CVSS: 9.6EPSS: 0%CPEs: 4EXPL: 1CVE-2021-21155
https://notcve.org/view.php?id=CVE-2021-21155
Heap buffer overflow in Tab Strip in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. • https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_16.html https://crbug.com/1175500 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI6ZIJQYP5DFMYVX4J5OGOU2NQLEZ3SB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FE5SIKEVYTMDCC5OSXGOM2KRPYLHYMQX https://security.gentoo.org/glsa/202104-08 • CWE-787: Out-of-bounds Write •
CVSS: 9.6EPSS: 0%CPEs: 3EXPL: 1CVE-2021-21154
https://notcve.org/view.php?id=CVE-2021-21154
Heap buffer overflow in Tab Strip in Google Chrome prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. • https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_16.html https://crbug.com/1173269 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI6ZIJQYP5DFMYVX4J5OGOU2NQLEZ3SB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FE5SIKEVYTMDCC5OSXGOM2KRPYLHYMQX https://security.gentoo.org/glsa/202104-08 • CWE-787: Out-of-bounds Write •
CVSS: 9.6EPSS: 0%CPEs: 4EXPL: 1CVE-2021-21150
https://notcve.org/view.php?id=CVE-2021-21150
Use after free in Downloads in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. • https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_16.html https://crbug.com/1172192 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI6ZIJQYP5DFMYVX4J5OGOU2NQLEZ3SB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FE5SIKEVYTMDCC5OSXGOM2KRPYLHYMQX https://security.gentoo.org/glsa/202104-08 • CWE-416: Use After Free •
CVSS: 9.6EPSS: 0%CPEs: 3EXPL: 1CVE-2021-21151
https://notcve.org/view.php?id=CVE-2021-21151
Use after free in Payments in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. • https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_16.html https://crbug.com/1165624 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI6ZIJQYP5DFMYVX4J5OGOU2NQLEZ3SB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FE5SIKEVYTMDCC5OSXGOM2KRPYLHYMQX https://security.gentoo.org/glsa/202104-08 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-26119
https://notcve.org/view.php?id=CVE-2021-26119
Smarty before 3.1.39 allows a Sandbox Escape because $smarty.template_object can be accessed in sandbox mode. • https://github.com/smarty-php/smarty/blob/master/CHANGELOG.md https://lists.debian.org/debian-lts-announce/2021/04/msg00004.html https://lists.debian.org/debian-lts-announce/2021/04/msg00014.html https://security.gentoo.org/glsa/202105-06 https://www.debian.org/security/2022/dsa-5151 •