Skip to main content

Edge Chromium

198 CVEs product

Monthly

CVE-2023-5217 npm HIGH POC KEV PATCH THREAT This Week

Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Google Libvpx Edge +9
NVD GitHub
CVSS 3.1
8.8
EPSS
49.0%
CVE-2023-36735 CRITICAL PATCH Act Now

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Google Use After Free Microsoft Memory Corruption Information Disclosure +1
NVD
CVSS 3.1
9.6
EPSS
1.9%
CVE-2023-36727 MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Google Microsoft Edge Chromium
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2023-36562 HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Google Use After Free Microsoft Memory Corruption Information Disclosure +1
NVD
CVSS 3.1
7.1
EPSS
0.9%
CVE-2023-4863 LIB HIGH POC KEV PATCH THREAT This Week

Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Google Chrome Fedora +10
NVD GitHub
CVSS 3.1
8.8
EPSS
99.7%
CVE-2023-4762 HIGH KEV PATCH THREAT This Week

Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption RCE Google Chrome Debian Linux +2
NVD
CVSS 3.1
8.8
EPSS
38.0%
CVE-2023-36741 HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Google Use After Free Microsoft Memory Corruption Information Disclosure +1
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2023-38158 LOW PATCH Monitor

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Google Microsoft Edge Chromium
NVD
CVSS 3.1
3.1
EPSS
1.2%
CVE-2023-36787 HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Google Use After Free Microsoft Memory Corruption Information Disclosure +1
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2023-38157 MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Google Microsoft Edge Chromium
NVD
CVSS 3.1
6.5
EPSS
2.3%
CVE-2023-38187 MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Google Microsoft Edge Chromium
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2023-38173 MEDIUM PATCH This Month

Microsoft Edge for Android Spoofing Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Google Authentication Bypass Edge Chromium
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2023-35392 MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Google Authentication Bypass Edge Chromium
NVD
CVSS 3.1
4.7
EPSS
0.7%
CVE-2023-36888 MEDIUM PATCH This Month

Microsoft Edge for Android (Chromium-based) Tampering Vulnerability. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Google Microsoft Edge Chromium
NVD
CVSS 3.1
6.3
EPSS
0.5%
CVE-2023-36887 HIGH POC PATCH This Week

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption RCE Google Microsoft Edge Chromium
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2023-33145 MEDIUM POC PATCH This Month

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Google Microsoft Edge Chromium
NVD Exploit-DB
CVSS 3.1
6.5
EPSS
8.6%
CVE-2023-29345 MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Google XSS Microsoft Edge Chromium
NVD
CVSS 3.1
6.1
EPSS
1.2%
CVE-2023-33143 HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Google Microsoft Edge Chromium
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2023-29354 MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Google Microsoft Edge Chromium
NVD
CVSS 3.1
4.7
EPSS
1.4%
CVE-2023-29350 HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Google Microsoft Edge Chromium
NVD
CVSS 3.1
7.5
EPSS
2.6%
CVE-2023-29334 MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Google Authentication Bypass Edge Chromium
NVD
CVSS 3.1
4.3
EPSS
1.1%
CVE-2023-28286 MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Google Microsoft Edge Chromium
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2023-28261 MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated medium severity (CVSS 5.7), this vulnerability is no authentication required. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Google Microsoft Edge Chromium
NVD
CVSS 3.1
5.7
EPSS
0.6%
CVE-2023-24935 MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

Google Microsoft Open Redirect Edge Chromium
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2023-24892 HIGH POC PATCH This Week

Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Google Microsoft Open Redirect Edge Chromium
NVD Exploit-DB
CVSS 3.1
8.2
EPSS
3.5%
CVE-2023-23374 HIGH PATCH This Week

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

RCE Google Microsoft Edge Chromium
NVD
CVSS 3.1
8.3
EPSS
1.1%
CVE-2023-21794 MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Google Authentication Bypass Edge Chromium
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2023-21720 MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Tampering Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required.

