Product:
Chrome
(Google)| Repositories |
• https://github.com/googlei18n/sfntly
• https://github.com/uclouvain/openjpeg • https://github.com/behdad/harfbuzz |
| #Vulnerabilities | 2454 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-04-30 | CVE-2021-21228 | Insufficient policy enforcement in extensions in Google Chrome prior to 90.0.4430.93 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. | Debian_linux, Chrome | 4.3 | ||
| 2021-04-30 | CVE-2021-21229 | Incorrect security UI in downloads in Google Chrome on Android prior to 90.0.4430.93 allowed a remote attacker to perform domain spoofing via a crafted HTML page. | Debian_linux, Chrome | 6.5 | ||
| 2021-04-30 | CVE-2021-21231 | Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Chrome | 8.8 | ||
| 2021-04-30 | CVE-2021-21230 | Type confusion in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Chrome | 8.8 | ||
| 2021-04-30 | CVE-2021-21233 | Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Chrome | 8.8 | ||
| 2021-04-30 | CVE-2021-21232 | Use after free in Dev Tools in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Chrome | 8.8 | ||
| 2021-04-30 | CVE-2021-21227 | Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Chrome | 8.8 | ||
| 2021-04-26 | CVE-2021-21220 | Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Chrome | 8.8 | ||
| 2021-04-26 | CVE-2021-21204 | Use after free in Blink in Google Chrome on OS X prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Chrome | 8.8 | ||
| 2021-04-26 | CVE-2021-21203 | Use after free in Blink in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Chrome | 8.8 |