CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в chromium

Insufficient validation of untrusted input in Mojo in Google Chrome prior to 90.0.4430.72 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page...

6.5CVSS6.7AI score0.01026EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в chromium

Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to spoof security UI via a crafted HTML page...

6.5CVSS6.6AI score0.0108EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в chromium

Before version 90.0.4430.72, using the "after free" mechanism in the Network API of Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted Chrome Extension...

8.8CVSS7.3AI score0.01303EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в chromium

Insufficient data validation in the QR scanner in Google Chrome on iOS prior to version 90.0.4430.72 allowed an attacker who displayed a QR code to perform domain spoofing using a specially crafted QR code...

6.5CVSS7.1AI score0.00427EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в chromium

Using "after free" in Blink in Google Chrome before version 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.0146EPSS

CNNVD•added 2023/07/29 12:0 a.m.•2 views

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc. A security vulnerability previously existed in Google Chrome version 90.0.4430.72, which stemmed from an insufficient validation of untrusted inputs in Extensions...

6.5CVSS6.9AI score0.00064EPSS

Exploits1References4

SUSE CVE•added 2023/02/15 3:46 a.m.•1 views

SUSE CVE-2021-21205

Insufficient policy enforcement in navigation in Google Chrome on iOS prior to 90.0.4430.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...

8.1CVSS7.7AI score0.00709EPSS

Exploits0References4

CNNVD•added 2022/06/09 12:0 a.m.•2 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser from Google, Inc. and V8 is an open source JavaScript engine. A resource management error vulnerability exists in Google Chrome versions 90.0.4430.72 through 102.0.5005.63, which stems from a boundary error in WebGL. A remote attacker could exploit this vulnerabilit...

8.8CVSS8.2AI score0.01047EPSS

Exploits0References10

CNNVD•added 2022/06/09 12:0 a.m.•2 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser from Google, Inc.V8 is an open source JavaScript engine. A resource management error vulnerability exists in Google Chrome versions 90.0.4430.72 through 102.0.5005.63, which stems from a post-release reuse error in the WebGPU component. A remote attacker could explo...

8.8CVSS8.2AI score0.01084EPSS

Exploits0References11

CNNVD•added 2022/06/09 12:0 a.m.•1 views

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser from Google, Inc. and V8 is an open source JavaScript engine. A buffer error vulnerability exists in Google Chrome versions 90.0.4430.72 through 102.0.5005.63, which stems from the presence of a boundary condition in the synthesis component. A remote attacker could...

9.3CVSS8.4AI score0.01124EPSS

Exploits0References12

Securelist•added 2021/06/08 5:32 p.m.•407 views

PuzzleMaker attacks with Chrome zero-day exploit chain

On April 14-15, 2021, Kaspersky technologies detected a wave of highly targeted attacks against multiple companies. Closer analysis revealed that all these attacks exploited a chain of Google Chrome and Microsoft Windows zero-day exploits. While we were not able to retrieve the exploit used for...

9.3CVSS9.3AI score0.91237EPSS

Exploits12

OSV•added 2021/04/26 5:15 p.m.•1 views

DEBIAN-CVE-2021-21202

Use after free in extensions in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension...

8.6CVSS7.9AI score0.00147EPSS

OSV•added 2021/04/26 5:15 p.m.•2 views

DEBIAN-CVE-2021-21211

Inappropriate implementation in Navigation in Google Chrome on iOS prior to 90.0.4430.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

6.5CVSS7.2AI score0.0063EPSS

6.5CVSS6.8AI score0.00427EPSS

UBUNTU-CVE-2021-21208

Insufficient data validation in QR scanner in Google Chrome on iOS prior to 90.0.4430.72 allowed an attacker displaying a QR code to perform domain spoofing via a crafted QR code...

8.8CVSS7.3AI score0.0146EPSS

UBUNTU-CVE-2021-21203

Use after free in Blink in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.3AI score0.01789EPSS

UBUNTU-CVE-2021-21213

Use after free in WebMIDI in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

UbuntuCve•added 2021/04/26 5:15 p.m.•21 views

CVE-2021-21203

Use after free in Blink in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.2AI score0.0146EPSS

UbuntuCve•added 2021/04/26 5:15 p.m.•25 views

CVE-2021-21214

Use after free in Network API in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension...

8.8CVSS7.3AI score0.01303EPSS

9.6CVSS7.3AI score0.01108EPSS

UBUNTU-CVE-2021-21201

Use after free in permissions in Google Chrome prior to 90.0.4430.72 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...