VYPR

Chrome

by Google

Source repositories

CVEs (5,374)

  • CVE-2021-38010MedDec 23, 2021
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation in service workers in Google Chrome prior to 96.0.4664.45 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.

  • CVE-2021-38009MedDec 23, 2021
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation in cache in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

  • CVE-2018-6125MedNov 2, 2021
    risk 0.42cvss 6.5epss 0.01

    Insufficient policy enforcement in USB in Google Chrome on Windows prior to 67.0.3396.62 allowed a remote attacker to obtain potentially sensitive information via a crafted HTML page.

  • CVE-2021-37995MedNov 2, 2021
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation in WebApp Installer in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially overlay and spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2021-37994MedNov 2, 2021
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation in iFrame Sandbox in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

  • CVE-2021-37989MedNov 2, 2021
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation in Blink in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to abuse content security policy via a crafted HTML page.

  • CVE-2021-30584MedAug 3, 2021
    risk 0.42cvss 6.5epss 0.02

    Incorrect security UI in Downloads in Google Chrome on Android prior to 92.0.4515.107 allowed a remote attacker to perform domain spoofing via a crafted HTML page.

  • CVE-2021-30583MedAug 3, 2021
    risk 0.42cvss 6.5epss 0.02

    Insufficient policy enforcement in image handling in iOS in Google Chrome on iOS prior to 92.0.4515.107 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

  • CVE-2021-30580MedAug 3, 2021
    risk 0.42cvss 6.5epss 0.01

    Insufficient policy enforcement in Android intents in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious application to obtain potentially sensitive information via a crafted HTML page.

  • CVE-2021-30540MedJun 7, 2021
    risk 0.42cvss 6.5epss 0.01

    Incorrect security UI in payments in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker to perform domain spoofing via a crafted HTML page.

  • CVE-2021-30534MedJun 7, 2021
    risk 0.42cvss 6.5epss 0.01

    Insufficient policy enforcement in iFrameSandbox in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

  • CVE-2021-30531MedJun 7, 2021
    risk 0.42cvss 6.5epss 0.02

    Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page.

  • CVE-2021-21229MedApr 30, 2021
    risk 0.42cvss 6.5epss 0.01

    Incorrect security UI in downloads in Google Chrome on Android prior to 90.0.4430.93 allowed a remote attacker to perform domain spoofing via a crafted HTML page.

  • CVE-2021-21222MedApr 26, 2021
    risk 0.42cvss 6.5epss 0.02

    Heap buffer overflow in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.

  • CVE-2021-21221MedApr 26, 2021
    risk 0.42cvss 6.5epss 0.02

    Insufficient validation of untrusted input in Mojo in Google Chrome prior to 90.0.4430.72 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.

  • CVE-2021-21212MedApr 26, 2021
    risk 0.42cvss 6.5epss 0.02

    Incorrect security UI in Network Config UI in Google Chrome on ChromeOS prior to 90.0.4430.72 allowed a remote attacker to potentially compromise WiFi connection security via a malicious WAP.

  • CVE-2021-21211MedApr 26, 2021
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation in Navigation in Google Chrome on iOS prior to 90.0.4430.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

  • CVE-2021-21210MedApr 26, 2021
    risk 0.42cvss 6.5epss 0.02

    Inappropriate implementation in Network in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially access local UDP ports via a crafted HTML page.

  • CVE-2021-21209MedApr 26, 2021
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation in storage in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

  • CVE-2021-21208MedApr 26, 2021
    risk 0.42cvss 6.5epss 0.01

    Insufficient data validation in QR scanner in Google Chrome on iOS prior to 90.0.4430.72 allowed an attacker displaying a QR code to perform domain spoofing via a crafted QR code.

Page 129 of 269