CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2021-21195
https://notcve.org/view.php?id=CVE-2021-21195
Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en V8 en Google Chrome versiones anteriores a 89.0.4389.114, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada • https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop_30.html https://crbug.com/1182647 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EAJ42L4JFPBJATCZ7MOZQTUDGV4OEHHG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U3GZ42MYPGD35V652ZPVPYYS7A7LVXVY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUZBGKGVZADNA3I24NVG7HAYYUTOSN5A https://security.gentoo.org/glsa/202104-08 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 1CVE-2021-21193 – Google Chromium Blink Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2021-21193
Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en Blink en Google Chrome versiones anteriores a 89.0.4389.90, permitía a un atacante remoto explotar la corrupción de la pila por medio de una página HTML diseñada Google Chromium Blink contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. • https://github.com/mehrzad1994/CVE-2021-21193 https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop_12.html https://crbug.com/1186287 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N52OWF4BAP3JNK2QYGU3Q6QUVDZDCIMQ https://security.gentoo.org/glsa/202104-08 https://www.debian.org/security/2021/dsa-4886 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2021-21192
https://notcve.org/view.php?id=CVE-2021-21192
Heap buffer overflow in tab groups in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. El desbordamiento del búfer de la pila en tab groups en Google Chrome versiones anteriores a 89.0.4389.90, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada • https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop_12.html https://crbug.com/1181387 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N52OWF4BAP3JNK2QYGU3Q6QUVDZDCIMQ https://security.gentoo.org/glsa/202104-08 https://www.debian.org/security/2021/dsa-4886 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2021-21191
https://notcve.org/view.php?id=CVE-2021-21191
Use after free in WebRTC in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en WebRTC en Google Chrome versiones anteriores a 89.0.4389.90, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada • https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop_12.html https://crbug.com/1167357 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N52OWF4BAP3JNK2QYGU3Q6QUVDZDCIMQ https://security.gentoo.org/glsa/202104-08 https://www.debian.org/security/2021/dsa-4886 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 1CVE-2021-21190
https://notcve.org/view.php?id=CVE-2021-21190
Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file. Datos no inicializados en PDFium en Google Chrome versiones anteriores a 89.0.4389.72, permitió a un atacante remoto obtener información potencialmente confidencial desde la memoria del proceso por medio de un archivo PDF diseñado • https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop.html https://crbug.com/1166091 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BBT54RKAE5XLMWSHLVUKJ7T2XHHYMXLH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FE5SIKEVYTMDCC5OSXGOM2KRPYLHYMQX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LCIDZ77XUDMB2EBPPWCQXPEIJERDNSNT https://www.debian.org/security/2021/dsa-4886 • CWE-908: Use of Uninitialized Resource •