VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Google
>
Chrome
> 12.0.739.0
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2021-02-09
CVE-2021-21136
Origin Validation Error vulnerability in multiple products
Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
network
low complexity
google
microsoft
CWE-346
6.5
6.5
2021-02-09
CVE-2021-21135
Origin Validation Error vulnerability in multiple products
Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
network
low complexity
google
microsoft
CWE-346
6.5
6.5
2021-02-09
CVE-2021-21134
Authentication Bypass by Spoofing vulnerability in multiple products
Incorrect security UI in Page Info in Google Chrome on iOS prior to 88.0.4324.96 allowed a remote attacker to spoof security UI via a crafted HTML page.
network
low complexity
google
microsoft
CWE-290
6.5
6.5
2021-02-09
CVE-2021-21133
Insufficient policy enforcement in Downloads in Google Chrome prior to 88.0.4324.96 allowed an attacker who convinced a user to download files to bypass navigation restrictions via a crafted HTML page.
network
low complexity
google
microsoft
6.5
6.5
2021-02-09
CVE-2021-21132
Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products
Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension.
network
low complexity
google
microsoft
CWE-1021
critical
9.6
9.6
2021-02-09
CVE-2021-21131
Unrestricted Upload of File with Dangerous Type vulnerability in multiple products
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
network
low complexity
google
microsoft
CWE-434
6.5
6.5
2021-02-09
CVE-2021-21130
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
network
low complexity
google
microsoft
6.5
6.5
2021-02-09
CVE-2021-21129
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
network
low complexity
google
microsoft
6.5
6.5
2021-02-09
CVE-2021-21128
Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google
microsoft
CWE-787
8.8
8.8
2021-02-09
CVE-2021-21127
Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass content security policy via a crafted Chrome Extension.
network
low complexity
google
microsoft
8.8
8.8
«
Previous
1
2
...
118
119
120
(current)
121
122
...
234
235
»
Next