Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Google Subscribe
Filtered by product Chrome
Total 3671 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-30528 2 Fedoraproject, Google 3 Fedora, Android, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in WebAuthentication in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker who had compromised the renderer process of a user who had saved a credit card in their Google account to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30509 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Out of bounds write in Tab Strip in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page and a crafted Chrome extension.
CVE-2021-30550 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in Accessibility in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30529 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in Bookmarks in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30520 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in Tab Strip in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30531 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 4.3 MEDIUM 6.5 MEDIUM
Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page.
CVE-2021-30627 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Type confusion in Blink layout in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30535 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Double free in ICU in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30597 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 4.6 MEDIUM 6.8 MEDIUM
Use after free in Browser UI in Google Chrome on Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via physical access to the device.
CVE-2021-30593 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 5.8 MEDIUM 8.1 HIGH
Out of bounds read in Tab Strip in Google Chrome prior to 92.0.4515.131 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted HTML page.
CVE-2021-30512 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in Notifications in Google Chrome prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30584 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 4.3 MEDIUM 6.5 MEDIUM
Incorrect security UI in Downloads in Google Chrome on Android prior to 92.0.4515.107 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
CVE-2021-30599 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
CVE-2021-30596 2 Fedoraproject, Google 3 Fedora, Android, Chrome 2023-11-07 4.3 MEDIUM 4.3 MEDIUM
Incorrect security UI in Navigation in Google Chrome on Android prior to 92.0.4515.131 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2021-30539 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 5.8 MEDIUM 5.4 MEDIUM
Insufficient policy enforcement in content security policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page.
CVE-2021-30553 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in Network service in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30600 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in Printing in Google Chrome prior to 92.0.4515.159 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30515 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in File API in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30569 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in sqlite in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30630 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 4.3 MEDIUM 4.3 MEDIUM
Inappropriate implementation in Blink in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.