Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-03-09	CVE-2021-21175	Origin Validation Error vulnerability in multiple products Inappropriate implementation in Site isolation in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. network low complexity google fedoraproject debian CWE-346	6.5
2021-03-09	CVE-2021-21173	Information Exposure Through Discrepancy vulnerability in multiple products Side-channel information leakage in Network Internals in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. network low complexity google fedoraproject debian CWE-203	6.5
2021-03-09	CVE-2021-21171	Incorrect security UI in TabStrip and Navigation in Google Chrome on Android prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. network low complexity google fedoraproject debian	6.5
2021-03-09	CVE-2021-21170	Incorrect security UI in Loader in Google Chrome prior to 89.0.4389.72 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. network low complexity google fedoraproject debian	6.5
2021-03-09	CVE-2021-21168	Insufficient policy enforcement in appcache in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. network low complexity google fedoraproject debian	6.5
2021-03-09	CVE-2021-21164	Origin Validation Error vulnerability in multiple products Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. network low complexity google fedoraproject debian CWE-346	6.5
2021-03-09	CVE-2021-21163	Origin Validation Error vulnerability in multiple products Insufficient data validation in Reader Mode in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page and a malicious server. network low complexity google fedoraproject debian CWE-346	6.5
2021-03-08	CVE-2021-23351	The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service (DoS) via the parseVersion1() function. network low complexity go-proxyproto-project fedoraproject	4.9
2021-03-04	CVE-2021-3404	Out-of-bounds Write vulnerability in multiple products In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a heap buffer overflow which can be triggered via a crafted file. network ytnef-project redhat fedoraproject CWE-787	6.8
2021-03-04	CVE-2021-3403	Double Free vulnerability in multiple products In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a double free which can be triggered via a crafted file. network ytnef-project redhat fedoraproject CWE-415	6.8