CVSS: 9.6EPSS: 2%CPEs: 5EXPL: 0CVE-2021-21226 – Debian Security Advisory 4906-1
https://notcve.org/view.php?id=CVE-2021-21226
26 Apr 2021 — Use after free in navigation in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Un uso de la memoria previamente liberada en navigation en Google Chrome versiones anteriores a 90.0.4430.85, permitía a un atacante remoto que había comprometido el proceso del renderizador llevar a cabo potencialmente un escape del sandbox por medio de una página HTML diseñada Multiple vulnerabilities have be... • https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_20.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 72%CPEs: 5EXPL: 0CVE-2021-21224 – Google Chromium V8 Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2021-21224
26 Apr 2021 — Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Una confusión de tipos en V8 en Google Chrome versiones anteriores a 90.0.4430.85, permitía a un atacante remoto ejecutar código arbitrario dentro del sandbox por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 90... • https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_20.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-21222 – Debian Security Advisory 4906-1
https://notcve.org/view.php?id=CVE-2021-21222
26 Apr 2021 — Heap buffer overflow in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Un desbordamiento del búfer de la pila en V8 en Google Chrome versiones anteriores a 90.0.4430.85, permitió a un atacante remoto que había comprometido el proceso del renderizador evitar el aislamiento del sitio por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the wor... • https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_20.html • CWE-787: Out-of-bounds Write •
CVSS: 9.6EPSS: 1%CPEs: 5EXPL: 0CVE-2021-21223 – Debian Security Advisory 4906-1
https://notcve.org/view.php?id=CVE-2021-21223
26 Apr 2021 — Integer overflow in Mojo in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Un desbordamiento de enteros en Mojo en Google Chrome versiones anteriores a 90.0.4430.85, permitió a un atacante remoto que había comprometido el proceso del renderizador llevar a cabo potencialmente un escape del sandbox por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium an... • https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_20.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-21221 – Debian Security Advisory 4906-1
https://notcve.org/view.php?id=CVE-2021-21221
26 Apr 2021 — Insufficient validation of untrusted input in Mojo in Google Chrome prior to 90.0.4430.72 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Una comprobación insuficiente de una entrada no confiable en Mojo en Google Chrome versiones anteriores a 90.0.4430.72, permitió a un atacante remoto que había comprometido el proceso del renderizador filtrar datos de origen cruzado por medio de una página HTML diseñada Multiple vulnerabilities have bee... • https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_14.html • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-21219 – Debian Security Advisory 4906-1
https://notcve.org/view.php?id=CVE-2021-21219
26 Apr 2021 — Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file. Los datos no inicializados en PDFium en Google Chrome versiones anteriores a 90.0.4430.72, permitían a un atacante remoto obtener información potencialmente confidencial de la memoria del proceso por medio de un archivo PDF diseñado Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could ... • https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_14.html • CWE-252: Unchecked Return Value •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-21217 – Debian Security Advisory 4906-1
https://notcve.org/view.php?id=CVE-2021-21217
26 Apr 2021 — Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file. Los datos no inicializados en PDFium en Google Chrome versiones anteriores a 90.0.4430.72, permitían a un atacante remoto obtener información potencialmente confidencial de la memoria del proceso por medio de un archivo PDF diseñado Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could ... • https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_14.html • CWE-252: Unchecked Return Value •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-21218 – Debian Security Advisory 4906-1
https://notcve.org/view.php?id=CVE-2021-21218
26 Apr 2021 — Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file. Los datos no inicializados en PDFium en Google Chrome versiones anteriores a 90.0.4430.72, permitían a un atacante remoto obtener información potencialmente confidencial de la memoria del proceso por medio de un archivo PDF diseñado Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could ... • https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_14.html • CWE-908: Use of Uninitialized Resource •
CVSS: 6.5EPSS: 11%CPEs: 5EXPL: 0CVE-2021-21216 – Debian Security Advisory 4906-1
https://notcve.org/view.php?id=CVE-2021-21216
26 Apr 2021 — Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to spoof security UI via a crafted HTML page. Una implementación inapropiada en Autofill en Google Chrome versiones anteriores a 90.0.4430.72, permitió a un atacante remoto falsificar la Interfaz de Usuario de seguridad por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions... • https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_14.html • CWE-290: Authentication Bypass by Spoofing •
CVSS: 8.8EPSS: 1%CPEs: 5EXPL: 0CVE-2021-21214 – Debian Security Advisory 4906-1
https://notcve.org/view.php?id=CVE-2021-21214
26 Apr 2021 — Use after free in Network API in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. Un uso de la memoria previamente liberada en Network API en Google Chrome versiones anteriores a 90.0.4430.72, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una extensión de Chrome diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in th... • https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_14.html • CWE-416: Use After Free •