Buffer Overflow Google Microsoft Edge Chromium
NVD
CVSS 3.1
5.3
EPSS
1.2%
CVE-2023-21796 HIGH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Google Microsoft Edge Chromium
NVD
CVSS 3.1
8.3
EPSS
1.0%
CVE-2023-21795 HIGH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Use After Free Microsoft Memory Corruption Information Disclosure +1
NVD
CVSS 3.1
8.3
EPSS
0.9%
CVE-2023-21775 HIGH This Week

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Google Microsoft Edge Chromium
NVD
CVSS 3.1
8.3
EPSS
1.0%
CVE-2023-21719 MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Microsoft Google Authentication Bypass Edge Chromium
NVD
CVSS 3.1
6.5
EPSS
1.7%
CVE-2022-44708 HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Microsoft Google Edge Edge Chromium
NVD
CVSS 3.1
8.3
EPSS
1.9%
CVE-2022-44688 MEDIUM This Month

Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Google Edge Chromium
NVD
CVSS 3.1
4.3
EPSS
1.1%
CVE-2022-41115 MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable.

Information Disclosure Microsoft Google Edge Chromium
NVD
CVSS 3.1
6.6
EPSS
1.9%
CVE-2022-4135 npm CRITICAL POC KEV PATCH THREAT Act Now

Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Google Buffer Overflow Chrome Edge +1
NVD
CVSS 3.1
9.6
EPSS
31.9%
CVE-2022-41035 MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required.

Microsoft Race Condition Google Information Disclosure Edge Chromium
NVD
CVSS 3.1
5.3
EPSS
1.3%
CVE-2022-38012 HIGH This Week

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.7), this vulnerability is no authentication required. No vendor patch available.

Microsoft Google RCE Edge Chromium
NVD
CVSS 3.1
7.7
EPSS
0.8%
CVE-2022-35796 HIGH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Microsoft Race Condition Google Information Disclosure Edge Chromium
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-33649 CRITICAL Act Now

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Google Edge Chromium
NVD
CVSS 3.1
9.6
EPSS
1.9%
CVE-2022-33636 HIGH This Week

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Microsoft Race Condition Google RCE Edge Chromium
NVD
CVSS 3.1
8.3
EPSS
1.1%
CVE-2022-33680 HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Google Microsoft Information Disclosure Edge Chromium
NVD
CVSS 3.1
8.3
EPSS
1.7%
CVE-2022-33639 HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Google Microsoft Information Disclosure Edge Chromium
NVD
CVSS 3.1
8.3
EPSS
2.5%
CVE-2022-33638 HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Google Microsoft Information Disclosure Edge Chromium
NVD
CVSS 3.1
8.3
EPSS
2.3%
CVE-2022-30192 HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Google Microsoft Information Disclosure Edge Chromium
NVD
CVSS 3.1
8.3
EPSS
2.6%
CVE-2022-22021 HIGH PATCH This Week

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Google RCE Microsoft Edge Chromium
NVD
CVSS 3.1
8.3
EPSS
2.8%
CVE-2022-30128 HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Google Race Condition Microsoft Information Disclosure Edge Chromium
NVD
CVSS 3.1
8.3
EPSS
1.8%
CVE-2022-30127 HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Google Race Condition Microsoft Information Disclosure Edge Chromium
NVD
CVSS 3.1
8.3
EPSS
1.8%
CVE-2022-26905 MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Microsoft Information Disclosure Edge Chromium
NVD
CVSS 3.1
4.3
EPSS
1.7%
CVE-2022-26912 HIGH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Microsoft Information Disclosure Edge Chromium
NVD
CVSS 3.1
8.3
EPSS
1.7%
CVE-2022-26909 HIGH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Microsoft Information Disclosure Edge Chromium
NVD
CVSS 3.1
8.3
EPSS
1.7%
CVE-2022-26908 HIGH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Microsoft Information Disclosure Edge Chromium
NVD
CVSS 3.1
8.3
EPSS
1.7%
CVE-2022-26900 HIGH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Microsoft Information Disclosure Edge Chromium
NVD
CVSS 3.1
8.3
EPSS
1.7%
CVE-2022-26895 HIGH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Microsoft Information Disclosure Edge Chromium
NVD
CVSS 3.1
8.3
EPSS
1.7%
CVE-2022-26894 HIGH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Microsoft Information Disclosure Edge Chromium
NVD
CVSS 3.1
8.3
EPSS
1.7%
CVE-2022-26891 HIGH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Microsoft Information Disclosure Edge Chromium
NVD
CVSS 3.1
8.3
EPSS
1.7%
CVE-2022-24523 MEDIUM This Month

Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Microsoft Information Disclosure Edge Chromium
NVD
CVSS 3.1
4.3
EPSS
1.3%
CVE-2022-24475 HIGH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Microsoft Information Disclosure Edge Chromium
NVD
CVSS 3.1
8.3
EPSS
1.7%
CVE-2021-43221 MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable, no authentication required. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Google RCE Code Injection Microsoft Edge Chromium
NVD
CVSS 3.1
4.2
EPSS
1.0%
CVE-2021-42308 LOW PATCH Monitor

Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required.

Google Microsoft Authentication Bypass Edge Chromium
NVD
CVSS 3.1
3.1
EPSS
1.1%
CVE-2021-38669 MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Tampering Vulnerability. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.

Google Microsoft Information Disclosure Edge Edge Chromium
NVD
CVSS 3.1
6.4
EPSS
2.6%
CVE-2021-30624 HIGH PATCH This Week

Chromium: CVE-2021-30624 Use after free in Autofill. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
4.1%
CVE-2021-30623 HIGH PATCH This Week

Chromium: CVE-2021-30623 Use after free in Bookmarks. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
4.0%
CVE-2021-30622 HIGH PATCH This Week

Chromium: CVE-2021-30622 Use after free in WebApp Installs. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
4.1%
CVE-2021-30621 MEDIUM PATCH This Month

Chromium: CVE-2021-30621 UI Spoofing in Autofill. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Authentication Bypass Fedora Edge Edge Chromium
NVD
CVSS 3.1
6.5
EPSS
3.5%
CVE-2021-30620 HIGH PATCH This Week

Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Information Disclosure Fedora Edge Edge Chromium
NVD
CVSS 3.1
8.8
EPSS
4.1%
CVE-2021-30619 MEDIUM PATCH This Month

Chromium: CVE-2021-30619 UI Spoofing in Autofill. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Authentication Bypass Fedora Edge Edge Chromium
NVD
CVSS 3.1
6.5
EPSS
3.5%
CVE-2021-30618 HIGH PATCH This Week

Chromium: CVE-2021-30618 Inappropriate implementation in DevTools. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Information Disclosure Fedora Edge Edge Chromium
NVD
CVSS 3.1
8.8
EPSS
4.1%
CVE-2021-30617 MEDIUM PATCH This Month

Chromium: CVE-2021-30617 Policy bypass in Blink. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Authentication Bypass Fedora Edge Edge Chromium
NVD
CVSS 3.1
6.5
EPSS
3.7%
CVE-2021-30616 HIGH PATCH This Week

Chromium: CVE-2021-30616 Use after free in Media. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
4.2%
CVE-2021-30615 MEDIUM PATCH This Month

Chromium: CVE-2021-30615 Cross-origin data leak in Navigation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Information Disclosure Fedora Edge Edge Chromium
NVD
CVSS 3.1
6.5
EPSS
5.6%
CVE-2021-30614 HIGH PATCH This Week

Chromium: CVE-2021-30614 Heap buffer overflow in TabStrip. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Google Fedora Edge +1
NVD
CVSS 3.1
8.8
EPSS
4.5%
CVE-2021-30613 HIGH PATCH This Week

Chromium: CVE-2021-30613 Use after free in Base internals. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
4.1%
CVE-2021-30612 HIGH PATCH This Week

