Search for packages
Package details: pkg:deb/ubuntu/chromium-browser@85.0.4183.121-0ubuntu0.16.04.1
purl pkg:deb/ubuntu/chromium-browser@85.0.4183.121-0ubuntu0.16.04.1
Next non-vulnerable version 95.0.4638.69-0ubuntu0.18.04.1
Latest non-vulnerable version 95.0.4638.69-0ubuntu0.18.04.1
Risk 10.0
Vulnerabilities affecting this package (376)
Vulnerability Summary Fixed by
VCID-1ckz-wsh1-aaam
Aliases:
CVE-2021-21113
Heap buffer overflow in Skia in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-1cst-pd37-aaae
Aliases:
CVE-2021-21147
Inappropriate implementation in Skia in Google Chrome prior to 88.0.4324.146 allowed a local attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-1fq4-ep8y-aaas
Aliases:
CVE-2021-21230
Type confusion in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
90.0.4430.93-0ubuntu0.18.04.1
Affected by 166 other vulnerabilities.
VCID-1gkb-wc83-aaad
Aliases:
CVE-2021-30547
Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
91.0.4472.101-0ubuntu0.18.04.1
Affected by 119 other vulnerabilities.
VCID-1hrp-wfs3-aaag
Aliases:
CVE-2021-30512
Use after free in Notifications in Google Chrome prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-1hvv-x4ts-aaae
Aliases:
CVE-2020-15962
Insufficient policy validation in serial in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
85.0.4183.121-0ubuntu0.18.04.1
Affected by 364 other vulnerabilities.
VCID-1j84-ycfz-aaap
Aliases:
CVE-2021-30613
Chromium: CVE-2021-30613 Use after free in Base internals
93.0.4577.63-0ubuntu0.18.04.1
Affected by 51 other vulnerabilities.
VCID-1msa-tu4k-aaan
Aliases:
CVE-2020-16027
Insufficient policy enforcement in developer tools in Google Chrome prior to 87.0.4280.66 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from the user's disk via a crafted Chrome Extension.
87.0.4280.66-0ubuntu0.18.04.1
Affected by 300 other vulnerabilities.
VCID-1nas-y5p5-aaam
Aliases:
CVE-2021-21175
Inappropriate implementation in Site isolation in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-1r4y-tw69-aaae
Aliases:
CVE-2021-21119
Use after free in Media in Google Chrome prior to 88.0.4324.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-1sws-sjkr-aaaf
Aliases:
CVE-2021-21186
Insufficient policy enforcement in QR scanning in Google Chrome on iOS prior to 89.0.4389.72 allowed an attacker who convinced the user to scan a QR code to bypass navigation restrictions via a crafted QR code.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-1t3f-ps18-aaac
Aliases:
CVE-2021-37964
Inappropriate implementation in ChromeOS Networking in Google Chrome on ChromeOS prior to 94.0.4606.54 allowed an attacker with a rogue wireless access point to to potentially carryout a wifi impersonation attack via a crafted ONC file.
94.0.4606.71-0ubuntu0.18.04.1
Affected by 23 other vulnerabilities.
VCID-27us-z5vd-aaaf
Aliases:
CVE-2020-15961
Insufficient policy validation in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
85.0.4183.121-0ubuntu0.18.04.1
Affected by 364 other vulnerabilities.
VCID-28mp-813v-aaad
Aliases:
CVE-2021-30515
Use after free in File API in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-2c4c-yyw7-aaas
Aliases:
CVE-2021-30560
GHSA-59gp-qqm7-cw4j
Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-2cyu-z17j-aaaf
Aliases:
CVE-2021-21161
Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-2j2m-wqre-aaag
Aliases:
CVE-2021-21167
Use after free in bookmarks in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-2ujb-t1qw-aaad
Aliases:
CVE-2021-21157
Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-2vfw-xsgt-aaaj
Aliases:
CVE-2020-16009
GHSA-m7mf-48hp-5qmr
Inappropriate implementation in V8
86.0.4240.198-0ubuntu0.18.04.1
Affected by 322 other vulnerabilities.
VCID-312x-u2zn-aaah
Aliases:
CVE-2020-16016
Inappropriate implementation in base in Google Chrome prior to 86.0.4240.193 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
86.0.4240.198-0ubuntu0.18.04.1
Affected by 322 other vulnerabilities.
VCID-31tw-f7fz-aaan
Aliases:
CVE-2021-37984
Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
95.0.4638.69-0ubuntu0.18.04.1
Affected by 0 other vulnerabilities.
VCID-378y-sv7e-aaaj
Aliases:
CVE-2021-21166
Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-382d-mb3g-aaap
Aliases:
CVE-2021-30614
Chromium: CVE-2021-30614 Heap buffer overflow in TabStrip
93.0.4577.63-0ubuntu0.18.04.1
Affected by 51 other vulnerabilities.
VCID-38x7-vzgt-aaab
Aliases:
CVE-2020-16042
Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-3eqf-uhhx-aaaa
Aliases:
CVE-2021-30539
Insufficient policy enforcement in content security policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-3guc-5zwu-aaad
Aliases:
CVE-2021-30506
Incorrect security UI in Web App Installs in Google Chrome on Android prior to 90.0.4430.212 allowed an attacker who convinced a user to install a web application to inject scripts or HTML into a privileged page via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-3kpn-rmka-aaam
Aliases:
CVE-2021-30583
Insufficient policy enforcement in image handling in iOS in Google Chrome on iOS prior to 92.0.4515.107 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-3mws-4qb4-aaae
Aliases:
CVE-2021-21206
Use after free in Blink in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
90.0.4430.72-0ubuntu0.18.04.1
Affected by 178 other vulnerabilities.
VCID-3q96-sh6f-aaaa
Aliases:
CVE-2021-21140
Uninitialized use in USB in Google Chrome prior to 88.0.4324.96 allowed a local attacker to potentially perform out of bounds memory access via via a USB device.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-3uyd-hpr3-aaab
Aliases:
CVE-2021-30537
Insufficient policy enforcement in cookies in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass cookie policy via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-44v2-788v-aaam
Aliases:
CVE-2021-30596
Incorrect security UI in Navigation in Google Chrome on Android prior to 92.0.4515.131 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-45hr-84ah-aaaj
Aliases:
CVE-2021-21222
Heap buffer overflow in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.
90.0.4430.93-0ubuntu0.18.04.1
Affected by 166 other vulnerabilities.
VCID-493r-e4hx-aaan
Aliases:
CVE-2021-30579
Use after free in UI framework in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-4aab-xagn-aaah
Aliases:
CVE-2021-21152
Heap buffer overflow in Media in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-4adc-hb3t-aaas
Aliases:
CVE-2020-15971
Use after free in printing in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
86.0.4240.75-0ubuntu0.18.04.1
Affected by 337 other vulnerabilities.
VCID-4b9s-u6nm-aaah
Aliases:
CVE-2021-21133
Insufficient policy enforcement in Downloads in Google Chrome prior to 88.0.4324.96 allowed an attacker who convinced a user to download files to bypass navigation restrictions via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-4cur-kwad-aaab
Aliases:
CVE-2021-21136
Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-4dsw-twe3-aaan
Aliases:
CVE-2021-37993
Use after free in PDF Accessibility in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
95.0.4638.69-0ubuntu0.18.04.1
Affected by 0 other vulnerabilities.
VCID-4h63-j4bj-aaam
Aliases:
CVE-2020-15977
Insufficient data validation in dialogs in Google Chrome on OS X prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.
86.0.4240.75-0ubuntu0.18.04.1
Affected by 337 other vulnerabilities.
VCID-4pxn-zrnf-aaak
Aliases:
CVE-2021-30525
Use after free in TabGroups in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-4pxu-sb16-aaae
Aliases:
CVE-2021-21180
Use after free in tab search in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-4q1y-zra8-aaab
Aliases:
CVE-2021-30533
Insufficient policy enforcement in PopupBlocker in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass navigation restrictions via a crafted iframe.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-4r1v-44yb-aaac
Aliases:
CVE-2021-21205
Insufficient policy enforcement in navigation in Google Chrome on iOS prior to 90.0.4430.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
90.0.4430.72-0ubuntu0.18.04.1
Affected by 178 other vulnerabilities.
VCID-4rz9-qgsd-aaae
Aliases:
CVE-2021-30528
Use after free in WebAuthentication in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker who had compromised the renderer process of a user who had saved a credit card in their Google account to potentially exploit heap corruption via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-4skt-gh4p-aaab
Aliases:
CVE-2021-21198
Out of bounds read in IPC in Google Chrome prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
90.0.4430.72-0ubuntu0.18.04.1
Affected by 178 other vulnerabilities.
