Lucene search

Edge Chromium Security Vulnerabilities

cve

CVE-2020-1195

An elevation of privilege vulnerability exists in Microsoft Edge (Chromium-based) when the Feedback extension improperly validates input, aka 'Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability'.

5.9CVSS

5.9AI Score

0.001EPSS

2020-05-21 11:15 PM

cve

CVE-2020-1220

A spoofing vulnerability exists when theMicrosoft Edge (Chromium-based) in IE Mode improperly handles specific redirects, aka 'Microsoft Edge (Chromium-based) in IE Mode Spoofing Vulnerability'.

6.1CVSS

6.9AI Score

0.002EPSS

2020-06-09 08:15 PM

cve

CVE-2020-16009

Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS

8.6AI Score

0.805EPSS

2020-11-03 03:15 AM

1168

In Wild

cve

CVE-2020-16884

<p>A remote code execution vulnerability exists in the way that the IEToEdge Browser Helper Object (BHO) plugin on Internet Explorer handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An a...

4.2CVSS

6.3AI Score

0.005EPSS

2020-09-11 05:15 PM

cve

CVE-2021-21118

Insufficient data validation in V8 in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

8.8CVSS

8.3AI Score

0.003EPSS

2021-02-09 02:15 PM

156

cve

CVE-2021-21119

Use after free in Media in Google Chrome prior to 88.0.4324.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS

9AI Score

0.003EPSS

2021-02-09 02:15 PM

173

cve

CVE-2021-21120

Use after free in WebSQL in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS

9AI Score

0.003EPSS

2021-02-09 02:15 PM

167

cve

CVE-2021-21121

Use after free in Omnibox in Google Chrome on Linux prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.

9.6CVSS

9.2AI Score

0.003EPSS

2021-02-09 02:15 PM

173

cve

CVE-2021-21122

Use after free in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS

9AI Score

0.003EPSS

2021-02-09 02:15 PM

168

cve

CVE-2021-21123

Insufficient data validation in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.

6.5CVSS

6.5AI Score

0.001EPSS

2021-02-09 02:15 PM

180

cve

CVE-2021-21124

Potential user after free in Speech Recognizer in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.

9.6CVSS

8.8AI Score

0.002EPSS

2021-02-09 02:15 PM

130

cve

CVE-2021-21125

Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.

8.1CVSS

7.7AI Score

0.001EPSS

2021-02-09 02:15 PM

142

cve

CVE-2021-21126

Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension.

6.5CVSS

6.6AI Score

0.002EPSS

2021-02-09 02:15 PM

176

cve

CVE-2021-21127

Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass content security policy via a crafted Chrome Extension.

8.8CVSS

8.1AI Score

0.004EPSS

2021-02-09 02:15 PM

168

cve

CVE-2021-21128

Heap buffer overflow in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS

8.9AI Score

0.004EPSS

2021-02-09 02:15 PM

163

cve

CVE-2021-21129

Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.

6.5CVSS

6.5AI Score

0.001EPSS

2021-02-09 02:15 PM

160

cve

CVE-2021-21130

Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.

6.5CVSS

6.5AI Score

0.001EPSS

2021-02-09 02:15 PM

159

cve

CVE-2021-21131

Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.

6.5CVSS

6.5AI Score

0.001EPSS

2021-02-09 02:15 PM

159

cve

CVE-2021-21132

Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension.

9.6CVSS

8.7AI Score

0.002EPSS

2021-02-09 02:15 PM

183

cve

CVE-2021-21133

Insufficient policy enforcement in Downloads in Google Chrome prior to 88.0.4324.96 allowed an attacker who convinced a user to download files to bypass navigation restrictions via a crafted HTML page.

6.5CVSS

6.6AI Score

0.002EPSS

2021-02-09 02:15 PM

140

cve

CVE-2021-21134

Incorrect security UI in Page Info in Google Chrome on iOS prior to 88.0.4324.96 allowed a remote attacker to spoof security UI via a crafted HTML page.

6.5CVSS

6.4AI Score

0.001EPSS

2021-02-09 02:15 PM

133

cve

CVE-2021-21135

Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

6.5CVSS

6.4AI Score

0.002EPSS

2021-02-09 02:15 PM

175

cve

CVE-2021-21136

Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

6.5CVSS

6.3AI Score

0.002EPSS

2021-02-09 02:15 PM

135

cve

CVE-2021-21137

Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.

6.5CVSS

6.4AI Score

0.003EPSS

2021-02-09 02:15 PM

163

cve

CVE-2021-21139

Inappropriate implementation in iframe sandbox in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

6.5CVSS

6.7AI Score

0.002EPSS

2021-02-09 02:15 PM

147

cve

CVE-2021-21157

Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS

9AI Score

0.005EPSS

2021-02-22 10:15 PM

791

cve

CVE-2021-24113

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

5.4CVSS

7AI Score

0.002EPSS

2021-02-25 11:15 PM

cve

CVE-2021-26436

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

6.1CVSS

6.7AI Score

0.001EPSS

2021-09-02 11:15 PM

cve

CVE-2021-30606

Chromium: CVE-2021-30606 Use after free in Blink

8.8CVSS

8.2AI Score

0.01EPSS

2021-09-03 08:15 PM

153

cve

CVE-2021-30607

Chromium: CVE-2021-30607 Use after free in Permissions

8.8CVSS

8.2AI Score

0.01EPSS

2021-09-03 08:15 PM

134

cve

CVE-2021-30608

Chromium: CVE-2021-30608 Use after free in Web Share

8.8CVSS

8.2AI Score

0.003EPSS

2021-09-03 08:15 PM

144

cve

CVE-2021-30609

Chromium: CVE-2021-30609 Use after free in Sign-In

8.8CVSS

8.2AI Score

0.01EPSS

2021-09-03 08:15 PM

137

cve

CVE-2021-30610

Chromium: CVE-2021-30610 Use after free in Extensions API

8.8CVSS

8.2AI Score

0.009EPSS

2021-09-03 08:15 PM

154

cve

CVE-2021-30611

Chromium: CVE-2021-30611 Use after free in WebRTC

8.8CVSS

8.2AI Score

0.003EPSS

2021-09-03 08:15 PM

139

cve

CVE-2021-30612

Chromium: CVE-2021-30612 Use after free in WebRTC

8.8CVSS

8.2AI Score

0.003EPSS

2021-09-03 08:15 PM

156

cve

CVE-2021-30613

Chromium: CVE-2021-30613 Use after free in Base internals

8.8CVSS

8.6AI Score

0.01EPSS

2021-09-03 08:15 PM

141

cve

CVE-2021-30614

Chromium: CVE-2021-30614 Heap buffer overflow in TabStrip

8.8CVSS

8.1AI Score

0.045EPSS

2021-09-03 08:15 PM

144

cve

CVE-2021-30615

Chromium: CVE-2021-30615 Cross-origin data leak in Navigation

6.5CVSS

7.1AI Score

0.006EPSS

2021-09-03 08:15 PM

142

cve

CVE-2021-30616

Chromium: CVE-2021-30616 Use after free in Media

8.8CVSS

8.6AI Score

0.01EPSS

2021-09-03 08:15 PM

136

cve

CVE-2021-30617

Chromium: CVE-2021-30617 Policy bypass in Blink

6.5CVSS

7.2AI Score

0.002EPSS

2021-09-03 08:15 PM

155

In Wild

cve

CVE-2021-30618

Chromium: CVE-2021-30618 Inappropriate implementation in DevTools

8.8CVSS

8.2AI Score

0.007EPSS

2021-09-03 08:15 PM

151

cve

CVE-2021-30619

Chromium: CVE-2021-30619 UI Spoofing in Autofill

6.5CVSS

7.2AI Score

0.002EPSS

2021-09-03 08:15 PM

143

cve

CVE-2021-30620

Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink

8.8CVSS

7.8AI Score

0.007EPSS

2021-09-03 08:15 PM

148

cve

CVE-2021-30621

Chromium: CVE-2021-30621 UI Spoofing in Autofill

6.5CVSS

7.2AI Score

0.002EPSS

2021-09-03 08:15 PM

147

cve

CVE-2021-30622

Chromium: CVE-2021-30622 Use after free in WebApp Installs

8.8CVSS

8.2AI Score

0.003EPSS

2021-09-03 08:15 PM

133

cve

CVE-2021-30623

Chromium: CVE-2021-30623 Use after free in Bookmarks

8.8CVSS

8.2AI Score

0.01EPSS

2021-09-03 08:15 PM

146

cve

CVE-2021-30624

Chromium: CVE-2021-30624 Use after free in Autofill

8.8CVSS

8.2AI Score

0.01EPSS

2021-09-03 08:15 PM

219

cve

CVE-2021-31937

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

8.2CVSS

8AI Score

0.001EPSS

2023-06-28 06:15 PM

cve

CVE-2021-31982

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

8.8CVSS

8.4AI Score

0.003EPSS

2023-07-01 12:15 AM

cve

CVE-2021-33741

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

8.2CVSS

7.4AI Score

0.004EPSS

2021-06-08 11:15 PM

382

Total number of security vulnerabilities174