CVE-2021-21221
- EPSS 1.57%
- Veröffentlicht 26.04.2021 17:15:08
- Zuletzt bearbeitet 21.11.2024 05:47:48
Insufficient validation of untrusted input in Mojo in Google Chrome prior to 90.0.4430.72 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.
CVE-2021-21222
- EPSS 1.76%
- Veröffentlicht 26.04.2021 17:15:08
- Zuletzt bearbeitet 21.11.2024 05:47:48
Heap buffer overflow in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.
CVE-2021-21223
- EPSS 1.44%
- Veröffentlicht 26.04.2021 17:15:08
- Zuletzt bearbeitet 21.11.2024 05:47:48
Integer overflow in Mojo in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2021-21224
- EPSS 57.74%
- Veröffentlicht 26.04.2021 17:15:08
- Zuletzt bearbeitet 24.10.2025 21:08:03
Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
CVE-2021-21225
- EPSS 6.63%
- Veröffentlicht 26.04.2021 17:15:08
- Zuletzt bearbeitet 21.11.2024 05:47:48
Out of bounds memory access in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21226
- EPSS 1.35%
- Veröffentlicht 26.04.2021 17:15:08
- Zuletzt bearbeitet 21.11.2024 05:47:48
Use after free in navigation in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2021-3472
- EPSS 1.05%
- Veröffentlicht 26.04.2021 15:15:07
- Zuletzt bearbeitet 21.11.2024 06:21:37
A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as s...
CVE-2020-15078
- EPSS 5.11%
- Veröffentlicht 26.04.2021 14:15:08
- Zuletzt bearbeitet 21.11.2024 05:04:45
OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks.
CVE-2021-31598
- EPSS 1.35%
- Veröffentlicht 24.04.2021 17:15:07
- Zuletzt bearbeitet 21.11.2024 06:05:58
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_decode() performs incorrect memory handling while parsing crafted XML files, leading to a heap-based buffer overflow.
CVE-2021-22204
- EPSS 99.98%
- Veröffentlicht 23.04.2021 18:15:08
- Zuletzt bearbeitet 03.11.2025 18:58:34
Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image