Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Google Subscribe
Total 11977 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-4063 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in developer tools in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-4062 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Heap buffer overflow in BFCache in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-4061 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-4059 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2023-11-07 4.3 MEDIUM 6.5 MEDIUM
Insufficient data validation in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2021-4058 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Heap buffer overflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-4057 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in file API in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-4056 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Type confusion in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-4055 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Heap buffer overflow in extensions in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.
CVE-2021-4054 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2023-11-07 4.3 MEDIUM 6.5 MEDIUM
Incorrect security UI in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
CVE-2021-4053 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in UI in Google Chrome on Linux prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-4052 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in web apps in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.
CVE-2021-39658 1 Google 1 Android 2023-11-07 10.0 HIGH 9.8 CRITICAL
ismsEx service is a vendor service in unisoc equipment。ismsEx service is an extension of sms system service,but it does not check the permissions of the caller,resulting in permission leaks。Third-party apps can use this service to arbitrarily modify and set system properties。Product: AndroidVersions: Android SoCAndroid ID: A-207479207
CVE-2021-39635 1 Google 1 Android 2023-11-07 9.4 HIGH 9.1 CRITICAL
ims_ex is a vendor system service used to manage VoLTE in unisoc devices,But it does not verify the caller's permissions,so that normal apps (No phone permissions) can obtain some VoLTE sensitive information and manage VoLTE calls.Product: AndroidVersions: Android SoCAndroid ID: A-206492634
CVE-2021-38022 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2023-11-07 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in WebAuthentication in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2021-38021 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2023-11-07 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in referrer in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
CVE-2021-38020 3 Debian, Fedoraproject, Google 4 Debian Linux, Fedora, Android and 1 more 2023-11-07 4.3 MEDIUM 4.3 MEDIUM
Insufficient policy enforcement in contacts picker in Google Chrome on Android prior to 96.0.4664.45 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2021-38019 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2023-11-07 4.3 MEDIUM 6.5 MEDIUM
Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2021-38018 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2023-11-07 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in navigation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
CVE-2021-38017 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
CVE-2021-38016 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Insufficient policy enforcement in background fetch in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass same origin policy via a crafted HTML page.