VCID-4uqc-ajw4-aaan
Aliases:
CVE-2021-30526
Out of bounds write in TabStrip in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-4v1w-nrye-aaam
Aliases:
CVE-2021-30632
Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
94.0.4606.71-0ubuntu0.18.04.1
Affected by 23 other vulnerabilities.
VCID-4wxn-m6mq-aaap
Aliases:
CVE-2021-37981
Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
95.0.4638.69-0ubuntu0.18.04.1
Affected by 0 other vulnerabilities.
VCID-54z8-v289-aaaj
Aliases:
CVE-2021-21190
Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-55kv-hkse-aaaq
Aliases:
CVE-2021-21124
Potential user after free in Speech Recognizer in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-5941-f939-aaaj
Aliases:
CVE-2020-15965
Type confusion in V8 in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
85.0.4183.121-0ubuntu0.18.04.1
Affected by 364 other vulnerabilities.
VCID-59rt-7aqb-aaar
Aliases:
CVE-2021-30557
Use after free in TabGroups in Google Chrome prior to 91.0.4472.114 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-5hcq-rje9-aaah
Aliases:
CVE-2021-21162
Use after free in WebRTC in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-5mab-vgkk-aaak
Aliases:
CVE-2021-21135
Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-5vrs-dewy-aaab
Aliases:
CVE-2020-15959
Insufficient policy enforcement in networking in Google Chrome prior to 85.0.4183.102 allowed an attacker who convinced the user to enable logging to obtain potentially sensitive information from process memory via social engineering.
85.0.4183.121-0ubuntu0.18.04.1
Affected by 364 other vulnerabilities.
VCID-5wrv-xg22-aaar
Aliases:
CVE-2021-37982
Use after free in Incognito in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
95.0.4638.69-0ubuntu0.18.04.1
Affected by 0 other vulnerabilities.
VCID-63uh-73ju-aaab
Aliases:
CVE-2021-21183
Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-66cg-7gfs-aaac
Aliases:
CVE-2020-16030
Insufficient data validation in Blink in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.
87.0.4280.66-0ubuntu0.18.04.1
Affected by 300 other vulnerabilities.
VCID-69x9-qdth-aaag
Aliases:
CVE-2021-30542
Use after free in Tab Strip in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
91.0.4472.101-0ubuntu0.18.04.1
Affected by 119 other vulnerabilities.
VCID-6ahz-ywfs-aaaa
Aliases:
CVE-2020-16033
Inappropriate implementation in WebUSB in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof security UI via a crafted HTML page.
87.0.4280.66-0ubuntu0.18.04.1
Affected by 300 other vulnerabilities.
VCID-6akj-gkxu-aaah
Aliases:
CVE-2021-21193
Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-6bkq-zgzv-aaaa
Aliases:
CVE-2020-16011
Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4240.183 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
86.0.4240.198-0ubuntu0.18.04.1
Affected by 322 other vulnerabilities.
VCID-6ebd-gq34-aaaa
Aliases:
CVE-2021-37973
Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
94.0.4606.71-0ubuntu0.18.04.1
Affected by 23 other vulnerabilities.
VCID-6he2-1g7r-aaaj
Aliases:
CVE-2021-30616
Chromium: CVE-2021-30616 Use after free in Media
93.0.4577.63-0ubuntu0.18.04.1
Affected by 51 other vulnerabilities.
VCID-6hv1-jbzx-aaaa
Aliases:
CVE-2021-30581
Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-6m5e-sfey-aaag
Aliases:
CVE-2021-30518
Heap buffer overflow in Reader Mode in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-6pe1-3179-aaae
Aliases:
CVE-2021-30627
Type confusion in Blink layout in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
94.0.4606.71-0ubuntu0.18.04.1
Affected by 23 other vulnerabilities.
VCID-6s4h-7m1q-aaaa
Aliases:
CVE-2021-21187
Insufficient data validation in URL formatting in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-6t8s-an8s-aaaq
Aliases:
CVE-2020-15991
Use after free in password manager in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
86.0.4240.75-0ubuntu0.18.04.1
Affected by 337 other vulnerabilities.
VCID-6tkm-6n1t-aaag
Aliases:
CVE-2021-30511
Out of bounds read in Tab Groups in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-6xw5-gdhd-aaaa
Aliases:
CVE-2020-16043
Insufficient data validation in networking in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to bypass discretionary access control via malicious network traffic.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-71wd-brdc-aaan
Aliases:
CVE-2021-30541
Use after free in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-7fn6-csd8-aaad
Aliases:
CVE-2021-21182
Insufficient policy enforcement in navigations in Google Chrome prior to 89.0.4389.72 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-7hyr-h3qc-aaas
Aliases:
CVE-2021-37965
Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
94.0.4606.71-0ubuntu0.18.04.1
Affected by 23 other vulnerabilities.
VCID-7jzz-v98p-aaak
Aliases:
CVE-2020-15987
Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted WebRTC stream.
86.0.4240.75-0ubuntu0.18.04.1
Affected by 337 other vulnerabilities.
VCID-7ksy-jnvf-aaar
Aliases:
CVE-2021-30575
Out of bounds write in Autofill in Google Chrome prior to 92.0.4515.107 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-7ps8-8r4c-aaag
Aliases:
CVE-2021-30564
Heap buffer overflow in WebXR in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-7t2t-vtm6-aaad
Aliases:
CVE-2021-21211
Inappropriate implementation in Navigation in Google Chrome on iOS prior to 90.0.4430.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
90.0.4430.72-0ubuntu0.18.04.1
Affected by 178 other vulnerabilities.
VCID-7tfb-5taw-aaad
Aliases:
CVE-2020-16015
Insufficient data validation in WASM in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
87.0.4280.66-0ubuntu0.18.04.1
Affected by 300 other vulnerabilities.
VCID-7xvu-s826-aaas
Aliases:
CVE-2020-15989
Uninitialized data in PDFium in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.
86.0.4240.75-0ubuntu0.18.04.1
Affected by 337 other vulnerabilities.
VCID-7ycf-uwjr-aaam
Aliases:
CVE-2021-37956
Use after free in Offline use in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
94.0.4606.71-0ubuntu0.18.04.1
Affected by 23 other vulnerabilities.
VCID-81zz-e7q2-aaab
Aliases:
CVE-2021-30629
Use after free in Permissions in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
94.0.4606.71-0ubuntu0.18.04.1
Affected by 23 other vulnerabilities.
VCID-82w4-r1st-aaas
Aliases:
CVE-2021-30516
Heap buffer overflow in History in Google Chrome prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-83ns-by7f-aaag
Aliases:
CVE-2021-30513
Type confusion in V8 in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-84xz-f1b9-aaah
Aliases:
CVE-2021-30626
Out of bounds memory access in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
94.0.4606.71-0ubuntu0.18.04.1
Affected by 23 other vulnerabilities.
VCID-851a-swft-aaaq
Aliases:
CVE-2021-21144
Heap buffer overflow in Tab Groups in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-8622-h7qj-aaan
Aliases:
CVE-2021-21141
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass file extension policy via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-86ec-v4pq-aaaj
Aliases:
CVE-2020-16034
Inappropriate implementation in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a local attacker to bypass policy restrictions via a crafted HTML page.
87.0.4280.66-0ubuntu0.18.04.1
Affected by 300 other vulnerabilities.
VCID-8h8t-dbw8-aaae
Aliases:
CVE-2020-16006
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
86.0.4240.198-0ubuntu0.18.04.1
Affected by 322 other vulnerabilities.
VCID-8nxv-5zee-aaar
Aliases:
CVE-2020-16000
Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
86.0.4240.198-0ubuntu0.18.04.1
Affected by 322 other vulnerabilities.
VCID-8qnk-fhmt-aaaf
Aliases:
CVE-2021-30623
Chromium: CVE-2021-30623 Use after free in Bookmarks
93.0.4577.63-0ubuntu0.18.04.1
Affected by 51 other vulnerabilities.
VCID-8xn7-jspy-aaan
Aliases:
CVE-2020-16003
Use after free in printing in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
86.0.4240.198-0ubuntu0.18.04.1
Affected by 322 other vulnerabilities.
VCID-97q5-qtfe-aaad
Aliases:
CVE-2020-15992
Insufficient policy enforcement in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page.
86.0.4240.75-0ubuntu0.18.04.1
Affected by 337 other vulnerabilities.
