25 matches found
SUSE CVE-2021-37973
Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...
Fedora: Security Advisory for qt5-qtwebengine (FEDORA-2022-ecdf338eb1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Debian DSA-5046-1 : chromium - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5046 advisory. - Use after free in Offline use in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentiall...
Fedora: Security Advisory for chromium (FEDORA-2021-591b3a2af0)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Google Releases Urgent Chrome Update to Patch 2 Actively Exploited 0-Day Bugs
Google on Thursday rolled out an emergency update for its Chrome web browser, including fixes for two zero-day vulnerabilities that it says are being actively exploited in the wild. Tracked as CVE-2021-38000 and CVE-2021-38003, the weaknesses relate to insufficient validation of untrusted input i...
openSUSE 15 Security Update : chromium (openSUSE-SU-2021:1350-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1350-1 advisory. - Use after free in Offline use in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker who had compromised the rendere...
CVE-2021-37973
Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...
DEBIAN-CVE-2021-37973
Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...
CVE-2021-37973
CVE-2021-37973 is a use-after-free vulnerability in Chrome’s Portals, fixed in Chrome 94.0.4606.61. Details across connected sources confirm the flaw exists in Portals code when a renderer is compromised, enabling a sandbox escape via a crafted HTML page and potentially high impact (network vecto...
CVE-2021-37973
Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...
CVE-2021-37973
Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...
Fedora: Security Advisory for chromium (FEDORA-2021-bc2770caed)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
KLA12302 Use after free vulnerability in Opera
Use after free vulnerability was found in Opera. Malicious users can exploit this vulnerability to execute arbitrary code, cause denial of service. Original advisories Changelog for Opera 80 Stable Channel Update for Desktop Related products Opera CVE list CVE-2021-37973 unknown Solution Update t...
FreeBSD : chromium -- use after free in Portals (b6c875f1-1d76-11ec-ae80-704d7b472482)
Chrome Releases reports : 1251727 High CVE-2021-37973 : Use after free in Portals. Reported by Clement Lecigne from Google TAG, with technical assistance from Sergei Glazunov and Mark Brand from Google Project Zero on 2021-09-21 Google is aware that an exploit for CVE-2021-37973 exists in the wil...
Minor update (2) for Vivaldi Desktop Browser 4.2
Download Vivaldi The following improvements were made since the first 4.2 stable, minor update: Chromium Upgraded to 93.0.4577.99: includes fix for CVE-2021-37973 LinuxMedia Proprietary media does not play on ARM VB-83149 macOS Maximized window size lost from fullscreen video VB-82933 Search Add...
CVE-2021-37973
creationtimestamp| type| source ---|---|--- 2021-09-25 07:38:20+00:00| exploited| https://t.me/cKure/7278 2021-09-27 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=660 2021-09-27 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=659 2021-09-27...
Urgent Chrome Update Released to Patch Actively Exploited Zero-Day Vulnerability
Google on Friday rolled out an emergency security patch to its Chrome web browser to address a security flaw that's known to have an exploit in the wild. Tracked as CVE-2021-37973, the vulnerability has been described as use after free in Portals API, a web page navigation system that enables a...
Chromium: CVE-2021-37973 Use after free in Portals
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware that an exploit for CVE-2021-37973 exists in the wild...
KLA12298 Use after free vulnerability in Google Chrome
Use after free vulnerability was found in Google Chrome. Malicious users can exploit this vulnerability to execute arbitrary code, cause denial of service. Original advisories Stable Channel Update for Desktop Related products Google-Chrome CVE list CVE-2021-37973 unknown Solution Update to the...
Google Releases Security Updates for Chrome
Google has released Chrome version 94.0.4606.61 for Windows, Mac, and Linux. This version addresses a vulnerability—CVE-2021-37973—that an attacker could exploit to take control of an affected system. An exploit for this vulnerability exists in the wild. CISA encourages users and administrators t...