Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Google Subscribe
Filtered by product Chrome
Total 3085 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-21121 2 Google, Microsoft 2 Chrome, Edge Chromium 2021-03-08 6.8 MEDIUM 9.6 CRITICAL
Use after free in Omnibox in Google Chrome on Linux prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
CVE-2021-21122 2 Google, Microsoft 2 Chrome, Edge Chromium 2021-03-08 6.8 MEDIUM 8.8 HIGH
Use after free in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21123 2 Google, Microsoft 2 Chrome, Edge Chromium 2021-03-08 4.3 MEDIUM 6.5 MEDIUM
Insufficient data validation in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
CVE-2021-21119 2 Google, Microsoft 2 Chrome, Edge Chromium 2021-03-08 6.8 MEDIUM 8.8 HIGH
Use after free in Media in Google Chrome prior to 88.0.4324.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15978 4 Debian, Fedoraproject, Google and 1 more 5 Debian Linux, Fedora, Android and 2 more 2021-03-05 6.8 MEDIUM 8.8 HIGH
Insufficient data validation in navigation in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.
CVE-2020-15977 5 Apple, Debian, Fedoraproject and 2 more 5 Mac Os X, Debian Linux, Fedora and 2 more 2021-03-05 4.3 MEDIUM 6.5 MEDIUM
Insufficient data validation in dialogs in Google Chrome on OS X prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.
CVE-2020-16043 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-03-05 6.8 MEDIUM 8.8 HIGH
Insufficient data validation in networking in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to bypass discretionary access control via malicious network traffic.
CVE-2020-15966 4 Debian, Fedoraproject, Google and 1 more 5 Debian Linux, Fedora, Chrome and 2 more 2021-03-04 4.3 MEDIUM 4.3 MEDIUM
Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension.
CVE-2020-16041 1 Google 1 Chrome 2021-03-04 5.8 MEDIUM 8.1 HIGH
Out of bounds read in networking in Google Chrome prior to 87.0.4280.88 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page.
CVE-2021-21126 2 Google, Microsoft 2 Chrome, Edge Chromium 2021-03-04 4.3 MEDIUM 6.5 MEDIUM
Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension.
CVE-2021-21128 2 Google, Microsoft 2 Chrome, Edge Chromium 2021-03-04 6.8 MEDIUM 8.8 HIGH
Heap buffer overflow in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21140 2 Google, Microsoft 2 Chrome, Edge 2021-02-25 4.6 MEDIUM 6.8 MEDIUM
Uninitialized use in USB in Google Chrome prior to 88.0.4324.96 allowed a local attacker to potentially perform out of bounds memory access via via a USB device.
CVE-2020-16025 1 Google 1 Chrome 2021-02-25 6.8 MEDIUM 9.6 CRITICAL
Heap buffer overflow in clipboard in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-16024 1 Google 2 Chrome, Chrome Os 2021-02-25 6.8 MEDIUM 9.6 CRITICAL
Heap buffer overflow in UI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-15987 4 Debian, Fedoraproject, Google and 1 more 4 Debian Linux, Fedora, Chrome and 1 more 2021-02-24 6.8 MEDIUM 8.8 HIGH
Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted WebRTC stream.
CVE-2020-15985 4 Debian, Fedoraproject, Google and 1 more 4 Debian Linux, Fedora, Chrome and 1 more 2021-02-24 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to spoof security UI via a crafted HTML page.
CVE-2020-15992 4 Debian, Fedoraproject, Google and 1 more 4 Debian Linux, Fedora, Chrome and 1 more 2021-02-24 6.8 MEDIUM 8.8 HIGH
Insufficient policy enforcement in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page.
CVE-2020-15995 3 Debian, Fedoraproject, Google 4 Debian Linux, Fedora, Android and 1 more 2021-02-24 6.8 MEDIUM 8.8 HIGH
Out of bounds write in V8 in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21138 1 Google 1 Chrome 2021-02-11 6.8 MEDIUM 8.6 HIGH
Use after free in DevTools in Google Chrome prior to 88.0.4324.96 allowed a local attacker to potentially perform a sandbox escape via a crafted file.
CVE-2020-15965 4 Debian, Fedoraproject, Google and 1 more 5 Debian Linux, Fedora, Chrome and 2 more 2021-01-29 6.8 MEDIUM 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.