Lucene search
+L

5129 matches found

Cvelist
Cvelist
added 2021/12/23 12:45 a.m.18 views

CVE-2021-4062

Heap buffer overflow in BFCache in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page...

9.2AI score0.01423EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2021/12/23 12:45 a.m.38 views

CVE-2021-4062

Heap buffer overflow in BFCache in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS9.4AI score0.01423EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2021/12/23 12:45 a.m.42 views

CVE-2021-4062

Heap buffer overflow in BFCache in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS9.1AI score0.01423EPSS
Exploits0
Debian CVE
Debian CVE
added 2021/12/23 12:45 a.m.28 views

CVE-2021-4057

Use after free in file API in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS9.6AI score0.02073EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2021/12/23 12:45 a.m.45 views

CVE-2021-4057

Use after free in file API in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS9.3AI score0.02073EPSS
Exploits0
Cvelist
Cvelist
added 2021/12/23 12:5 a.m.24 views

CVE-2021-38013

Heap buffer overflow in fingerprint recognition in Google Chrome on ChromeOS prior to 96.0.4664.45 allowed a remote attacker who had compromised a WebUI renderer process to potentially perform a sandbox escape via a crafted HTML page...

9.4AI score0.01002EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2021/12/23 12:5 a.m.30 views

CVE-2021-38010

Inappropriate implementation in service workers in Google Chrome prior to 96.0.4664.45 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page...

6.5CVSS7.2AI score0.00911EPSS
Exploits0
Veracode
Veracode
added 2021/12/21 3:58 a.m.7 views

Remote Code Execution (RCE)

npm-groovy-lint is vulnerable to remote code execution. The vulnerability exists because the vulnerable Log4j library is used as a dependency, allowing an attacker to inject and execute malicious code through a jindi renderer...

4.5AI score
Exploits0
CISA KEV Catalog
CISA KEV Catalog
added 2021/11/03 12:0 a.m.20 views

Google Chrome Use-After-Free Vulnerability

Google Chrome contains a use-after-free vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page...

9.6CVSS8.8AI score0.02747EPSS
In wildExploits0
CISA KEV Catalog
CISA KEV Catalog
added 2021/11/03 12:0 a.m.16 views

Google Chromium Indexed DB API Use-After-Free Vulnerability

Google Chromium Indexed DB API contains a use-after-free vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including,...

9.6CVSS9AI score0.32657EPSS
In wildExploits0
CISA KEV Catalog
CISA KEV Catalog
added 2021/11/03 12:0 a.m.23 views

Google Chrome for Android UI Heap Buffer Overflow Vulnerability

Google Chrome for Android UI contains a heap buffer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page...

9.6CVSS7.5AI score0.06414EPSS
In wildExploits0
ATTACKERKB
ATTACKERKB
added 2021/11/02 10:15 p.m.3 views

CVE-2021-37981

Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

9.6CVSS7.4AI score0.01EPSS
Exploits0References4
OSV
OSV
added 2021/11/02 10:15 p.m.1 views

UBUNTU-CVE-2021-37981

Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

9.6CVSS7.5AI score0.01EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2021/11/02 9:5 p.m.43 views

CVE-2021-37981

Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

9.6CVSS9.6AI score0.01EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/10/28 12:0 a.m.18 views

SUSE: Security Advisory (SUSE-SU-2021:3553-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.6AI score0.03514EPSS
Exploits0References4
OSV
OSV
added 2021/10/27 1:27 p.m.8 views

SUSE-SU-2021:3550-1 Security update for Salt

This update fixes the following issues: salt: - Fix the regression of dockercontainer state module - Support querying for JSON data in external sql pillar - Exclude the full path of a download URL to prevent injection of malicious code bsc1190265 CVE-2021-21996 - Fix wrong relative paths resoluti...

7.5CVSS7.7AI score0.03514EPSS
Exploits0References3
NVD
NVD
added 2021/10/12 7:15 p.m.34 views

CVE-2021-39184

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. A vulnerability in versions prior to 11.5.0, 12.1.0, and 13.3.0 allows a sandboxed renderer to request a "thumbnail" image of an arbitrary file on the user's system. The thumbnail can potential...

8.6CVSS0.01017EPSS
Exploits0References2
Prion
Prion
added 2021/10/12 7:15 p.m.22 views

Hardcoded credentials

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. A vulnerability in versions prior to 11.5.0, 12.1.0, and 13.3.0 allows a sandboxed renderer to request a "thumbnail" image of an arbitrary file on the user's system. The thumbnail can potential...

5CVSS8.5AI score0.01017EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2021/10/12 12:0 a.m.5 views

Electron 安全漏洞

Electron is a personal developer of a user to write cross-platform desktop application JavaScript framework. The framework is based on nodejs and Chromium and can be used to write cross-platform desktop applications using HTML and CSS. A security vulnerability exists in Electron that allows a...

8.6CVSS7.8AI score0.01017EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/10/12 12:0 a.m.7 views

PT-2021-7285 · Electron · Electron

Name of the Vulnerable Software and Affected Versions: Electron versions prior to 11.5.0 Electron versions prior to 12.1.0 Electron versions prior to 13.3.0 Description: A vulnerability in Electron allows a sandboxed renderer to request a "thumbnail" image of an arbitrary file on the user's syste...

8.6CVSS8.3AI score0.01017EPSS
Exploits0References10
Rows per page
Query Builder