9.6EPSS: 0%CPEs: 2EXPL: 0CVE-2021-21121 – Debian Security Advisory 4846-1
https://notcve.org/view.php?id=CVE-2021-21121
25 Jan 2021 — Use after free in Omnibox in Google Chrome on Linux prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Un uso de la memoria previamente liberada en Omnibox en Google Chrome en Linux versiones anteriores a 88.0.4324.96, permitía a un atacante remoto llevar a cabo potencialmente un escape del sandbox por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the a... • https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-21141 – Debian Security Advisory 4846-1
https://notcve.org/view.php?id=CVE-2021-21141
25 Jan 2021 — Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass file extension policy via a crafted HTML page. Una aplicación insuficiente de la política en File System API en Google Chrome versiones anteriores a 88.0.4324.96, permitió a un atacante remoto omitir la política de extensión de archivos por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the ... • https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •