CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
701 CVE-2021-21231 345 2021-04-30 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
702 CVE-2021-21230 843 2021-04-30 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Type confusion in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
703 CVE-2021-21227 787 2021-04-30 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
704 CVE-2021-21226 416 2021-04-26 2021-06-03
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in navigation in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
705 CVE-2021-21225 119 Overflow Mem. Corr. 2021-04-26 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Out of bounds memory access in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
706 CVE-2021-21224 843 Exec Code 2021-04-26 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
707 CVE-2021-21223 190 Overflow 2021-04-26 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in Mojo in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
708 CVE-2021-21220 119 Overflow 2021-04-26 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
709 CVE-2021-21214 416 2021-04-26 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Network API in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension.
710 CVE-2021-21213 416 2021-04-26 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in WebMIDI in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
711 CVE-2021-21207 416 2021-04-26 2021-06-03
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in IndexedDB in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
712 CVE-2021-21206 416 2021-04-26 2021-06-03
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Blink in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
713 CVE-2021-21204 416 2021-04-26 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Blink in Google Chrome on OS X prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
714 CVE-2021-21203 416 2021-04-26 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Blink in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
715 CVE-2021-21202 416 2021-04-26 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in extensions in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
716 CVE-2021-21201 416 2021-04-26 2021-06-02
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in permissions in Google Chrome prior to 90.0.4430.72 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
717 CVE-2021-21199 416 2021-04-09 2021-06-02
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Aura in Google Chrome on Linux prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
718 CVE-2021-21197 787 Overflow 2021-04-09 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
719 CVE-2021-21196 787 Overflow 2021-04-09 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in TabStrip in Google Chrome on Windows prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
720 CVE-2021-21195 416 2021-04-09 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
721 CVE-2021-21194 416 2021-04-09 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
722 CVE-2021-21193 416 2021-03-16 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
723 CVE-2021-21192 787 Overflow 2021-03-16 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in tab groups in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
724 CVE-2021-21191 416 2021-03-16 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in WebRTC in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
725 CVE-2021-21190 908 +Info 2021-03-09 2021-04-07
6.8
None Remote Medium Not required Partial Partial Partial
Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.
726 CVE-2021-21188 416 2021-03-09 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Blink in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
727 CVE-2021-21180 416 2021-03-09 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in tab search in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
728 CVE-2021-21179 416 2021-03-09 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Network Internals in Google Chrome on Linux prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
729 CVE-2021-21174 Bypass 2021-03-09 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Inappropriate implementation in Referrer in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
730 CVE-2021-21169 119 Overflow 2021-03-09 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Out of bounds memory access in V8 in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
731 CVE-2021-21167 416 2021-03-09 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in bookmarks in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
732 CVE-2021-21166 119 Overflow 2021-03-09 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
733 CVE-2021-21165 119 Overflow 2021-03-09 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
734 CVE-2021-21162 416 2021-03-09 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in WebRTC in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
735 CVE-2021-21161 787 Overflow 2021-03-09 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
736 CVE-2021-21160 787 Overflow 2021-03-09 2021-05-19
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in WebAudio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
737 CVE-2021-21159 787 Overflow 2021-03-09 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
738 CVE-2021-21157 416 2021-02-22 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
739 CVE-2021-21156 787 Overflow 2021-02-22 2021-05-17
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted script.
740 CVE-2021-21155 787 Overflow 2021-02-22 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in Tab Strip in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
741 CVE-2021-21154 787 Overflow 2021-02-22 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in Tab Strip in Google Chrome prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
742 CVE-2021-21153 787 Overflow 2021-02-22 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Stack buffer overflow in GPU Process in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
743 CVE-2021-21152 787 Overflow 2021-02-22 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in Media in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
744 CVE-2021-21151 416 2021-02-22 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Payments in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
745 CVE-2021-21150 416 2021-02-22 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Downloads in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
746 CVE-2021-21149 787 Overflow 2021-02-22 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Stack buffer overflow in Data Transfer in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.
747 CVE-2021-21148 787 Overflow 2021-02-09 2021-05-17
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
748 CVE-2021-21146 416 2021-02-09 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Navigation in Google Chrome prior to 88.0.4324.146 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
749 CVE-2021-21145 416 2021-02-09 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Fonts in Google Chrome prior to 88.0.4324.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
750 CVE-2021-21144 787 Overflow 2021-02-09 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in Tab Groups in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.
Total number of vulnerabilities : 22306   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 (This Page)16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.