Chromium: CVE-2021-30612 Use after free in WebRTC. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
2.8%
CVE-2021-30611 HIGH PATCH This Week

Chromium: CVE-2021-30611 Use after free in WebRTC. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
2.8%
CVE-2021-30610 HIGH PATCH This Week

Chromium: CVE-2021-30610 Use after free in Extensions API. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
4.1%
CVE-2021-30609 HIGH PATCH This Week

Chromium: CVE-2021-30609 Use after free in Sign-In. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
4.2%
CVE-2021-30608 HIGH PATCH This Week

Chromium: CVE-2021-30608 Use after free in Web Share. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
4.1%
CVE-2021-30607 HIGH PATCH This Week

Chromium: CVE-2021-30607 Use after free in Permissions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
4.1%
CVE-2021-30606 HIGH PATCH This Week

Chromium: CVE-2021-30606 Use after free in Blink. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Edge +2
NVD
CVSS 3.1
8.8
EPSS
4.1%
CVE-2021-36931 MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is no authentication required, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Google Microsoft Privilege Escalation Edge Chromium
NVD
CVSS 3.1
4.4
EPSS
1.2%
CVE-2021-36929 MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity.

Google Microsoft Information Disclosure Edge Chromium
NVD
CVSS 3.1
6.3
EPSS
3.1%
CVE-2021-36928 MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.0).

Google Microsoft Information Disclosure Edge Chromium
NVD
CVSS 3.1
6.0
EPSS
0.7%
CVE-2021-33741 HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Microsoft Information Disclosure Edge Chromium
NVD
CVSS 3.1
8.2
EPSS
2.7%
CVE-2021-24113 MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Microsoft Authentication Bypass Edge Chromium
NVD
CVSS 3.1
5.4
EPSS
1.3%
CVE-2021-21157 HIGH POC This Week

Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Denial Of Service Memory Corruption Google Edge +3
NVD
CVSS 3.1
8.8
EPSS
9.5%
CVE-2021-21139 MEDIUM POC This Month

Inappropriate implementation in iframe sandbox in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google XSS Chrome Edge Chromium
NVD
CVSS 3.1
6.5
EPSS
4.7%
CVE-2021-21137 MEDIUM POC This Month

Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Information Disclosure Chrome Edge Chromium
NVD
CVSS 3.1
6.5
EPSS
5.9%
CVE-2021-21136 MEDIUM PATCH This Month

Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Information Disclosure Chrome Edge Chromium
NVD
CVSS 3.1
6.5
EPSS
4.2%
CVE-2021-21135 MEDIUM This Month

Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Chrome Edge Chromium
NVD
CVSS 3.1
6.5
EPSS
19.2%
EPSS 49% CVSS 8.8
HIGH POC KEV PATCH THREAT This Week

Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Google +11
NVD GitHub
EPSS 2% CVSS 9.6
CRITICAL PATCH Act Now

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Google Use After Free Microsoft +3
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Google Microsoft +1
NVD
EPSS 1% CVSS 7.1
HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Google Use After Free Microsoft +3
NVD
EPSS 100% CVSS 8.8
HIGH POC KEV PATCH THREAT This Week

Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Google +12
NVD GitHub
EPSS 38% CVSS 8.8
HIGH KEV PATCH THREAT This Week

Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption RCE Google +4
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Google Use After Free Microsoft +3
NVD
EPSS 1% CVSS 3.1
LOW PATCH Monitor

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Google Microsoft +1
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Google Use After Free Microsoft +3
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Google Microsoft +1
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Google Microsoft +1
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Microsoft Edge for Android Spoofing Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Google Authentication Bypass +1
NVD
EPSS 1% CVSS 4.7
MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Google Authentication Bypass +1
NVD
EPSS 1% CVSS 6.3
MEDIUM PATCH This Month