VCID-9bdr-h4pm-aaap
Aliases:
CVE-2021-21127
Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass content security policy via a crafted Chrome Extension.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-9bry-vpdp-aaah
Aliases:
CVE-2021-38001
Type confusion in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
95.0.4638.69-0ubuntu0.18.04.1
Affected by 0 other vulnerabilities.
VCID-9fk6-vf3h-aaag
Aliases:
CVE-2020-15985
Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to spoof security UI via a crafted HTML page.
86.0.4240.75-0ubuntu0.18.04.1
Affected by 337 other vulnerabilities.
VCID-9j99-x3yf-aaae
Aliases:
CVE-2021-21122
Use after free in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-9kb5-p8wk-aaae
Aliases:
CVE-2021-37987
Use after free in Network APIs in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
95.0.4638.69-0ubuntu0.18.04.1
Affected by 0 other vulnerabilities.
VCID-9khx-3sqr-aaak
Aliases:
CVE-2020-15967
Use after free in payments in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
86.0.4240.75-0ubuntu0.18.04.1
Affected by 337 other vulnerabilities.
VCID-9qbd-v9f9-aaac
Aliases:
CVE-2021-21220
Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
90.0.4430.72-0ubuntu0.18.04.1
Affected by 178 other vulnerabilities.
VCID-9rz9-vy24-aaah
Aliases:
CVE-2021-30561
Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-9uag-kxvn-aaac
Aliases:
CVE-2021-30602
Use after free in WebRTC in Google Chrome prior to 92.0.4515.159 allowed an attacker who convinced a user to visit a malicious website to potentially exploit heap corruption via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-9w41-uy17-aaaf
Aliases:
CVE-2021-21207
Use after free in IndexedDB in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
90.0.4430.72-0ubuntu0.18.04.1
Affected by 178 other vulnerabilities.
VCID-9zes-c5mb-aaaj
Aliases:
CVE-2020-15999
GHSA-pv36-h7jh-qm62
Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
86.0.4240.198-0ubuntu0.18.04.1
Affected by 322 other vulnerabilities.
VCID-a24t-z939-aaaj
Aliases:
CVE-2020-16020
Inappropriate implementation in cryptohome in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process to bypass discretionary access control via a malicious file.
87.0.4280.66-0ubuntu0.18.04.1
Affected by 300 other vulnerabilities.
VCID-a3xc-futt-aaag
Aliases:
CVE-2021-21111
Insufficient policy enforcement in WebUI in Google Chrome prior to 87.0.4280.141 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-a5gb-vk5w-aaah
Aliases:
CVE-2021-30563
Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-a861-3b9g-aaap
Aliases:
CVE-2021-30521
Heap buffer overflow in Autofill in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-a948-zcru-aaab
Aliases:
CVE-2020-15966
Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension.
85.0.4183.121-0ubuntu0.18.04.1
Affected by 364 other vulnerabilities.
VCID-a99h-ycfb-aaar
Aliases:
CVE-2020-16013
GHSA-x7fx-mcc9-27j7
Inappropriate implementation in V8 in CefSharp
86.0.4240.198-0ubuntu0.18.04.1
Affected by 322 other vulnerabilities.
VCID-aam1-pc5e-aaap
Aliases:
CVE-2021-21216
Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to spoof security UI via a crafted HTML page.
90.0.4430.72-0ubuntu0.18.04.1
Affected by 178 other vulnerabilities.
VCID-ac12-rgxg-aaac
Aliases:
CVE-2021-37992
Out of bounds read in WebAudio in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
95.0.4638.69-0ubuntu0.18.04.1
Affected by 0 other vulnerabilities.
VCID-ace4-ucva-aaae
Aliases:
CVE-2021-37971
Incorrect security UI in Web Browser UI in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
94.0.4606.71-0ubuntu0.18.04.1
Affected by 23 other vulnerabilities.
VCID-advy-p1um-aaaq
Aliases:
CVE-2020-16024
Heap buffer overflow in UI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
87.0.4280.66-0ubuntu0.18.04.1
Affected by 300 other vulnerabilities.
VCID-ah5z-xxty-aaar
Aliases:
CVE-2020-15982
Inappropriate implementation in cache in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
86.0.4240.75-0ubuntu0.18.04.1
Affected by 337 other vulnerabilities.
VCID-aun7-7bwu-aaap
Aliases:
CVE-2021-37975
Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
94.0.4606.71-0ubuntu0.18.04.1
Affected by 23 other vulnerabilities.
VCID-awme-7e9e-aaah
Aliases:
CVE-2021-30573
Use after free in GPU in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-b5du-p3dx-aaac
Aliases:
CVE-2021-30514
Use after free in Autofill in Google Chrome prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-b8me-cus9-aaak
Aliases:
CVE-2021-21231
Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
90.0.4430.93-0ubuntu0.18.04.1
Affected by 166 other vulnerabilities.
VCID-bcz5-e7zq-aaad
Aliases:
CVE-2021-21106
Use after free in autofill in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-bfkm-un3p-aaak
Aliases:
CVE-2021-30517
Type confusion in V8 in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-bgt4-9me8-aaad
Aliases:
CVE-2021-30591
Use after free in File System API in Google Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-bk17-n8yc-aaaj
Aliases:
CVE-2021-30572
Use after free in Autofill in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-bn5p-hq72-aaaq
Aliases:
CVE-2021-21137
Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-buy8-fk7m-aaac
Aliases:
CVE-2021-30520
Use after free in Tab Strip in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-bv8f-s5us-aaaj
Aliases:
CVE-2021-21219
Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.
90.0.4430.72-0ubuntu0.18.04.1
Affected by 178 other vulnerabilities.
VCID-c1wp-g1bq-aaaq
Aliases:
CVE-2020-15981
Out of bounds read in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
86.0.4240.75-0ubuntu0.18.04.1
Affected by 337 other vulnerabilities.
VCID-c2h2-s28q-aaam
Aliases:
CVE-2021-21139
Inappropriate implementation in iframe sandbox in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-c2jc-se72-aaaq
Aliases:
CVE-2021-21232
Use after free in Dev Tools in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
90.0.4430.93-0ubuntu0.18.04.1
Affected by 166 other vulnerabilities.
VCID-cdcr-urvc-aaaq
Aliases:
CVE-2021-37999
Insufficient data validation in New Tab Page in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to inject arbitrary scripts or HTML in a new browser tab via a crafted HTML page.
95.0.4638.69-0ubuntu0.18.04.1
Affected by 0 other vulnerabilities.
VCID-cdes-dpfc-aaan
Aliases:
CVE-2021-30523
Use after free in WebRTC in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-cdhn-44z4-aaaj
Aliases:
CVE-2020-15964
Insufficient data validation in media in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
85.0.4183.121-0ubuntu0.18.04.1
Affected by 364 other vulnerabilities.
VCID-cdqe-bdmh-aaaf
Aliases:
CVE-2021-37974
Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
94.0.4606.71-0ubuntu0.18.04.1
Affected by 23 other vulnerabilities.
VCID-ckgc-g35m-aaaj
Aliases:
CVE-2021-21171
Incorrect security UI in TabStrip and Navigation in Google Chrome on Android prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-cknx-nv9w-aaaf
Aliases:
CVE-2021-21115
User after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-cs1y-yf92-aaag
Aliases:
CVE-2021-21132
Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-cs5r-1uq2-aaah
Aliases:
CVE-2020-16023
Use after free in WebCodecs in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
87.0.4280.66-0ubuntu0.18.04.1
Affected by 300 other vulnerabilities.
VCID-ct5a-wtdc-aaam
Aliases:
CVE-2021-21107
Use after free in drag and drop in Google Chrome on Linux prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-ctdr-x4ht-aaaf
Aliases:
CVE-2021-21224
Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
90.0.4430.93-0ubuntu0.18.04.1
Affected by 166 other vulnerabilities.
VCID-ctzd-pjud-aaaj
Aliases:
CVE-2021-30586
Use after free in dialog box handling in Windows in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-cub5-jqd4-aaaf
Aliases:
CVE-2021-21118
Insufficient data validation in V8 in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-cvbd-4y3c-aaam
Aliases:
CVE-2021-38000
Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69 allowed a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page.
95.0.4638.69-0ubuntu0.18.04.1
Affected by 0 other vulnerabilities.
VCID-cwgy-gaqp-aaar
Aliases:
CVE-2020-16002
Use after free in PDFium in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
86.0.4240.198-0ubuntu0.18.04.1
Affected by 322 other vulnerabilities.
