CVE-2021-4055 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2021-4055
23 Dec 2021 — Heap buffer overflow in extensions in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Un desbordamiento del búfer de la pila en extensions en Google Chrome versiones anteriores a 96.0.4664.93, permitía a un atacante que convenciera a un usuario de instalar una extensión maliciosa aprovechar una corrupción de la pila por medio de una extensión de Chrome diseñada Multiple vulner... • https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html • CWE-787: Out-of-bounds Write •
CVE-2021-4054 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2021-4054
23 Dec 2021 — Incorrect security UI in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to perform domain spoofing via a crafted HTML page. Una Interfaz de seguridad incorrecta en autofill en Google Chrome versiones anteriores a 96.0.4664.93, permitía a un atacante remoto llevar a cabo una suplantación de dominio por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less th... • https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html •
CVE-2021-4053 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2021-4053
23 Dec 2021 — Use after free in UI in Google Chrome on Linux prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en UI en Google Chrome en Linux versiones anteriores a 96.0.4664.93, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execut... • https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVE-2021-4052 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2021-4052
23 Dec 2021 — Use after free in web apps in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Un uso de memoria previamente liberada en web apps en Google Chrome versiones anteriores a 96.0.4664.93,, permitía a un atacante que convenciera a un usuario de instalar una extensión maliciosa explotar potencialmente una corrupción de la pila por medio de una extensión de Chrome diseñada Multiple vu... • https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVE-2021-38022 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-38022
23 Dec 2021 — Inappropriate implementation in WebAuthentication in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Una implementación inapropiada en WebAuthentication en Google Chrome versiones anteriores a 96.0.4664.45, permitía a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or informatio... • https://chromereleases.googleblog.com/2021/11/stable-channel-update-for-desktop.html •
CVE-2021-38021 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-38021
23 Dec 2021 — Inappropriate implementation in referrer in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Una implementación inapropiada en referrer en Google Chrome versiones anteriores a 96.0.4664.45, permitía a un atacante remoto omitir las restricciones de navegación por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information d... • https://chromereleases.googleblog.com/2021/11/stable-channel-update-for-desktop.html •
CVE-2021-38020 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-38020
23 Dec 2021 — Insufficient policy enforcement in contacts picker in Google Chrome on Android prior to 96.0.4664.45 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. Una aplicación insuficiente de políticas en contacts picker en Google Chrome en Android versiones anteriores a 96.0.4664.45, permitía a un atacante remoto falsificar el contenido de la Omnibox (barra de URL) por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could r... • https://chromereleases.googleblog.com/2021/11/stable-channel-update-for-desktop.html •
CVE-2021-38019 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-38019
23 Dec 2021 — Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Una aplicación insuficiente de políticas en CORS en Google Chrome versiones anteriores a 96.0.4664.45, permitía a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. • https://chromereleases.googleblog.com/2021/11/stable-channel-update-for-desktop.html • CWE-670: Always-Incorrect Control Flow Implementation •
CVE-2021-38018 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-38018
23 Dec 2021 — Inappropriate implementation in navigation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to perform domain spoofing via a crafted HTML page. Una implementación inapropiada en navigation en Google Chrome versiones anteriores a 96.0.4664.45, permitía a un atacante remoto llevar a cabo una suplantación de dominio por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information d... • https://chromereleases.googleblog.com/2021/11/stable-channel-update-for-desktop.html •
CVE-2021-38017 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-38017
23 Dec 2021 — Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Una aplicación inapropiada de políticas en iframe sandbox en Google Chrome versiones anteriores a 96.0.4664.45, permitía a un atacante remoto omitir las restricciones de navegación por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of ... • https://chromereleases.googleblog.com/2021/11/stable-channel-update-for-desktop.html • CWE-863: Incorrect Authorization •