CVE-2021-21128
- EPSS 6.51%
- Veröffentlicht 09.02.2021 14:15:16
- Zuletzt bearbeitet 21.11.2024 05:47:37
Heap buffer overflow in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21129
- EPSS 5.44%
- Veröffentlicht 09.02.2021 14:15:16
- Zuletzt bearbeitet 21.11.2024 05:47:37
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
CVE-2021-21130
- EPSS 5.44%
- Veröffentlicht 09.02.2021 14:15:16
- Zuletzt bearbeitet 21.11.2024 05:47:37
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
CVE-2021-21131
- EPSS 7.95%
- Veröffentlicht 09.02.2021 14:15:16
- Zuletzt bearbeitet 21.11.2024 05:47:37
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
CVE-2021-21132
- EPSS 23.41%
- Veröffentlicht 09.02.2021 14:15:16
- Zuletzt bearbeitet 21.11.2024 05:47:37
Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension.
CVE-2021-21133
- EPSS 3.04%
- Veröffentlicht 09.02.2021 14:15:16
- Zuletzt bearbeitet 21.11.2024 05:47:37
Insufficient policy enforcement in Downloads in Google Chrome prior to 88.0.4324.96 allowed an attacker who convinced a user to download files to bypass navigation restrictions via a crafted HTML page.
CVE-2021-21134
- EPSS 5.04%
- Veröffentlicht 09.02.2021 14:15:16
- Zuletzt bearbeitet 21.11.2024 05:47:38
Incorrect security UI in Page Info in Google Chrome on iOS prior to 88.0.4324.96 allowed a remote attacker to spoof security UI via a crafted HTML page.
CVE-2021-21135
- EPSS 19.23%
- Veröffentlicht 09.02.2021 14:15:16
- Zuletzt bearbeitet 21.11.2024 05:47:38
Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2021-21136
- EPSS 4.18%
- Veröffentlicht 09.02.2021 14:15:16
- Zuletzt bearbeitet 21.11.2024 05:47:38
Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2021-21137
- EPSS 5.92%
- Veröffentlicht 09.02.2021 14:15:16
- Zuletzt bearbeitet 21.11.2024 05:47:38
Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.