CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2021-38641 – Microsoft Edge for Android Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2021-38641
02 Sep 2021 — Microsoft Edge for Android Spoofing Vulnerability Una vulnerabilidad de Suplantación de Identidad de Microsoft Edge de Android • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38641 •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-36930 – Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-36930
02 Sep 2021 — Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios de Microsoft Edge (basada en Chromium) Este ID de CVE es diferente de CVE-2021-26436 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36930 • CWE-269: Improper Privilege Management •
CVSS: 5.9EPSS: 38%CPEs: 2EXPL: 0CVE-2021-26439 – Microsoft Edge for Android Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-26439
02 Sep 2021 — Microsoft Edge for Android Information Disclosure Vulnerability Una vulnerabilidad de Divulgación de Información de Microsoft Edge para Android • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26439 •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-26436 – Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-26436
02 Sep 2021 — Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Una vulnerabilidad de elevación de privilegios de Microsoft Edge (basada en Chromium) Este ID de CVE es diferente de CVE-2021-36930 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26436 •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2021-27338
https://notcve.org/view.php?id=CVE-2021-27338
20 Jul 2021 — Faraday Edge before 3.7 allows XSS via the network/create/ page and its network name parameter. Faraday Edge versiones anteriores a 3.7, permite un ataque de tipo XSS por medio de la página network/create/ y su parámetro network name • https://github.com/Pho03niX/CVE-2021-27338 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 1CVE-2021-21157 – Debian Security Advisory 4858-1
https://notcve.org/view.php?id=CVE-2021-21157
22 Feb 2021 — Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en Web Sockets en Google Chrome en Linux versiones anteriores a 88.0.4324.182, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result ... • https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_16.html • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-21141 – Debian Security Advisory 4846-1
https://notcve.org/view.php?id=CVE-2021-21141
25 Jan 2021 — Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass file extension policy via a crafted HTML page. Una aplicación insuficiente de la política en File System API en Google Chrome versiones anteriores a 88.0.4324.96, permitió a un atacante remoto omitir la política de extensión de archivos por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the ... • https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-21140 – Debian Security Advisory 4846-1
https://notcve.org/view.php?id=CVE-2021-21140
25 Jan 2021 — Uninitialized use in USB in Google Chrome prior to 88.0.4324.96 allowed a local attacker to potentially perform out of bounds memory access via via a USB device. Un uso no inicializado en USB en Google Chrome versiones anteriores a 88.0.4324.96, permitió a un atacante local llevar a cabo potencialmente un acceso a la memoria fuera de límites por medio de un dispositivo USB Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of co... • https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 94%CPEs: 11EXPL: 2CVE-2020-16009 – Google Chromium V8 Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2020-16009
03 Nov 2020 — Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una implementación inapropiada en V8 en Google Chrome anterior a versión 86.0.4240.183, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 86.0.4240.183. Issues addressed include b... • https://packetstorm.news/files/id/159974 • CWE-787: Out-of-bounds Write CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •