Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-08 | CVE-2021-37975 | Use After Free vulnerability in multiple products Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2021-10-08 | CVE-2021-30625 | Use After Free vulnerability in multiple products Use after free in Selection API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who convinced the user the visit a malicious website to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2021-10-08 | CVE-2021-30626 | Out-of-bounds Write vulnerability in multiple products Out of bounds memory access in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2021-10-08 | CVE-2021-30627 | Type Confusion vulnerability in multiple products Type confusion in Blink layout in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2021-10-08 | CVE-2021-30628 | Out-of-bounds Write vulnerability in multiple products Stack buffer overflow in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. | 8.8 |
| 2021-10-08 | CVE-2021-30629 | Use After Free vulnerability in multiple products Use after free in Permissions in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2021-10-08 | CVE-2021-30632 | Out-of-bounds Write vulnerability in multiple products Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2021-10-08 | CVE-2021-41916 | Cross-Site Request Forgery (CSRF) vulnerability in Webtareas Project Webtareas A Cross-Site Request Forgery (CSRF) vulnerability in webTareas version 2.4 and earlier allows a remote attacker to create a new administrative profile and add a new user to the new profile. | 8.8 |
| 2021-10-08 | CVE-2021-41919 | Unrestricted Upload of File with Dangerous Type vulnerability in Webtareas Project Webtareas webTareas version 2.4 and earlier allows an authenticated user to arbitrarily upload potentially dangerous files without restrictions. | 8.8 |
| 2021-10-08 | CVE-2021-41920 | SQL Injection vulnerability in Webtareas Project Webtareas webTareas version 2.4 and earlier allows an unauthenticated user to perform Time and Boolean-based blind SQL Injection on the endpoint /includes/library.php, via the sor_cible, sor_champs, and sor_ordre HTTP POST parameters. | 7.5 |