CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 1CVE-2021-38010 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-38010
16 Dec 2021 — Inappropriate implementation in service workers in Google Chrome prior to 96.0.4664.45 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Una implementación inapropiada en service workers en Google Chrome versiones anteriores a 96.0.4664.45, permitía a un atacante remoto que hubiera comprometido el proceso de renderización omitir el aislamiento del sitio por medio de una página HTML diseñada Multiple security issues were discovered in Chromiu... • https://packetstorm.news/files/id/165332 •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1CVE-2021-38006 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-38006
16 Dec 2021 — Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en storage foundation en Google Chrome versiones anteriores a 96.0.4664.45, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, deni... • https://packetstorm.news/files/id/165330 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1CVE-2021-38005 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-38005
16 Dec 2021 — Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en loader en Google Chrome versiones anteriores a 96.0.4664.45, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or informa... • https://packetstorm.news/files/id/165331 • CWE-416: Use After Free •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-38004 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-38004
23 Nov 2021 — Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Una aplicación insuficiente de políticas en Autofill en Google Chrome versiones anteriores a 95.0.4638.69, permitía a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information dis... • https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 9.6EPSS: 9%CPEs: 4EXPL: 1CVE-2021-38003 – Google Chromium V8 Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2021-38003
23 Nov 2021 — Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una implementación inapropiada de V8 en Google Chrome versiones anteriores a 95.0.4638.69, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or informatio... • https://github.com/SpiralBL0CK/Chrome-V8-RCE-CVE-2021-38003 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 9.6EPSS: 0%CPEs: 4EXPL: 0CVE-2021-38002 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-38002
23 Nov 2021 — Use after free in Web Transport in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Un uso de memoria previamente liberada en Web Transport en Google Chrome versiones anteriores a 95.0.4638.69, permitía a un atacante remoto llevar a cabo un escape de sandbox por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or informa... • https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 3CVE-2021-38001 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-38001
23 Nov 2021 — Type confusion in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una confusión de tipos en V8 en Google Chrome versiones anteriores a 95.0.4638.69, permitía a un atacante remoto explotar potencialmente una corrupción de pila por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. • https://github.com/Peterpan0927/TFC-Chrome-v8-bug-CVE-2021-38001-poc • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.6EPSS: 3%CPEs: 5EXPL: 0CVE-2021-38000 – Google Chromium Intents Improper Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2021-38000
23 Nov 2021 — Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69 allowed a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page. La comprobación insuficiente de entradas no confiables en Intents en Google Chrome en Android versiones anteriores a 95.0.4638.69, permitía a un atacante remoto navegar arbitrariamente a una URL maliciosa por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result... • https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 1CVE-2021-37999 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-37999
23 Nov 2021 — Insufficient data validation in New Tab Page in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to inject arbitrary scripts or HTML in a new browser tab via a crafted HTML page. Una comprobación insuficiente de datos en New Tab Page en Google Chrome versiones anteriores a 95.0.4638.69, permitía a un atacante remoto inyectar scripts o HTML arbitrarios en una nueva pestaña del navegador por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result... • https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-37998 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-37998
23 Nov 2021 — Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Garbage Collection en Google Chrome versiones anteriores a 95.0.4638.69, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denia... • https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html • CWE-416: Use After Free •