Vulnerabilities > Google > Chrome > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-04-26 CVE-2021-21223 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in Mojo in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-190
critical
9.6
2021-02-22 CVE-2021-21155 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in Tab Strip in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google fedoraproject CWE-787
critical
9.6
2021-02-22 CVE-2021-21154 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in Tab Strip in Google Chrome prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google fedoraproject CWE-787
critical
9.6
2021-02-22 CVE-2021-21151 Use After Free vulnerability in multiple products
Use after free in Payments in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
critical
9.6
2021-02-22 CVE-2021-21150 Use After Free vulnerability in multiple products
Use after free in Downloads in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
critical
9.6
2021-02-09 CVE-2021-21146 Use After Free vulnerability in multiple products
Use after free in Navigation in Google Chrome prior to 88.0.4324.146 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
critical
9.6
2021-02-09 CVE-2021-21142 Use After Free vulnerability in multiple products
Use after free in Payments in Google Chrome on Mac prior to 88.0.4324.146 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
critical
9.6
2021-02-09 CVE-2021-21132 Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products
Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension.
network
low complexity
google microsoft CWE-1021
critical
9.6
2021-02-09 CVE-2021-21124 Use After Free vulnerability in multiple products
Potential user after free in Speech Recognizer in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google microsoft CWE-416
critical
9.6
2021-02-09 CVE-2021-21121 Use After Free vulnerability in multiple products
Use after free in Omnibox in Google Chrome on Linux prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google microsoft CWE-416
critical
9.6