Microsoft

Edge Chromium

211 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2021-21127

Exploit
  • EPSS 1.17%
  • Published 09.02.2021 14:15:16
  • Last modified 21.11.2024 05:47:37

Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass content security policy via a crafted Chrome Extension.

8.8

CVE-2021-21128

Exploit
  • EPSS 4.94%
  • Published 09.02.2021 14:15:16
  • Last modified 21.11.2024 05:47:37

Heap buffer overflow in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.5

CVE-2021-21129

  • EPSS 1.99%
  • Published 09.02.2021 14:15:16
  • Last modified 21.11.2024 05:47:37

Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.

6.5

CVE-2021-21130

  • EPSS 1.99%
  • Published 09.02.2021 14:15:16
  • Last modified 21.11.2024 05:47:37

Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.

6.5

CVE-2021-21131

  • EPSS 0.47%
  • Published 09.02.2021 14:15:16
  • Last modified 21.11.2024 05:47:37

Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.

9.6

CVE-2021-21132

  • EPSS 15.76%
  • Published 09.02.2021 14:15:16
  • Last modified 21.11.2024 05:47:37

Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension.

6.5

CVE-2021-21133

  • EPSS 3.99%
  • Published 09.02.2021 14:15:16
  • Last modified 21.11.2024 05:47:37

Insufficient policy enforcement in Downloads in Google Chrome prior to 88.0.4324.96 allowed an attacker who convinced a user to download files to bypass navigation restrictions via a crafted HTML page.

6.5

CVE-2021-21134

  • EPSS 15.33%
  • Published 09.02.2021 14:15:16
  • Last modified 21.11.2024 05:47:38

Incorrect security UI in Page Info in Google Chrome on iOS prior to 88.0.4324.96 allowed a remote attacker to spoof security UI via a crafted HTML page.

6.5

CVE-2021-21135

  • EPSS 24.93%
  • Published 09.02.2021 14:15:16
  • Last modified 21.11.2024 05:47:38

Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

6.5

CVE-2021-21136

  • EPSS 9.29%
  • Published 09.02.2021 14:15:16
  • Last modified 21.11.2024 05:47:38

Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page.