Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-22 | CVE-2021-21157 | Use After Free vulnerability in multiple products Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2021-02-22 | CVE-2021-21156 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted script. | 8.8 |
| 2021-02-22 | CVE-2021-21153 | Out-of-bounds Write vulnerability in multiple products Stack buffer overflow in GPU Process in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | 8.8 |
| 2021-02-22 | CVE-2021-21152 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in Media in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2021-02-22 | CVE-2021-21149 | Out-of-bounds Write vulnerability in multiple products Stack buffer overflow in Data Transfer in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. | 8.8 |
| 2021-02-17 | CVE-2021-22553 | Missing Release of Resource after Effective Lifetime vulnerability in Google Gerrit Any git operation is passed through Jetty and a session is created. | 7.5 |
| 2021-02-10 | CVE-2021-0341 | Improper Certificate Validation vulnerability in Google Android In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. | 7.5 |
| 2021-02-10 | CVE-2021-0340 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Google Android 10.0 In parseNextBox of IsoInterface.java, there is a possible leak of unredacted location information due to improper input validation. | 8.8 |
| 2021-02-10 | CVE-2021-0339 | Improper Check for Unusual or Exceptional Conditions vulnerability in Google Android 10.0/8.1/9.0 In loadAnimation of WindowContainer.java, there is a possible way to keep displaying a malicious app while a target app is brought to the foreground. | 7.8 |
| 2021-02-10 | CVE-2021-0337 | Cleartext Storage of Sensitive Information vulnerability in Google Android In moveInMediaStore of FileSystemProvider.java, there is a possible file exposure due to stale metadata. | 7.8 |