Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2021-10-08 CVE-2021-37975 Use After Free vulnerability in multiple products
Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-416
8.8
2021-10-08 CVE-2021-30625 Use After Free vulnerability in multiple products
Use after free in Selection API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who convinced the user the visit a malicious website to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
2021-10-08 CVE-2021-30626 Out-of-bounds Write vulnerability in multiple products
Out of bounds memory access in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-787
8.8
2021-10-08 CVE-2021-30627 Type Confusion vulnerability in multiple products
Type confusion in Blink layout in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-843
8.8
2021-10-08 CVE-2021-30628 Out-of-bounds Write vulnerability in multiple products
Stack buffer overflow in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-787
8.8
2021-10-08 CVE-2021-30629 Use After Free vulnerability in multiple products
Use after free in Permissions in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
2021-10-08 CVE-2021-30632 Out-of-bounds Write vulnerability in multiple products
Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-787
8.8
2021-10-08 CVE-2021-41916 Cross-Site Request Forgery (CSRF) vulnerability in Webtareas Project Webtareas
A Cross-Site Request Forgery (CSRF) vulnerability in webTareas version 2.4 and earlier allows a remote attacker to create a new administrative profile and add a new user to the new profile.
network
low complexity
webtareas-project CWE-352
8.8
2021-10-08 CVE-2021-41919 Unrestricted Upload of File with Dangerous Type vulnerability in Webtareas Project Webtareas
webTareas version 2.4 and earlier allows an authenticated user to arbitrarily upload potentially dangerous files without restrictions.
network
low complexity
webtareas-project CWE-434
8.8
2021-10-08 CVE-2021-41920 SQL Injection vulnerability in Webtareas Project Webtareas
webTareas version 2.4 and earlier allows an unauthenticated user to perform Time and Boolean-based blind SQL Injection on the endpoint /includes/library.php, via the sor_cible, sor_champs, and sor_ordre HTTP POST parameters.
network
low complexity
webtareas-project CWE-89
7.5