VCID-d26j-cg7j-aaaa
Aliases:
CVE-2021-21181
Side-channel information leakage in autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-d5ac-7cbh-aaak
Aliases:
CVE-2021-37983
Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
95.0.4638.69-0ubuntu0.18.04.1
Affected by 0 other vulnerabilities.
VCID-dbpn-qtb9-aaae
Aliases:
CVE-2021-37989
Inappropriate implementation in Blink in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to abuse content security policy via a crafted HTML page.
95.0.4638.69-0ubuntu0.18.04.1
Affected by 0 other vulnerabilities.
VCID-dds6-5trg-aaak
Aliases:
CVE-2021-37968
Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
94.0.4606.71-0ubuntu0.18.04.1
Affected by 23 other vulnerabilities.
VCID-ddzf-g4jw-aaaq
Aliases:
CVE-2021-30552
Use after free in Extensions in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
91.0.4472.101-0ubuntu0.18.04.1
Affected by 119 other vulnerabilities.
VCID-dgk7-86ha-aaae
Aliases:
CVE-2021-21196
Heap buffer overflow in TabStrip in Google Chrome on Windows prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
90.0.4430.72-0ubuntu0.18.04.1
Affected by 178 other vulnerabilities.
VCID-dust-5spn-aaag
Aliases:
CVE-2021-30606
Chromium: CVE-2021-30606 Use after free in Blink
93.0.4577.63-0ubuntu0.18.04.1
Affected by 51 other vulnerabilities.
VCID-dyr4-2udj-aaaq
Aliases:
CVE-2021-30532
Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-e3xs-aaes-aaam
Aliases:
CVE-2021-21202
Use after free in extensions in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
90.0.4430.72-0ubuntu0.18.04.1
Affected by 178 other vulnerabilities.
VCID-e66f-c9q7-aaah
Aliases:
CVE-2021-21153
Stack buffer overflow in GPU Process in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-e7x5-1wv5-aaaj
Aliases:
CVE-2021-30530
Out of bounds memory access in WebAudio in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-ebr5-dkgf-aaaq
Aliases:
CVE-2021-21108
Use after free in media in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-ehqa-8z8b-aaaq
Aliases:
CVE-2021-30584
Incorrect security UI in Downloads in Google Chrome on Android prior to 92.0.4515.107 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-emnq-u87s-aaab
Aliases:
CVE-2021-21174
Inappropriate implementation in Referrer in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-ep9y-5p13-aaaq
Aliases:
CVE-2021-21185
Insufficient policy enforcement in extensions in Google Chrome prior to 89.0.4389.72 allowed an attacker who convinced a user to install a malicious extension to obtain sensitive information via a crafted Chrome Extension.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-etws-b8mb-aaak
Aliases:
CVE-2020-15983
Insufficient data validation in webUI in Google Chrome on ChromeOS prior to 86.0.4240.75 allowed a local attacker to bypass content security policy via a crafted HTML page.
86.0.4240.75-0ubuntu0.18.04.1
Affected by 337 other vulnerabilities.
VCID-ezw7-3d39-aaah
Aliases:
CVE-2021-21120
Use after free in WebSQL in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-f1p3-utna-aaah
Aliases:
CVE-2021-21204
Use after free in Blink in Google Chrome on OS X prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
90.0.4430.72-0ubuntu0.18.04.1
Affected by 178 other vulnerabilities.
VCID-f4pq-khuv-aaar
Aliases:
CVE-2021-21109
Use after free in payments in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-f67m-wxdu-aaak
Aliases:
CVE-2020-16040
Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-f7wb-b11n-aaac
Aliases:
CVE-2021-21226
Use after free in navigation in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
90.0.4430.93-0ubuntu0.18.04.1
Affected by 166 other vulnerabilities.
VCID-fbtc-dmfn-aaam
Aliases:
CVE-2021-21223
Integer overflow in Mojo in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
90.0.4430.93-0ubuntu0.18.04.1
Affected by 166 other vulnerabilities.
VCID-fda7-3xgr-aaar
Aliases:
CVE-2021-30540
Incorrect security UI in payments in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-fe24-j5pq-aaaf
Aliases:
CVE-2021-30569
Use after free in sqlite in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-fer5-kp6k-aaad
Aliases:
CVE-2021-21176
Inappropriate implementation in full screen mode in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-fmqn-4spq-aaad
Aliases:
CVE-2020-6576
Use after free in offscreen canvas in Google Chrome prior to 85.0.4183.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
85.0.4183.121-0ubuntu0.18.04.1
Affected by 364 other vulnerabilities.
VCID-fpbn-bx9f-aaae
Aliases:
CVE-2021-37963
Side-channel information leakage in DevTools in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to bypass site isolation via a crafted HTML page.
94.0.4606.71-0ubuntu0.18.04.1
Affected by 23 other vulnerabilities.
VCID-fps9-5tty-aaag
Aliases:
CVE-2021-30549
Use after free in Spell check in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
91.0.4472.101-0ubuntu0.18.04.1
Affected by 119 other vulnerabilities.
VCID-frrq-k1sm-aaaf
Aliases:
CVE-2020-15974
Integer overflow in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to bypass site isolation via a crafted HTML page.
86.0.4240.75-0ubuntu0.18.04.1
Affected by 337 other vulnerabilities.
VCID-fuj5-819c-aaaf
Aliases:
CVE-2021-37959
Use after free in Task Manager in Google Chrome prior to 94.0.4606.54 allowed an attacker who convinced a user to enage in a series of user gestures to potentially exploit heap corruption via a crafted HTML page.
94.0.4606.71-0ubuntu0.18.04.1
Affected by 23 other vulnerabilities.
VCID-fyc2-1ana-aaan
Aliases:
CVE-2021-30534
Insufficient policy enforcement in iFrameSandbox in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-g9n6-vuaf-aaac
Aliases:
CVE-2021-21221
Insufficient validation of untrusted input in Mojo in Google Chrome prior to 90.0.4430.72 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.
90.0.4430.72-0ubuntu0.18.04.1
Affected by 178 other vulnerabilities.
VCID-gbtj-ughp-aaaq
Aliases:
CVE-2021-30535
Double free in ICU in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-gfgz-tm8e-aaar
Aliases:
CVE-2021-30527
Use after free in WebUI in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-gfuv-kx88-aaad
Aliases:
CVE-2021-21149
Stack buffer overflow in Data Transfer in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-gfvq-5yjr-aaag
Aliases:
CVE-2021-30508
Heap buffer overflow in Media Feeds in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to enable certain features in Chrome to potentially exploit heap corruption via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-gq37-x3yf-aaap
Aliases:
CVE-2021-30625
Use after free in Selection API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who convinced the user the visit a malicious website to potentially exploit heap corruption via a crafted HTML page.
94.0.4606.71-0ubuntu0.18.04.1
Affected by 23 other vulnerabilities.
VCID-gtqs-x9uq-aaah
Aliases:
CVE-2020-16007
Insufficient data validation in installer in Google Chrome prior to 86.0.4240.183 allowed a local attacker to potentially elevate privilege via a crafted filesystem.
86.0.4240.198-0ubuntu0.18.04.1
Affected by 322 other vulnerabilities.
VCID-gu38-a3c9-aaag
Aliases:
CVE-2021-30543
Use after free in Tab Strip in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
91.0.4472.101-0ubuntu0.18.04.1
Affected by 119 other vulnerabilities.
VCID-h3zy-uaym-aaam
Aliases:
CVE-2021-30555
Use after free in Sharing in Google Chrome prior to 91.0.4472.114 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page and user gesture.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-hbzm-7kkd-aaam
Aliases:
CVE-2021-21197
Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
90.0.4430.72-0ubuntu0.18.04.1
Affected by 178 other vulnerabilities.
VCID-hc4f-5ybh-aaad
Aliases:
CVE-2021-21178
Inappropriate implementation in Compositing in Google Chrome on Linux and Windows prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-hmbp-kwkv-aaaa
Aliases:
CVE-2021-21159
Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-hmeb-2gjt-aaag
Aliases:
CVE-2020-15969
Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
86.0.4240.75-0ubuntu0.18.04.1
Affected by 337 other vulnerabilities.
VCID-hmga-eadr-aaab
Aliases:
CVE-2021-30615
Chromium: CVE-2021-30615 Cross-origin data leak in Navigation
93.0.4577.63-0ubuntu0.18.04.1
Affected by 51 other vulnerabilities.
