CVE-2021-36931 – Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-36931
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios en Microsoft Edge (basado en Chromium). Este ID de CVE es diferente de CVE-2021-36928. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36931 • CWE-269: Improper Privilege Management •
CVE-2021-36929 – Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-36929
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Una Vulnerabilidad de Divulgación de Información en Microsoft Edge (basado en Chromium). • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36929 •
CVE-2021-36928 – Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-36928
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios en Microsoft Edge (basado en Chromium). Este ID de CVE es diferente de CVE-2021-36931. This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Edge. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within Edge Installer. By creating a directory junction, an attacker can abuse Edge Installer to delete a file. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36928 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2021-33741 – Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-33741
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Una vulnerabilidad de Escalada de Privilegios en Microsoft Edge (basado en Chromium) • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33741 •
CVE-2021-21157
https://notcve.org/view.php?id=CVE-2021-21157
Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en Web Sockets en Google Chrome en Linux versiones anteriores a 88.0.4324.182, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada • https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_16.html https://crbug.com/1170657 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI6ZIJQYP5DFMYVX4J5OGOU2NQLEZ3SB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FE5SIKEVYTMDCC5OSXGOM2KRPYLHYMQX https://security.gentoo.org/glsa/202104-08 • CWE-416: Use After Free •