24 matches found
Exploit for Out-of-bounds Write in Google Chrome
Exploitation of CVE-2021-21220 From Incorrect JIT Behavior...
Google Releases Urgent Chrome Update to Patch 2 Actively Exploited 0-Day Bugs
Google on Thursday rolled out an emergency update for its Chrome web browser, including fixes for two zero-day vulnerabilities that it says are being actively exploited in the wild. Tracked as CVE-2021-38000 and CVE-2021-38003, the weaknesses relate to insufficient validation of untrusted input i...
New Chrome 0-Day Bug Under Active Attacks – Update Your Browser ASAP!
Attention readers, if you are using Google Chrome browser on your Windows, Mac, or Linux computers, you need to update it immediately to the latest version Google released earlier today. The internet services company has rolled out an urgent update to the browser to address 14 newly discovered...
Fedora: Security Advisory for chromium (FEDORA-2021-c3754414e7)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Google Chrome XOR Typer Out-Of-Bounds Access / Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Google Chrome versions before 89.0.4389.128 V8 XOR Typer Out-Of-Bounds Access RCE', 'Description' = %q This module exploits an issue in the V8...
CVE-2021-21220
Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2021-21220
Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2021-21220
Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2021-21220
Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2021-21220
CVE-2021-21220 is a V8 heap‑corruption risk in Google Chrome (Chromium-based) due to insufficient validation of untrusted input. Affected are Chrome versions prior to 89.0.4389.128; Chrome/Chromium updates fixed to 89.0.4389.128. Connected advisories note exploitation in the wild and attribution ...
CVE-2021-21220
Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
openSUSE: Security Advisory for chromium (openSUSE-SU-2021:0567-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
KLA12183 Multiple vulnerabilities in Opera
Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A use after free vulnerability in Blink can be exploited to cause denia...
openSUSE Security Update : chromium (openSUSE-2021-567)
This update for chromium fixes the following issues : - Chromium 89.0.4389.128 boo1184700 : - CVE-2021-21206: Use after free in blink - CVE-2021-21220: Insufficient validation of untrusted input in v8 for x8664 C Tenable Network Security, Inc. The descriptive text and package checks in this plugi...
Security update for chromium (critical)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2021:0575-1 Rating: critical References: 1184700 Cross-References: CVE-2021-21206 CVE-2021-21220 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixes two vulnerabilities is now available...
OPENSUSE-SU-2021:0567-1 Security update for chromium
This update for chromium fixes the following issues: - Chromium 89.0.4389.128 boo1184700: CVE-2021-21206: Use after free in blink CVE-2021-21220: Insufficient validation of untrusted input in v8 for x8664...
Security update for chromium (critical)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2021:0567-1 Rating: critical References: 1184700 Cross-References: CVE-2021-21206 CVE-2021-21220 Affected Products: openSUSE Leap 15.2 An update that fixes two vulnerabilities is now available. Description: This...
FreeBSD : chromium -- multiple vulnerabilities (7c0d71a9-9d48-11eb-97a0-e09467587c17)
Chrome Releases reports : This release contains two security fixes : - 1196781 High CVE-2021-21206: Use after free in Blink. Reported by Anonymous on 2021-04-07 - 1196683 High CVE-2021-21220: Insufficient validation of untrusted input in V8 for x8664. Reported by Bruno Keith @bkth and Niklas...
Microsoft Edge (Chromium) < 89.0.774.77 Multiple Vulnerabilities
The version of Microsoft Edge installed on the remote Windows host is prior to 89.0.774.77. It is, therefore, affected by multiple vulnerabilities as referenced in the April 14, 2021 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's...
Chromium: CVE-2021-21220 Insufficient validation of untrusted input in V8 for x86_64
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Microsoft is aware of reports that exploits for CVE-2021-21220 exist in the wild...