RSS   Vulnerabilities for 'Chrome'   RSS

2021-09-03
 
CVE-2021-30606

CWE-416
 

 
Use after free in Blink in Google Chrome prior to 93.0.4577.63 allowed an attacker who convinced a user to drag and drop a malicous folder to a page to potentially perform a sandbox escape via a crafted HTML page.

 
 
CVE-2021-30607

CWE-416
 

 
Use after free in Permissions in Google Chrome prior to 93.0.4577.63 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

 
 
CVE-2021-30608

CWE-416
 

 
Use after free in Web Share in Google Chrome prior to 93.0.4577.63 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

 
 
CVE-2021-30609

CWE-416
 

 
Use after free in Sign-In in Google Chrome prior to 93.0.4577.63 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

 
 
CVE-2021-30610

CWE-416
 

 
Use after free in Extensions API in Google Chrome prior to 93.0.4577.63 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

 
 
CVE-2021-30613

CWE-416
 

 
Use after free in Base internals in Google Chrome prior to 93.0.4577.63 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

 
 
CVE-2021-30614

CWE-787
 

 
Heap buffer overflow in TabStrip in Google Chrome prior to 93.0.4577.63 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.

 
 
CVE-2021-30615

CWE-668
 

 
Inappropriate implementation in Navigation in Google Chrome prior to 93.0.4577.63 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

 
 
CVE-2021-30616

CWE-416
 

 
Use after free in Media in Google Chrome prior to 93.0.4577.63 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

 
 
CVE-2021-30617

NVD-CWE-noinfo
 

 
Policy bypass in Blink in Google Chrome prior to 93.0.4577.63 allowed a remote attacker to bypass site isolation via a crafted HTML page.

 


Copyright 2021, cxsecurity.com

 

Back to Top