VCID-hntj-bhed-aaaa
Aliases:
CVE-2021-30594
Use after free in Page Info UI in Google Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via physical access to the device.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-hp29-9334-aaan
Aliases:
CVE-2021-21142
Use after free in Payments in Google Chrome on Mac prior to 88.0.4324.146 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-hp7b-mdur-aaak
Aliases:
CVE-2021-21121
Use after free in Omnibox in Google Chrome on Linux prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-hs9k-mzza-aaah
Aliases:
CVE-2021-21179
Use after free in Network Internals in Google Chrome on Linux prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-hu3y-ebfr-aaab
Aliases:
CVE-2021-21151
Use after free in Payments in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-hx6c-vfe9-aaad
Aliases:
CVE-2021-30587
Inappropriate implementation in Compositing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-hypb-3cx5-aaaa
Aliases:
CVE-2021-30519
Use after free in Payments in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious payments app to potentially exploit heap corruption via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-j24d-5kea-aaam
Aliases:
CVE-2020-6557
Inappropriate implementation in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
86.0.4240.75-0ubuntu0.18.04.1
Affected by 337 other vulnerabilities.
VCID-jaby-e8tz-aaas
Aliases:
CVE-2020-16001
Use after free in media in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
86.0.4240.198-0ubuntu0.18.04.1
Affected by 322 other vulnerabilities.
VCID-janx-xx7x-aaam
Aliases:
CVE-2020-6572
Use after free in Media in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-jesp-9r91-aaac
Aliases:
CVE-2021-21203
Use after free in Blink in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
90.0.4430.72-0ubuntu0.18.04.1
Affected by 178 other vulnerabilities.
VCID-jfdr-4q5j-aaak
Aliases:
CVE-2021-30545
Use after free in Extensions in Google Chrome prior to 91.0.4472.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
91.0.4472.101-0ubuntu0.18.04.1
Affected by 119 other vulnerabilities.
VCID-jmrq-nng9-aaar
Aliases:
CVE-2021-21170
Incorrect security UI in Loader in Google Chrome prior to 89.0.4389.72 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-jqsq-tj4f-aaaa
Aliases:
CVE-2021-21169
Out of bounds memory access in V8 in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-jv8t-m4e3-aaaf
Aliases:
CVE-2020-16031
Insufficient data validation in UI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
87.0.4280.66-0ubuntu0.18.04.1
Affected by 300 other vulnerabilities.
VCID-jvc2-kr6v-aaag
Aliases:
CVE-2021-21123
Insufficient data validation in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-jzxp-61w9-aaaq
Aliases:
CVE-2021-21194
Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
90.0.4430.72-0ubuntu0.18.04.1
Affected by 178 other vulnerabilities.
VCID-k3u7-w1z3-aaas
Aliases:
CVE-2020-15963
Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
85.0.4183.121-0ubuntu0.18.04.1
Affected by 364 other vulnerabilities.
VCID-k5xa-tb21-aaak
Aliases:
CVE-2021-21210
Inappropriate implementation in Network in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially access local UDP ports via a crafted HTML page.
90.0.4430.72-0ubuntu0.18.04.1
Affected by 178 other vulnerabilities.
VCID-k9ak-3hwa-aaam
Aliases:
CVE-2021-30546
Use after free in Autofill in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
91.0.4472.101-0ubuntu0.18.04.1
Affected by 119 other vulnerabilities.
VCID-ka8k-31ng-aaaq
Aliases:
CVE-2021-37988
Use after free in Profiles in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who convinced a user to engage in specific gestures to potentially exploit heap corruption via a crafted HTML page.
95.0.4638.69-0ubuntu0.18.04.1
Affected by 0 other vulnerabilities.
VCID-kapf-jqpk-aaaf
Aliases:
CVE-2020-16038
Use after free in media in Google Chrome on OS X prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-kcwm-a1dq-aaak
Aliases:
CVE-2021-30571
Insufficient policy enforcement in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-kegd-rd79-aaac
Aliases:
CVE-2021-21148
Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-kkte-ve3m-aaak
Aliases:
CVE-2021-30600
Use after free in Printing in Google Chrome prior to 92.0.4515.159 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-kmqd-hgzk-aaaf
Aliases:
CVE-2021-30580
Insufficient policy enforcement in Android intents in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious application to obtain potentially sensitive information via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-kmtq-xrah-aaap
Aliases:
CVE-2021-21155
Heap buffer overflow in Tab Strip in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-krwx-b8zr-aaaf
Aliases:
CVE-2021-30566
Stack buffer overflow in Printing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker who had compromised the renderer process to potentially exploit stack corruption via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-kunw-vb8w-aaae
Aliases:
CVE-2021-21134
Incorrect security UI in Page Info in Google Chrome on iOS prior to 88.0.4324.96 allowed a remote attacker to spoof security UI via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-kxsy-6j2m-aaam
Aliases:
CVE-2021-21218
Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.
90.0.4430.72-0ubuntu0.18.04.1
Affected by 178 other vulnerabilities.
VCID-kxvq-pur4-aaaj
Aliases:
CVE-2020-16005
Insufficient policy enforcement in ANGLE in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
86.0.4240.198-0ubuntu0.18.04.1
Affected by 322 other vulnerabilities.
VCID-ky69-62jm-aaam
Aliases:
CVE-2021-21156
Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted script.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-kz32-phx5-aaam
Aliases:
CVE-2020-16019
Inappropriate implementation in filesystem in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process to bypass noexec restrictions via a malicious file.
87.0.4280.66-0ubuntu0.18.04.1
Affected by 300 other vulnerabilities.
VCID-m2wx-1pv7-aaah
Aliases:
CVE-2021-30582
Inappropriate implementation in Animation in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-m6vh-56jv-aaaf
Aliases:
CVE-2021-37990
Inappropriate implementation in WebView in Google Chrome on Android prior to 95.0.4638.54 allowed a remote attacker to leak cross-origin data via a crafted app.
95.0.4638.69-0ubuntu0.18.04.1
Affected by 0 other vulnerabilities.
VCID-m7pf-qjsn-aaac
Aliases:
CVE-2020-15968
Use after free in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
86.0.4240.75-0ubuntu0.18.04.1
Affected by 337 other vulnerabilities.
VCID-mcr1-t7p4-aaak
Aliases:
CVE-2021-30624
Chromium: CVE-2021-30624 Use after free in Autofill
93.0.4577.63-0ubuntu0.18.04.1
Affected by 51 other vulnerabilities.
VCID-mcwt-hzva-aaag
Aliases:
CVE-2020-16017
GHSA-gvqv-779r-4jgp
Use after free in CefSharp
86.0.4240.198-0ubuntu0.18.04.1
Affected by 322 other vulnerabilities.
VCID-me3s-wvb2-aaab
Aliases:
CVE-2021-37976
Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
94.0.4606.71-0ubuntu0.18.04.1
Affected by 23 other vulnerabilities.
VCID-mfyn-4p3c-aaas
Aliases:
CVE-2020-16029
Inappropriate implementation in PDFium in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to bypass navigation restrictions via a crafted PDF file.
87.0.4280.66-0ubuntu0.18.04.1
Affected by 300 other vulnerabilities.
VCID-mmeq-rt7n-aaad
Aliases:
CVE-2021-30604
Use after free in ANGLE in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-mtb3-v6gc-aaam
Aliases:
CVE-2021-21225
Out of bounds memory access in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
90.0.4430.93-0ubuntu0.18.04.1
Affected by 166 other vulnerabilities.
VCID-n8bp-76b3-aaaj
Aliases:
CVE-2020-15970
Use after free in NFC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
86.0.4240.75-0ubuntu0.18.04.1
Affected by 337 other vulnerabilities.
VCID-nahc-cj6c-aaae
Aliases:
CVE-2021-30609
Chromium: CVE-2021-30609 Use after free in Sign-In
93.0.4577.63-0ubuntu0.18.04.1
Affected by 51 other vulnerabilities.
VCID-nbvh-avp5-aaaf
Aliases:
CVE-2021-30588
Type confusion in V8 in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-nfh2-34yp-aaap
Aliases:
CVE-2021-30559
Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-nfjg-p8cu-aaar
Aliases:
CVE-2021-21165
Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-ng8c-aa9c-aaac
Aliases:
CVE-2021-30522
Use after free in WebAudio in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-ngdv-gew8-aaah
Aliases:
CVE-2020-16018
Use after free in payments in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
87.0.4280.66-0ubuntu0.18.04.1
Affected by 300 other vulnerabilities.
VCID-nhxg-c18v-aaap
Aliases:
CVE-2020-16028
Heap buffer overflow in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
87.0.4280.66-0ubuntu0.18.04.1
Affected by 300 other vulnerabilities.
