CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
701 CVE-2021-21230 843 2021-04-30 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Type confusion in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
702 CVE-2021-21227 787 2021-04-30 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
703 CVE-2021-21226 416 2021-04-26 2021-06-03
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in navigation in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
704 CVE-2021-21225 119 Overflow Mem. Corr. 2021-04-26 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Out of bounds memory access in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
705 CVE-2021-21224 843 Exec Code 2021-04-26 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
706 CVE-2021-21223 190 Overflow 2021-04-26 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in Mojo in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
707 CVE-2021-21220 119 Overflow 2021-04-26 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
708 CVE-2021-21214 416 2021-04-26 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Network API in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension.
709 CVE-2021-21213 416 2021-04-26 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in WebMIDI in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
710 CVE-2021-21207 416 2021-04-26 2021-06-03
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in IndexedDB in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
711 CVE-2021-21206 416 2021-04-26 2021-06-03
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Blink in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
712 CVE-2021-21204 416 2021-04-26 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Blink in Google Chrome on OS X prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
713 CVE-2021-21203 416 2021-04-26 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Blink in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
714 CVE-2021-21202 416 2021-04-26 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in extensions in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
715 CVE-2021-21201 416 2021-04-26 2021-06-02
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in permissions in Google Chrome prior to 90.0.4430.72 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
716 CVE-2021-21199 416 2021-04-09 2021-06-02
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Aura in Google Chrome on Linux prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
717 CVE-2021-21197 787 Overflow 2021-04-09 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
718 CVE-2021-21196 787 Overflow 2021-04-09 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in TabStrip in Google Chrome on Windows prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
719 CVE-2021-21195 416 2021-04-09 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
720 CVE-2021-21194 416 2021-04-09 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
721 CVE-2021-21193 416 2021-03-16 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
722 CVE-2021-21192 787 Overflow 2021-03-16 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in tab groups in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
723 CVE-2021-21191 416 2021-03-16 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in WebRTC in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
724 CVE-2021-21190 908 +Info 2021-03-09 2021-04-07
6.8
None Remote Medium Not required Partial Partial Partial
Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.
725 CVE-2021-21188 416 2021-03-09 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Blink in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
726 CVE-2021-21180 416 2021-03-09 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in tab search in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
727 CVE-2021-21179 416 2021-03-09 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Network Internals in Google Chrome on Linux prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
728 CVE-2021-21174 Bypass 2021-03-09 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Inappropriate implementation in Referrer in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
729 CVE-2021-21169 119 Overflow 2021-03-09 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Out of bounds memory access in V8 in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
730 CVE-2021-21167 416 2021-03-09 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in bookmarks in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
731 CVE-2021-21166 119 Overflow 2021-03-09 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
732 CVE-2021-21165 119 Overflow 2021-03-09 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
733 CVE-2021-21162 416 2021-03-09 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in WebRTC in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
734 CVE-2021-21161 787 Overflow 2021-03-09 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
735 CVE-2021-21160 787 Overflow 2021-03-09 2021-05-19
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in WebAudio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
736 CVE-2021-21159 787 Overflow 2021-03-09 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
737 CVE-2021-21157 416 2021-02-22 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
738 CVE-2021-21156 787 Overflow 2021-02-22 2021-05-17
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted script.
739 CVE-2021-21155 787 Overflow 2021-02-22 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in Tab Strip in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
740 CVE-2021-21154 787 Overflow 2021-02-22 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in Tab Strip in Google Chrome prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
741 CVE-2021-21153 787 Overflow 2021-02-22 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Stack buffer overflow in GPU Process in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
742 CVE-2021-21152 787 Overflow 2021-02-22 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in Media in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
743 CVE-2021-21151 416 2021-02-22 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Payments in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
744 CVE-2021-21150 416 2021-02-22 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Downloads in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
745 CVE-2021-21149 787 Overflow 2021-02-22 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Stack buffer overflow in Data Transfer in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.
746 CVE-2021-21148 787 Overflow 2021-02-09 2021-05-17
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
747 CVE-2021-21146 416 2021-02-09 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Navigation in Google Chrome prior to 88.0.4324.146 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
748 CVE-2021-21145 416 2021-02-09 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Fonts in Google Chrome prior to 88.0.4324.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
749 CVE-2021-21144 787 Overflow 2021-02-09 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in Tab Groups in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.
750 CVE-2021-21143 787 Overflow 2021-02-09 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in Extensions in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.