CVE-2021-21221 |
High |
Yes |
Information disclosure |
Insufficient validation of untrusted input in Mojo in Google Chrome prior to 90.0.4430.72 allowed a remote attacker who had compromised the renderer process... |
CVE-2021-21219 |
Low |
Yes |
Information disclosure |
Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information from process... |
CVE-2021-21218 |
Low |
Yes |
Information disclosure |
Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information from process... |
CVE-2021-21217 |
Low |
Yes |
Information disclosure |
Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information from process... |
CVE-2021-21216 |
Medium |
Yes |
Content spoofing |
Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to spoof security UI via a crafted HTML page. |
CVE-2021-21215 |
Medium |
Yes |
Content spoofing |
Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to spoof security UI via a crafted HTML page. |
CVE-2021-21214 |
Medium |
Yes |
Arbitrary code execution |
Use after free in Network API in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. |
CVE-2021-21213 |
Medium |
Yes |
Arbitrary code execution |
Use after free in WebMIDI in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
CVE-2021-21210 |
Medium |
Yes |
Information disclosure |
Inappropriate implementation in Network in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially access local UDP ports via a crafted... |
CVE-2021-21209 |
Medium |
Yes |
Information disclosure |
Inappropriate implementation in storage in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. |
CVE-2021-21207 |
Medium |
Yes |
Sandbox escape |
Use after free in IndexedDB in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to install a malicious extension to potentially... |
CVE-2021-21203 |
High |
Yes |
Arbitrary code execution |
Use after free in Blink in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
CVE-2021-21202 |
High |
Yes |
Sandbox escape |
Use after free in extensions in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to install a malicious extension to potentially... |
CVE-2021-21201 |
High |
Yes |
Sandbox escape |
Use after free in permissions in Google Chrome prior to 90.0.4430.72 allowed a remote attacker who had compromised the renderer process to potentially... |