VCID-nk9u-p8sw-aaab
Aliases:
CVE-2021-21212
Incorrect security UI in Network Config UI in Google Chrome on ChromeOS prior to 90.0.4430.72 allowed a remote attacker to potentially compromise WiFi connection security via a malicious WAP.
90.0.4430.72-0ubuntu0.18.04.1
Affected by 178 other vulnerabilities.
VCID-nkus-48cs-aaah
Aliases:
CVE-2021-21209
Inappropriate implementation in storage in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
90.0.4430.72-0ubuntu0.18.04.1
Affected by 178 other vulnerabilities.
VCID-npj4-y24t-aaab
Aliases:
CVE-2021-37962
Use after free in Performance Manager in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
94.0.4606.71-0ubuntu0.18.04.1
Affected by 23 other vulnerabilities.
VCID-nwfs-dpam-aaar
Aliases:
CVE-2020-16025
Heap buffer overflow in clipboard in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
87.0.4280.66-0ubuntu0.18.04.1
Affected by 300 other vulnerabilities.
VCID-nybc-83jt-aaak
Aliases:
CVE-2021-30585
Use after free in sensor handling in Google Chrome on Windows prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-nyrh-xv45-aaab
Aliases:
CVE-2021-30548
Use after free in Loader in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
91.0.4472.101-0ubuntu0.18.04.1
Affected by 119 other vulnerabilities.
VCID-p68a-y438-aaaa
Aliases:
CVE-2021-21217
Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.
90.0.4430.72-0ubuntu0.18.04.1
Affected by 178 other vulnerabilities.
VCID-p72b-2f3m-aaak
Aliases:
CVE-2020-15984
Insufficient policy enforcement in Omnibox in Google Chrome on iOS prior to 86.0.4240.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted URL.
86.0.4240.75-0ubuntu0.18.04.1
Affected by 337 other vulnerabilities.
VCID-pcq1-9gqe-aaad
Aliases:
CVE-2021-21229
Incorrect security UI in downloads in Google Chrome on Android prior to 90.0.4430.93 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
90.0.4430.93-0ubuntu0.18.04.1
Affected by 166 other vulnerabilities.
VCID-pd9b-33md-aaae
Aliases:
CVE-2021-21173
Side-channel information leakage in Network Internals in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-pf6k-qn6b-aaad
Aliases:
CVE-2021-37994
Inappropriate implementation in iFrame Sandbox in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
95.0.4638.69-0ubuntu0.18.04.1
Affected by 0 other vulnerabilities.
VCID-pjvf-7g41-aaan
Aliases:
CVE-2021-30633
Use after free in Indexed DB API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
94.0.4606.71-0ubuntu0.18.04.1
Affected by 23 other vulnerabilities.
VCID-pnad-9jx1-aaap
Aliases:
CVE-2021-21214
Use after free in Network API in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension.
90.0.4430.72-0ubuntu0.18.04.1
Affected by 178 other vulnerabilities.
VCID-pqa3-de1w-aaac
Aliases:
CVE-2021-37995
Inappropriate implementation in WebApp Installer in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially overlay and spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
95.0.4638.69-0ubuntu0.18.04.1
Affected by 0 other vulnerabilities.
VCID-pvz3-g43s-aaaa
Aliases:
CVE-2021-30531
Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-pxrx-n8kz-aaab
Aliases:
CVE-2021-21192
Heap buffer overflow in tab groups in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-pzqc-x9ed-aaaa
Aliases:
CVE-2021-30610
Chromium: CVE-2021-30610 Use after free in Extensions API
93.0.4577.63-0ubuntu0.18.04.1
Affected by 51 other vulnerabilities.
VCID-pzx5-mcyp-aaag
Aliases:
CVE-2020-16036
Inappropriate implementation in cookies in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to bypass cookie restrictions via a crafted HTML page.
87.0.4280.66-0ubuntu0.18.04.1
Affected by 300 other vulnerabilities.
VCID-q4sy-hkag-aaab
Aliases:
CVE-2021-30556
Use after free in WebAudio in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-q6pp-q6q5-aaap
Aliases:
CVE-2020-16041
Out of bounds read in networking in Google Chrome prior to 87.0.4280.88 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-q6s5-913a-aaak
Aliases:
CVE-2021-37996
Insufficient validation of untrusted input Downloads in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a malicious file.
95.0.4638.69-0ubuntu0.18.04.1
Affected by 0 other vulnerabilities.
VCID-qbkz-fpuq-aaah
Aliases:
CVE-2021-30621
Chromium: CVE-2021-30621 UI Spoofing in Autofill
93.0.4577.63-0ubuntu0.18.04.1
Affected by 51 other vulnerabilities.
VCID-qcmc-tgv1-aaah
Aliases:
CVE-2021-21131
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-qe4m-be5c-aaad
Aliases:
CVE-2020-15972
Use after free in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
86.0.4240.75-0ubuntu0.18.04.1
Affected by 337 other vulnerabilities.
VCID-qf19-39mr-aaak
Aliases:
CVE-2021-30510
Use after free in Aura in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-qg3v-74fb-aaan
Aliases:
CVE-2021-30597
Use after free in Browser UI in Google Chrome on Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via physical access to the device.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-qk1w-ku7v-aaag
Aliases:
CVE-2020-16008
Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet.
86.0.4240.198-0ubuntu0.18.04.1
Affected by 322 other vulnerabilities.
VCID-qkqf-7msm-aaas
Aliases:
CVE-2021-37986
Heap buffer overflow in Settings in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to engage with Dev Tools to potentially exploit heap corruption via a crafted HTML page.
95.0.4638.69-0ubuntu0.18.04.1
Affected by 0 other vulnerabilities.
VCID-qqhg-mrsm-aaap
Aliases:
CVE-2021-37966
Inappropriate implementation in Compositing in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
94.0.4606.71-0ubuntu0.18.04.1
Affected by 23 other vulnerabilities.
VCID-qths-yr98-aaac
Aliases:
CVE-2021-21188
Use after free in Blink in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-qtpn-xt19-aaaf
Aliases:
CVE-2020-15986
Integer overflow in media in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
86.0.4240.75-0ubuntu0.18.04.1
Affected by 337 other vulnerabilities.
VCID-qwxm-hmr8-aaaf
Aliases:
CVE-2020-16022
Insufficient policy enforcement in networking in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially bypass firewall controls via a crafted HTML page.
87.0.4280.66-0ubuntu0.18.04.1
Affected by 300 other vulnerabilities.
VCID-r23w-7qrs-aaaj
Aliases:
CVE-2021-37967
Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.
94.0.4606.71-0ubuntu0.18.04.1
Affected by 23 other vulnerabilities.
VCID-r35x-k173-aaaf
Aliases:
CVE-2021-21110
Use after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-r89t-h68s-aaaf
Aliases:
CVE-2020-16014
Use after free in PPAPI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
87.0.4280.66-0ubuntu0.18.04.1
Affected by 300 other vulnerabilities.
VCID-r8dp-w957-aaar
Aliases:
CVE-2021-30618
Chromium: CVE-2021-30618 Inappropriate implementation in DevTools
93.0.4577.63-0ubuntu0.18.04.1
Affected by 51 other vulnerabilities.
VCID-r9eg-zqmu-aaas
Aliases:
CVE-2021-21215
Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to spoof security UI via a crafted HTML page.
90.0.4430.72-0ubuntu0.18.04.1
Affected by 178 other vulnerabilities.
VCID-rbzm-kdm4-aaaj
Aliases:
CVE-2021-21172
Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 89.0.4389.72 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-reev-8dhg-aaam
Aliases:
CVE-2020-15990
Use after free in autofill in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
86.0.4240.75-0ubuntu0.18.04.1
Affected by 337 other vulnerabilities.
VCID-rjxb-ecnh-aaaf
Aliases:
CVE-2021-21145
Use after free in Fonts in Google Chrome prior to 88.0.4324.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-rs63-ukq2-aaaa
Aliases:
CVE-2020-6575
Race in Mojo in Google Chrome prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
85.0.4183.121-0ubuntu0.18.04.1
Affected by 364 other vulnerabilities.
VCID-ruur-f75d-aaae
Aliases:
CVE-2021-21114
Use after free in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-ruzh-v6hz-aaan
Aliases:
CVE-2021-30553
Use after free in Network service in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
91.0.4472.101-0ubuntu0.18.04.1
Affected by 119 other vulnerabilities.
