CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-37997 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-37997
23 Nov 2021 — Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allowed a remote attacker who convinced a user to sign into Chrome to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Sign-In en Google Chrome versiones anteriores a 95.0.4638.69, permitía a un atacante remoto que convenciera a un usuario de iniciar sesión en Chrome explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple security issues were discover... • https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html • CWE-416: Use After Free •
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 1CVE-2020-6492
https://notcve.org/view.php?id=CVE-2020-6492
02 Nov 2021 — Use after free in ANGLE in Google Chrome prior to 83.0.4103.97 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Un uso de memoria previamente liberada en ANGLE en Google Chrome versiones anteriores a 83.0.4103.97, permitía a un atacante remoto llevar a cabo potencialmente un escape de sandbox por medio de una página HTML diseñada • https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-37996 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-37996
02 Nov 2021 — Insufficient validation of untrusted input Downloads in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a malicious file. Una comprobación insuficiente de entradas no confiables en Downloads en Google Chrome versiones anteriores a 95.0.4638.54, permitían a un atacante remoto omitir las restricciones de navegación por medio de un archivo malicioso Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, de... • https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-37995 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-37995
02 Nov 2021 — Inappropriate implementation in WebApp Installer in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially overlay and spoof the contents of the Omnibox (URL bar) via a crafted HTML page. Una implementación inapropiada en WebApp Installer en Google Chrome versiones anteriores a 95.0.4638.54, permitía a un atacante remoto superponer y falsificar el contenido de la Omnibox (barra de URL) por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which cou... • https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-37994 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-37994
02 Nov 2021 — Inappropriate implementation in iFrame Sandbox in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Una implementación inapropiada en iFrame Sandbox en Google Chrome versiones anteriores a 95.0.4638.54, permitía a un atacante remoto omitir las restricciones de navegación por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or i... • https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-37993 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-37993
02 Nov 2021 — Use after free in PDF Accessibility in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en PDF Accessibility en Google Chrome versiones anteriores a 95.0.4638.54, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial ... • https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-37992 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-37992
02 Nov 2021 — Out of bounds read in WebAudio in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una lectura fuera de límites en WebAudio en Google Chrome versiones anteriores a 95.0.4638.54, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or informatio... • https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-37991 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-37991
02 Nov 2021 — Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Race en V8 en Google Chrome versiones anteriores a 95.0.4638.54, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. • https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-37990 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-37990
02 Nov 2021 — Inappropriate implementation in WebView in Google Chrome on Android prior to 95.0.4638.54 allowed a remote attacker to leak cross-origin data via a crafted app. Una implementación inapropiada de WebView en Google Chrome en Android versiones anteriores a 95.0.4638.54, permitía a un atacante remoto filtrar datos de origen cruzado por medio de una aplicación diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information dis... • https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-37989 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-37989
02 Nov 2021 — Inappropriate implementation in Blink in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to abuse content security policy via a crafted HTML page. Una implementación inapropiada en Blink en Google Chrome versiones anteriores a 95.0.4638.54, permitía a un atacante remoto abusar de la política de seguridad de contenidos por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or informatio... • https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html •