Filtered by vendor Google Subscriptions
Filtered by product Chrome Subscriptions
Total 3500 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-21175 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-08-03 6.5 Medium
Inappropriate implementation in Site isolation in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2021-21138 1 Google 1 Chrome 2024-08-03 8.6 High
Use after free in DevTools in Google Chrome prior to 88.0.4324.96 allowed a local attacker to potentially perform a sandbox escape via a crafted file.
CVE-2021-21170 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-08-03 6.5 Medium
Incorrect security UI in Loader in Google Chrome prior to 89.0.4389.72 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2021-21118 2 Google, Microsoft 2 Chrome, Edge Chromium 2024-08-03 8.8 High
Insufficient data validation in V8 in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
CVE-2021-21159 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-08-03 8.8 High
Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21129 2 Google, Microsoft 2 Chrome, Edge Chromium 2024-08-03 6.5 Medium
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
CVE-2021-21154 2 Fedoraproject, Google 2 Fedora, Chrome 2024-08-03 9.6 Critical
Heap buffer overflow in Tab Strip in Google Chrome prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2021-21130 2 Google, Microsoft 2 Chrome, Edge Chromium 2024-08-03 6.5 Medium
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
CVE-2021-21119 2 Google, Microsoft 2 Chrome, Edge Chromium 2024-08-03 8.8 High
Use after free in Media in Google Chrome prior to 88.0.4324.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21156 2 Fedoraproject, Google 2 Fedora, Chrome 2024-08-03 8.8 High
Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted script.
CVE-2021-21174 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-08-03 8.8 High
Inappropriate implementation in Referrer in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
CVE-2021-21152 3 Fedoraproject, Google, Linux 3 Fedora, Chrome, Linux Kernel 2024-08-03 8.8 High
Heap buffer overflow in Media in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21151 2 Fedoraproject, Google 2 Fedora, Chrome 2024-08-03 9.6 Critical
Use after free in Payments in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
CVE-2021-21177 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-08-03 6.5 Medium
Insufficient policy enforcement in Autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
CVE-2021-21171 3 Debian, Fedoraproject, Google 4 Debian Linux, Fedora, Android and 1 more 2024-08-03 6.5 Medium
Incorrect security UI in TabStrip and Navigation in Google Chrome on Android prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2021-21147 2 Fedoraproject, Google 2 Fedora, Chrome 2024-08-03 4.3 Medium
Inappropriate implementation in Skia in Google Chrome prior to 88.0.4324.146 allowed a local attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2021-21136 2 Google, Microsoft 3 Android, Chrome, Edge Chromium 2024-08-03 6.5 Medium
Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2021-21135 2 Google, Microsoft 2 Chrome, Edge Chromium 2024-08-03 6.5 Medium
Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2021-21139 2 Google, Microsoft 2 Chrome, Edge Chromium 2024-08-03 6.5 Medium
Inappropriate implementation in iframe sandbox in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
CVE-2021-21167 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-08-03 8.8 High
Use after free in bookmarks in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.