VCID-rxd7-5n9u-aaaa
Aliases:
CVE-2021-21125
Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-s54n-a63k-aaae
Aliases:
CVE-2021-21138
Use after free in DevTools in Google Chrome prior to 88.0.4324.96 allowed a local attacker to potentially perform a sandbox escape via a crafted file.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-s6ab-f7j2-aaaq
Aliases:
CVE-2020-16026
Use after free in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
87.0.4280.66-0ubuntu0.18.04.1
Affected by 300 other vulnerabilities.
VCID-s6sg-4psr-aaah
Aliases:
CVE-2021-21126
Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-s76v-7mhc-aaah
Aliases:
CVE-2021-30603
Data race in WebAudio in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-s7dd-6y5m-aaas
Aliases:
CVE-2021-21177
Insufficient policy enforcement in Autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-s7sq-k9yn-aaar
Aliases:
CVE-2021-30589
Insufficient validation of untrusted input in Sharing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to bypass navigation restrictions via a crafted click-to-call link.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-sgtb-8txp-aaaa
Aliases:
CVE-2020-6573
Use after free in video in Google Chrome on Android prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
85.0.4183.121-0ubuntu0.18.04.1
Affected by 364 other vulnerabilities.
VCID-spqy-vqya-aaaq
Aliases:
CVE-2020-16035
Insufficient data validation in cros-disks in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process to bypass noexec restrictions via a malicious file.
87.0.4280.66-0ubuntu0.18.04.1
Affected by 300 other vulnerabilities.
VCID-ssy5-6gmb-aaaf
Aliases:
CVE-2021-21154
Heap buffer overflow in Tab Strip in Google Chrome prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-svf9-rmc5-aaah
Aliases:
CVE-2021-21112
Use after free in Blink in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-syzs-dkv4-aaap
Aliases:
CVE-2021-37998
Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
95.0.4638.69-0ubuntu0.18.04.1
Affected by 0 other vulnerabilities.
VCID-t27y-sthg-aaah
Aliases:
CVE-2021-21195
Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
90.0.4430.72-0ubuntu0.18.04.1
Affected by 178 other vulnerabilities.
VCID-t4je-rnd8-aaap
Aliases:
CVE-2021-21150
Use after free in Downloads in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-t89e-hf6k-aaar
Aliases:
CVE-2021-30620
Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink
93.0.4577.63-0ubuntu0.18.04.1
Affected by 51 other vulnerabilities.
VCID-ta8q-m97h-aaan
Aliases:
CVE-2021-30536
Out of bounds read in V8 in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-taa7-h5ej-aaaq
Aliases:
CVE-2021-30593
Out of bounds read in Tab Strip in Google Chrome prior to 92.0.4515.131 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-tcgr-zddp-aaad
Aliases:
CVE-2021-21201
Use after free in permissions in Google Chrome prior to 90.0.4430.72 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
90.0.4430.72-0ubuntu0.18.04.1
Affected by 178 other vulnerabilities.
VCID-tchd-gn3x-aaac
Aliases:
CVE-2021-21164
Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-tfut-c57e-aaag
Aliases:
CVE-2021-21191
Use after free in WebRTC in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-tjjr-4a64-aaac
Aliases:
CVE-2020-15975
Integer overflow in SwiftShader in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
86.0.4240.75-0ubuntu0.18.04.1
Affected by 337 other vulnerabilities.
VCID-tss6-yf8h-aaaf
Aliases:
CVE-2021-21163
Insufficient data validation in Reader Mode in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page and a malicious server.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-u2yn-r3ag-aaab
Aliases:
CVE-2021-37972
Out of bounds read in libjpeg-turbo in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
94.0.4606.71-0ubuntu0.18.04.1
Affected by 23 other vulnerabilities.
VCID-u3ea-vw2f-aaah
Aliases:
CVE-2021-30590
Heap buffer overflow in Bookmarks in Google Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-u76k-zezw-aaah
Aliases:
CVE-2021-37958
Inappropriate implementation in Navigation in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page.
94.0.4606.71-0ubuntu0.18.04.1
Affected by 23 other vulnerabilities.
VCID-ug1e-8d8m-aaap
Aliases:
CVE-2020-16032
Insufficient data validation in sharing in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
87.0.4280.66-0ubuntu0.18.04.1
Affected by 300 other vulnerabilities.
VCID-ujy6-8v1y-aaap
Aliases:
CVE-2021-37991
Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
95.0.4638.69-0ubuntu0.18.04.1
Affected by 0 other vulnerabilities.
VCID-ukvt-bkx6-aaas
Aliases:
CVE-2021-21130
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-unb6-4gph-aaam
Aliases:
CVE-2021-30509
Out of bounds write in Tab Strip in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page and a crafted Chrome extension.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-uudx-2g3h-aaar
Aliases:
CVE-2021-37961
Use after free in Tab Strip in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
94.0.4606.71-0ubuntu0.18.04.1
Affected by 23 other vulnerabilities.
VCID-uvcd-3wju-aaad
Aliases:
CVE-2020-16004
Use after free in user interface in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
86.0.4240.198-0ubuntu0.18.04.1
Affected by 322 other vulnerabilities.
VCID-ux16-uyyw-aaag
Aliases:
CVE-2021-21168
Insufficient policy enforcement in appcache in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-uz4p-6yh4-aaaq
Aliases:
CVE-2021-30554
Use after free in WebGL in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-v3j1-5846-aaah
Aliases:
CVE-2021-21208
Insufficient data validation in QR scanner in Google Chrome on iOS prior to 90.0.4430.72 allowed an attacker displaying a QR code to perform domain spoofing via a crafted QR code.
90.0.4430.72-0ubuntu0.18.04.1
Affected by 178 other vulnerabilities.
VCID-v3uq-ath8-aaaa
Aliases:
CVE-2021-30619
Chromium: CVE-2021-30619 UI Spoofing in Autofill
93.0.4577.63-0ubuntu0.18.04.1
Affected by 51 other vulnerabilities.
VCID-v9ku-kfh2-aaar
Aliases:
CVE-2021-30562
Use after free in WebSerial in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-vaey-npy4-aaad
Aliases:
CVE-2021-30608
Chromium: CVE-2021-30608 Use after free in Web Share
93.0.4577.63-0ubuntu0.18.04.1
Affected by 51 other vulnerabilities.
VCID-vbxg-2597-aaap
Aliases:
CVE-2021-30630
Inappropriate implementation in Blink in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.
94.0.4606.71-0ubuntu0.18.04.1
Affected by 23 other vulnerabilities.
VCID-vec3-7743-aaah
Aliases:
CVE-2021-30550
Use after free in Accessibility in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
91.0.4472.101-0ubuntu0.18.04.1
Affected by 119 other vulnerabilities.
VCID-vjmr-unx6-aaas
Aliases:
CVE-2021-30524
Use after free in TabStrip in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-vmyf-7ff4-aaah
Aliases:
CVE-2021-37957
Use after free in WebGPU in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
94.0.4606.71-0ubuntu0.18.04.1
Affected by 23 other vulnerabilities.
VCID-vpgw-n6us-aaas
Aliases:
CVE-2020-15960
Heap buffer overflow in storage in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
85.0.4183.121-0ubuntu0.18.04.1
Affected by 364 other vulnerabilities.
VCID-vrn8-3ymt-aaaq
Aliases:
CVE-2021-21184
Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-vs6w-2u6h-aaag
Aliases:
CVE-2021-30598
Type confusion in V8 in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-vu62-4168-aaag
Aliases:
CVE-2021-37970
Use after free in File System API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
94.0.4606.71-0ubuntu0.18.04.1
Affected by 23 other vulnerabilities.
VCID-w426-pvdd-aaad
Aliases:
CVE-2021-21146
Use after free in Navigation in Google Chrome prior to 88.0.4324.146 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-w72h-8154-aaaa
Aliases:
CVE-2021-37969
Inappropriate implementation in Google Updater in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to perform local privilege escalation via a crafted file.
94.0.4606.71-0ubuntu0.18.04.1
Affected by 23 other vulnerabilities.
VCID-wby3-9k5f-aaac
Aliases:
CVE-2021-30567
Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to open DevTools to potentially exploit heap corruption via specific user gesture.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-wjxc-cnx6-aaah
Aliases:
CVE-2020-6574
Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially achieve privilege escalation via a crafted binary.
85.0.4183.121-0ubuntu0.18.04.1
Affected by 364 other vulnerabilities.
VCID-wp85-ug27-aaad
Aliases:
CVE-2021-30601
Use after free in Extensions API in Google Chrome prior to 92.0.4515.159 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-wpax-gcqs-aaad
Aliases:
CVE-2021-30544
Use after free in BFCache in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
91.0.4472.101-0ubuntu0.18.04.1
Affected by 119 other vulnerabilities.
