CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2021-38020 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-38020
14 Dec 2021 — Insufficient policy enforcement in contacts picker in Google Chrome on Android prior to 96.0.4664.45 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. Una aplicación insuficiente de políticas en contacts picker en Google Chrome en Android versiones anteriores a 96.0.4664.45, permitía a un atacante remoto falsificar el contenido de la Omnibox (barra de URL) por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could r... • https://chromereleases.googleblog.com/2021/11/stable-channel-update-for-desktop.html •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-38016 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-38016
14 Dec 2021 — Insufficient policy enforcement in background fetch in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Una aplicación insuficiente de la política en background fetch en Google Chrome versiones anteriores a 96.0.4664.45, permitía a un atacante remoto omitir la política del mismo origen por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of s... • https://chromereleases.googleblog.com/2021/11/stable-channel-update-for-desktop.html • CWE-863: Incorrect Authorization •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-38021 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-38021
14 Dec 2021 — Inappropriate implementation in referrer in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Una implementación inapropiada en referrer en Google Chrome versiones anteriores a 96.0.4664.45, permitía a un atacante remoto omitir las restricciones de navegación por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information d... • https://chromereleases.googleblog.com/2021/11/stable-channel-update-for-desktop.html •
CVSS: 8.8EPSS: 2%CPEs: 4EXPL: 0CVE-2021-4062 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2021-4062
14 Dec 2021 — Heap buffer overflow in BFCache in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de la pila en BFCache en Google Chrome versiones anteriores a 96.0.4664.93, permitía a un atacante remoto que hubiera comprometido el proceso de renderización explotar potencialmente la corrupción de montón por medio de una página HTML diseñada Multiple vulnerabilities have been fo... • https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2021-38014 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-38014
14 Dec 2021 — Out of bounds write in Swiftshader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una escritura fuera de límites en Swiftshader en Google Chrome versiones anteriores a 96.0.4664.45, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or ... • https://chromereleases.googleblog.com/2021/11/stable-channel-update-for-desktop.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2021-4056 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2021-4056
14 Dec 2021 — Type confusion in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una confusión de tipo en loader en Google Chrome versiones anteriores a 96.0.4664.93, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less than 5.1... • https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-38011 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-38011
14 Dec 2021 — Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en storage foundation en Google Chrome versiones anteriores a 96.0.4664.45, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, deni... • https://chromereleases.googleblog.com/2021/11/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 1CVE-2021-38006 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-38006
14 Dec 2021 — Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en storage foundation en Google Chrome versiones anteriores a 96.0.4664.45, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, deni... • https://packetstorm.news/files/id/165330 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 1%CPEs: 4EXPL: 0CVE-2021-4059 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2021-4059
14 Dec 2021 — Insufficient data validation in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Una comprobación insuficiente de datos en loader en Google Chrome versiones anteriores a 96.0.4664.93, permitía a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less than 5.1... • https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2021-4066 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2021-4066
14 Dec 2021 — Integer underflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento de enteros en ANGLE en Google Chrome versiones anteriores a 96.0.4664.93, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less ... • https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html • CWE-191: Integer Underflow (Wrap or Wraparound) •