CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-4068 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2021-4068
23 Dec 2021 — Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Una comprobación insuficiente de datos en new tab page en Google Chrome versiones anteriores a 96.0.4664.93, permitía a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions l... • https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html • CWE-116: Improper Encoding or Escaping of Output •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2021-4067 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2021-4067
23 Dec 2021 — Use after free in window manager in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Windows manager en Google Chrome versiones anteriores a 96.0.4664.93, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in... • https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2021-4066 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2021-4066
23 Dec 2021 — Integer underflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento de enteros en ANGLE en Google Chrome versiones anteriores a 96.0.4664.93, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less ... • https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-4065 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2021-4065
23 Dec 2021 — Use after free in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en autofill en Google Chrome versiones anteriores a 96.0.4664.93, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. V... • https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2021-4064 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2021-4064
23 Dec 2021 — Use after free in screen capture in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en screen capture en Google Chrome en ChromeOS versiones anteriores a 96.0.4664.93, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which coul... • https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2021-4063 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2021-4063
23 Dec 2021 — Use after free in developer tools in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en developer tools en Google Chrome versiones anteriores a 96.0.4664.93, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote cod... • https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2021-4062 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2021-4062
23 Dec 2021 — Heap buffer overflow in BFCache in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de la pila en BFCache en Google Chrome versiones anteriores a 96.0.4664.93, permitía a un atacante remoto que hubiera comprometido el proceso de renderización explotar potencialmente la corrupción de montón por medio de una página HTML diseñada Multiple vulnerabilities have been fo... • https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2021-4061 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2021-4061
23 Dec 2021 — Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una confusión de tipo en V8 en Google Chrome versiones anteriores a 96.0.4664.93, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less than 5.15.5_p202... • https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-4059 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2021-4059
23 Dec 2021 — Insufficient data validation in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Una comprobación insuficiente de datos en loader en Google Chrome versiones anteriores a 96.0.4664.93, permitía a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less than 5.1... • https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2021-4058 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2021-4058
23 Dec 2021 — Heap buffer overflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de la pila en ANGLE en Google Chrome versiones anteriores a 96.0.4664.93, permitía a un atacante remoto aprovechar una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less ... • https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html • CWE-787: Out-of-bounds Write •