VCID-wpym-nhze-aaap
Aliases:
CVE-2021-30529
Use after free in Bookmarks in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-wqjy-5bf5-aaaa
Aliases:
CVE-2021-30538
Insufficient policy enforcement in content security policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-wrgz-5tqg-aaan
Aliases:
CVE-2021-30617
Chromium: CVE-2021-30617 Policy bypass in Blink
93.0.4577.63-0ubuntu0.18.04.1
Affected by 51 other vulnerabilities.
VCID-wtmp-8ajh-aaae
Aliases:
CVE-2021-30611
Chromium: CVE-2021-30611 Use after free in WebRTC
93.0.4577.63-0ubuntu0.18.04.1
Affected by 51 other vulnerabilities.
VCID-wwwd-pbd4-aaaa
Aliases:
CVE-2021-30574
Use after free in protocol handling in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-wx4w-h14k-aaab
Aliases:
CVE-2021-21227
Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
90.0.4430.93-0ubuntu0.18.04.1
Affected by 166 other vulnerabilities.
VCID-wzv7-gsfx-aaag
Aliases:
CVE-2021-38003
Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
95.0.4638.69-0ubuntu0.18.04.1
Affected by 0 other vulnerabilities.
VCID-x2c4-v7ak-aaaj
Aliases:
CVE-2020-15978
Insufficient data validation in navigation in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.
86.0.4240.75-0ubuntu0.18.04.1
Affected by 337 other vulnerabilities.
VCID-x2v5-bwzp-aaaj
Aliases:
CVE-2021-21213
Use after free in WebMIDI in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
90.0.4430.72-0ubuntu0.18.04.1
Affected by 178 other vulnerabilities.
VCID-x5zx-emks-aaan
Aliases:
CVE-2021-30628
Stack buffer overflow in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page.
94.0.4606.71-0ubuntu0.18.04.1
Affected by 23 other vulnerabilities.
VCID-xa14-cerp-aaas
Aliases:
CVE-2021-21228
Insufficient policy enforcement in extensions in Google Chrome prior to 90.0.4430.93 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
90.0.4430.93-0ubuntu0.18.04.1
Affected by 166 other vulnerabilities.
VCID-xjzr-pyh3-aaaq
Aliases:
CVE-2020-16021
Race in image burner in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process to perform OS-level privilege escalation via a malicious file.
87.0.4280.66-0ubuntu0.18.04.1
Affected by 300 other vulnerabilities.
VCID-xrx2-pzbu-aaaa
Aliases:
CVE-2021-21117
Insufficient policy enforcement in Cryptohome in Google Chrome prior to 88.0.4324.96 allowed a local attacker to perform OS-level privilege escalation via a crafted file.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-xy3z-t1b1-aaah
Aliases:
CVE-2021-30551
Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
91.0.4472.101-0ubuntu0.18.04.1
Affected by 119 other vulnerabilities.
VCID-y383-pyzh-aaae
Aliases:
CVE-2021-21143
Heap buffer overflow in Extensions in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-ya3b-nhwv-aaab
Aliases:
CVE-2021-30568
Heap buffer overflow in WebGL in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-yays-pbtv-aaah
Aliases:
CVE-2021-30576
Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-ycvq-t6at-aaam
Aliases:
CVE-2021-30592
Out of bounds write in Tab Groups in Google Chrome prior to 92.0.4515.131 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-yczg-au6z-aaar
Aliases:
CVE-2021-30612
Chromium: CVE-2021-30612 Use after free in WebRTC
93.0.4577.63-0ubuntu0.18.04.1
Affected by 51 other vulnerabilities.
VCID-yd5d-jx5e-aaae
Aliases:
CVE-2020-16012
Side-channel information leakage in graphics in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
87.0.4280.66-0ubuntu0.18.04.1
Affected by 300 other vulnerabilities.
VCID-yf61-u86u-aaad
Aliases:
CVE-2021-21129
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-yh5e-1wxq-aaaj
Aliases:
CVE-2020-15976
Use after free in WebXR in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
86.0.4240.75-0ubuntu0.18.04.1
Affected by 337 other vulnerabilities.
VCID-yk56-qv47-aaam
Aliases:
CVE-2021-21116
Heap buffer overflow in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-yk9p-t7s8-aaad
Aliases:
CVE-2021-30565
Out of bounds write in Tab Groups in Google Chrome on Linux and ChromeOS prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-yqak-ev8k-aaag
Aliases:
CVE-2021-30599
Type confusion in V8 in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-yqu6-7usz-aaah
Aliases:
CVE-2021-37997
Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allowed a remote attacker who convinced a user to sign into Chrome to potentially exploit heap corruption via a crafted HTML page.
95.0.4638.69-0ubuntu0.18.04.1
Affected by 0 other vulnerabilities.
VCID-yuj7-tjfp-aaac
Aliases:
CVE-2021-30578
Uninitialized use in Media in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-yw1d-3hkt-aaac
Aliases:
CVE-2021-21189
Insufficient policy enforcement in payments in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-yysq-8a7d-aaae
Aliases:
CVE-2020-15973
Insufficient policy enforcement in extensions in Google Chrome prior to 86.0.4240.75 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension.
86.0.4240.75-0ubuntu0.18.04.1
Affected by 337 other vulnerabilities.
VCID-yz7y-mscm-aaaf
Aliases:
CVE-2020-16037
Use after free in clipboard in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-z1s6-g2ct-aaak
Aliases:
CVE-2021-30607
Chromium: CVE-2021-30607 Use after free in Permissions
93.0.4577.63-0ubuntu0.18.04.1
Affected by 51 other vulnerabilities.
VCID-z29k-7amm-aaak
Aliases:
CVE-2021-30622
Chromium: CVE-2021-30622 Use after free in WebApp Installs
93.0.4577.63-0ubuntu0.18.04.1
Affected by 51 other vulnerabilities.
VCID-zabm-2mhu-aaam
Aliases:
CVE-2020-16039
Use after free in extensions in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-zar7-rpw4-aaak
Aliases:
CVE-2021-21199
Use after free in Aura in Google Chrome on Linux prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
90.0.4430.72-0ubuntu0.18.04.1
Affected by 178 other vulnerabilities.
VCID-zdec-cqj8-aaam
Aliases:
CVE-2021-30577
Insufficient policy enforcement in Installer in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to perform local privilege escalation via a crafted file.
92.0.4515.159-0ubuntu0.18.04.1
Affected by 70 other vulnerabilities.
VCID-ze77-n35z-aaaa
Aliases:
CVE-2020-15980
Insufficient policy enforcement in Intents in Google Chrome on Android prior to 86.0.4240.75 allowed a local attacker to bypass navigation restrictions via crafted Intents.
86.0.4240.75-0ubuntu0.18.04.1
Affected by 337 other vulnerabilities.
VCID-zety-1gzd-aaac
Aliases:
CVE-2021-21233
Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
90.0.4430.93-0ubuntu0.18.04.1
Affected by 166 other vulnerabilities.
VCID-zg9t-q7am-aaag
Aliases:
CVE-2021-30507
Inappropriate implementation in Offline in Google Chrome on Android prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.
91.0.4472.77-0ubuntu0.18.04.1
Affected by 131 other vulnerabilities.
VCID-zpx3-nt4r-aaaa
Aliases:
CVE-2020-15988
Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 86.0.4240.75 allowed a remote attacker who convinced the user to open files to execute arbitrary code via a crafted HTML page.
86.0.4240.75-0ubuntu0.18.04.1
Affected by 337 other vulnerabilities.
VCID-zq4s-sjay-aaab
Aliases:
CVE-2020-15979
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
86.0.4240.75-0ubuntu0.18.04.1
Affected by 337 other vulnerabilities.
VCID-zwdp-t5vz-aaah
Aliases:
CVE-2021-37985
Use after free in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had convinced a user to allow for connection to debugger to potentially exploit heap corruption via a crafted HTML page.
95.0.4638.69-0ubuntu0.18.04.1
Affected by 0 other vulnerabilities.
VCID-zwtz-c2r1-aaaq
Aliases:
CVE-2021-21160
Heap buffer overflow in WebAudio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-zwud-pxjz-aaae
Aliases:
CVE-2021-21128
Heap buffer overflow in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
89.0.4389.82-0ubuntu0.18.04.1
Affected by 205 other vulnerabilities.
VCID-zytu-ehu5-aaan
Aliases:
CVE-2021-38002
Use after free in Web Transport in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
95.0.4638.69-0ubuntu0.18.04.1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version