CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-37978 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-37978
02 Nov 2021 — Heap buffer overflow in Blink in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de la pila en Blink en Google Chrome versiones anteriores a 94.0.4606.81, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or info... • https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-37977 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-37977
02 Nov 2021 — Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Garbage Collection en Google Chrome versiones anteriores a 94.0.4606.81, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denia... • https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 6.5EPSS: 7%CPEs: 6EXPL: 0CVE-2021-37976 – Google Chromium Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-37976
08 Oct 2021 — Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Una implementación inapropiada en Memory en Google Chrome versiones anteriores a 94.0.4606.71, permitía a un atacante remoto conseguir información potencialmente confidencial de la memoria del proceso por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the ... • https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop_30.html • CWE-862: Missing Authorization •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-37974 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-37974
08 Oct 2021 — Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Safebrowsing en Google Chrome versiones anteriores a 94.0.4606.71, permitía a un atacante remoto que hubiera comprometido el proceso de renderización explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple security issues were d... • https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop_30.html • CWE-416: Use After Free •
CVSS: 9.6EPSS: 0%CPEs: 5EXPL: 0CVE-2021-37973 – Google Chromium Portals Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2021-37973
08 Oct 2021 — Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Un uso de memoria previamente liberada en Portals en Google Chrome versiones anteriores a 94.0.4606.61, permitía que un atacante remoto que hubiera comprometido el proceso de renderización pudiera llevar a cabo un escape del sandbox por medio de una página HTML diseñada Multiple security issues were discovered in ... • https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop_24.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 1CVE-2021-37972 – Gentoo Linux Security Advisory 202405-20
https://notcve.org/view.php?id=CVE-2021-37972
08 Oct 2021 — Out of bounds read in libjpeg-turbo in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una lectura fuera de límites en libjpeg-turbo en Google Chrome versiones anteriores a 94.0.4606.54, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been discovered in libjpeg-turbo, the worst of which could lead to arbitrary code execution. Versio... • https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop_21.html • CWE-125: Out-of-bounds Read •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 1CVE-2021-37971 – Gentoo Linux Security Advisory 202405-20
https://notcve.org/view.php?id=CVE-2021-37971
08 Oct 2021 — Incorrect security UI in Web Browser UI in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. Una Interfaz de Usuario de seguridad incorrecta en Web Browser UI de Google Chrome anterior a la versión 94.0.4606.54, permitía a un atacante remoto falsificar el contenido de la Omnibox (barra de URL) por medio de una página HTML diseñada Multiple vulnerabilities have been discovered in libjpeg-turbo, the worst of which could lead t... • https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop_21.html • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 1CVE-2021-37970 – Gentoo Linux Security Advisory 202405-20
https://notcve.org/view.php?id=CVE-2021-37970
08 Oct 2021 — Use after free in File System API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en File System API de Google Chrome anterior a la versión 94.0.4606.54, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been discovered in libjpeg-turbo, the worst of which could lead to arbitrary code executio... • https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop_21.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-37969 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-37969
08 Oct 2021 — Inappropriate implementation in Google Updater in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to perform local privilege escalation via a crafted file. Una implementación inapropiada en Google Updater en Google Chrome en Windows versiones anteriores a 94.0.4606.54, permitía a un atacante remoto llevar a cabo una escalada de privilegios local por medio de un archivo diseñado Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary cod... • https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop_21.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2021-37968 – Gentoo Linux Security Advisory 202405-20
https://notcve.org/view.php?id=CVE-2021-37968
08 Oct 2021 — Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Una implementación inapropiada en Background Fetch API en Google Chrome anterior a la versión 94.0.4606.54, permitía a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada Multiple vulnerabilities have been discovered in libjpeg-turbo, the worst of which could lead to arbitrary code execution. Versions gre... • https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop_21.html • CWE-203: Observable Discrepancy •