CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google » Chrome » * * * * : Security Vulnerabilities

Cpe Name:cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2021-30543 416 2021-06-07 2021-06-09
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Tab Strip in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
2 CVE-2021-30542 416 2021-06-07 2021-06-09
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Tab Strip in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
3 CVE-2021-30540 20 2021-06-07 2021-06-09
4.3
None Remote Medium Not required None Partial None
Incorrect security UI in payments in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
4 CVE-2021-30539 863 Bypass 2021-06-07 2021-06-09
5.8
None Remote Medium Not required Partial Partial None
Insufficient policy enforcement in content security policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page.
5 CVE-2021-30538 863 Bypass 2021-06-07 2021-06-10
4.3
None Remote Medium Not required None Partial None
Insufficient policy enforcement in content security policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page.
6 CVE-2021-30537 863 Bypass 2021-06-07 2021-06-10
4.3
None Remote Medium Not required None Partial None
Insufficient policy enforcement in cookies in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass cookie policy via a crafted HTML page.
7 CVE-2021-30536 125 2021-06-07 2021-06-10
5.8
None Remote Medium Not required Partial None Partial
Out of bounds read in V8 in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page.
8 CVE-2021-30535 415 2021-06-07 2021-06-10
6.8
None Remote Medium Not required Partial Partial Partial
Double free in ICU in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
9 CVE-2021-30534 863 Bypass 2021-06-07 2021-06-11
4.3
None Remote Medium Not required None Partial None
Insufficient policy enforcement in iFrameSandbox in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
10 CVE-2021-30533 863 Bypass 2021-06-07 2021-06-10
4.3
None Remote Medium Not required None Partial None
Insufficient policy enforcement in PopupBlocker in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass navigation restrictions via a crafted iframe.
11 CVE-2021-30532 863 Bypass 2021-06-07 2021-06-11
4.3
None Remote Medium Not required None Partial None
Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page.
12 CVE-2021-30531 863 Bypass 2021-06-07 2021-06-10
4.3
None Remote Medium Not required None Partial None
Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page.
13 CVE-2021-30530 119 Overflow 2021-06-07 2021-06-09
6.8
None Remote Medium Not required Partial Partial Partial
Out of bounds memory access in WebAudio in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.
14 CVE-2021-30529 416 2021-06-07 2021-06-09
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Bookmarks in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
15 CVE-2021-30527 416 2021-06-07 2021-06-09
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in WebUI in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
16 CVE-2021-30526 787 2021-06-07 2021-06-09
6.8
None Remote Medium Not required Partial Partial Partial
Out of bounds write in TabStrip in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page.
17 CVE-2021-30525 416 2021-06-07 2021-06-09
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in TabGroups in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
18 CVE-2021-30524 416 2021-06-07 2021-06-09
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in TabStrip in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
19 CVE-2021-30523 416 2021-06-07 2021-06-09
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in WebRTC in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet.
20 CVE-2021-30522 416 2021-06-07 2021-06-09
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in WebAudio in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21 CVE-2021-30520 416 2021-06-04 2021-06-08
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Tab Strip in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
22 CVE-2021-30519 416 2021-06-04 2021-06-08
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Payments in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious payments app to potentially exploit heap corruption via a crafted HTML page.
23 CVE-2021-30518 787 Overflow 2021-06-04 2021-06-08
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in Reader Mode in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
24 CVE-2021-30517 843 2021-06-04 2021-06-08
6.8
None Remote Medium Not required Partial Partial Partial
Type confusion in V8 in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
25 CVE-2021-30516 787 Overflow 2021-06-04 2021-06-09
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in History in Google Chrome prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
26 CVE-2021-30515 416 2021-06-04 2021-06-09
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in File API in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
27 CVE-2021-30514 416 2021-06-04 2021-06-09
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Autofill in Google Chrome prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
28 CVE-2021-30513 843 2021-06-04 2021-06-09
6.8
None Remote Medium Not required Partial Partial Partial
Type confusion in V8 in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
29 CVE-2021-30512 416 2021-06-04 2021-06-09
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Notifications in Google Chrome prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
30 CVE-2021-30511 125 2021-06-04 2021-06-09
5.8
None Remote Medium Not required Partial None Partial
Out of bounds read in Tab Groups in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted HTML page.
31 CVE-2021-30510 416 2021-06-04 2021-06-09
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Aura in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
32 CVE-2021-30509 787 2021-06-04 2021-06-09
6.8
None Remote Medium Not required Partial Partial Partial
Out of bounds write in Tab Strip in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page and a crafted Chrome extension.
33 CVE-2021-30508 787 Overflow 2021-06-04 2021-06-09
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in Media Feeds in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to enable certain features in Chrome to potentially exploit heap corruption via a crafted HTML page.
34 CVE-2021-21232 416 2021-04-30 2021-06-02
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Dev Tools in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
35 CVE-2021-21231 345 2021-04-30 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
36 CVE-2021-21230 843 2021-04-30 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Type confusion in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
37 CVE-2021-21228 863 Bypass 2021-04-30 2021-06-01
4.3
None Remote Medium Not required None Partial None
Insufficient policy enforcement in extensions in Google Chrome prior to 90.0.4430.93 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
38 CVE-2021-21227 787 2021-04-30 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
39 CVE-2021-21226 416 2021-04-26 2021-06-03
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in navigation in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
40 CVE-2021-21225 119 Overflow Mem. Corr. 2021-04-26 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Out of bounds memory access in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
41 CVE-2021-21224 843 Exec Code 2021-04-26 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
42 CVE-2021-21223 190 Overflow 2021-04-26 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in Mojo in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
43 CVE-2021-21222 787 Overflow Bypass 2021-04-26 2021-06-01
4.3
None Remote Medium Not required Partial None None
Heap buffer overflow in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.
44 CVE-2021-21221 20 2021-04-26 2021-06-01
4.3
None Remote Medium Not required Partial None None
Insufficient validation of untrusted input in Mojo in Google Chrome prior to 90.0.4430.72 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.
45 CVE-2021-21220 119 Overflow 2021-04-26 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
46 CVE-2021-21219 200 +Info 2021-04-26 2021-06-01
4.3
None Remote Medium Not required Partial None None
Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.
47 CVE-2021-21218 908 +Info 2021-04-26 2021-06-01
4.3
None Remote Medium Not required Partial None None
Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.
48 CVE-2021-21217 200 +Info 2021-04-26 2021-06-01
4.3
None Remote Medium Not required Partial None None
Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.
49 CVE-2021-21216 290 2021-04-26 2021-06-01
4.3
None Remote Medium Not required None Partial None
Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to spoof security UI via a crafted HTML page.
50 CVE-2021-21215 290 2021-04-26 2021-06-01
4.3
None Remote Medium Not required None Partial None
Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to spoof security UI via a crafted HTML page.
Total number of vulnerabilities : 2102   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.