Microsoft Edge for Android (Chromium-based) Tampering Vulnerability. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Google Microsoft +1
NVD
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption RCE Google +2
NVD
EPSS 9% CVSS 6.5
MEDIUM POC PATCH This Month

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Google Microsoft +1
NVD Exploit-DB
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Google XSS Microsoft +1
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Google Microsoft +1
NVD
EPSS 1% CVSS 4.7
MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Google Microsoft +1
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Google Microsoft +1
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Google Authentication Bypass +1
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Google Microsoft +1
NVD
EPSS 1% CVSS 5.7
MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated medium severity (CVSS 5.7), this vulnerability is no authentication required. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Google Microsoft +1
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

Google Microsoft Open Redirect +1
NVD
EPSS 4% CVSS 8.2
HIGH POC PATCH This Week

Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Google Microsoft Open Redirect +1
NVD Exploit-DB
EPSS 1% CVSS 8.3
HIGH PATCH This Week

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

RCE Google Microsoft +1
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Google Authentication Bypass +1
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Tampering Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required.

Buffer Overflow Google Microsoft +1
NVD
EPSS 1% CVSS 8.3
HIGH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Google Microsoft +1
NVD
EPSS 1% CVSS 8.3
HIGH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Use After Free Microsoft +3
NVD
EPSS 1% CVSS 8.3
HIGH This Week

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Google Microsoft +1
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Microsoft Google Authentication Bypass +1
NVD
EPSS 2% CVSS 8.3
HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Microsoft Google +2
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Google +1
NVD
EPSS 2% CVSS 6.6
MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable.

Information Disclosure Microsoft Google +1
NVD
EPSS 32% CVSS 9.6
CRITICAL POC KEV PATCH THREAT Act Now

Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Google Buffer Overflow +3
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required.

Microsoft Race Condition Google +2
NVD
EPSS 1% CVSS 7.7
HIGH This Week

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.7), this vulnerability is no authentication required. No vendor patch available.

Microsoft Google RCE +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Microsoft Race Condition Google +2
NVD
EPSS 2% CVSS 9.6
CRITICAL Act Now

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Google +1
NVD
EPSS 1% CVSS 8.3
HIGH This Week

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Microsoft Race Condition Google +2
NVD
EPSS 2% CVSS 8.3
HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Google Microsoft Information Disclosure +1
NVD
EPSS 3% CVSS 8.3
HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Google Microsoft Information Disclosure +1
NVD
EPSS 2% CVSS 8.3
HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Google Microsoft Information Disclosure +1
NVD
EPSS 3% CVSS 8.3
HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Google Microsoft Information Disclosure +1
NVD
EPSS 3% CVSS 8.3
HIGH PATCH This Week

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Google RCE Microsoft +1
NVD
EPSS 2% CVSS 8.3
HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Google Race Condition Microsoft +2
NVD
EPSS 2% CVSS 8.3
HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Google Race Condition Microsoft +2
NVD
EPSS 2% CVSS 4.3
MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Microsoft Information Disclosure +1
NVD
EPSS 2% CVSS 8.3
HIGH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Microsoft Information Disclosure +1
NVD
EPSS 2% CVSS 8.3
HIGH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Microsoft Information Disclosure +1
NVD
EPSS 2% CVSS 8.3
HIGH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Microsoft Information Disclosure +1
NVD
EPSS 2% CVSS 8.3
HIGH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Microsoft Information Disclosure +1
NVD
EPSS 2% CVSS 8.3
HIGH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Microsoft Information Disclosure +1
NVD
EPSS 2% CVSS 8.3
HIGH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Microsoft Information Disclosure +1
NVD
EPSS 2% CVSS 8.3
HIGH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Microsoft Information Disclosure +1
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Microsoft Information Disclosure +1
NVD
EPSS 2% CVSS 8.3
HIGH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Microsoft Information Disclosure +1
NVD
EPSS 1% CVSS 4.2
MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable, no authentication required. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Google RCE Code Injection +2
NVD
EPSS 1% CVSS 3.1
LOW PATCH Monitor

Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required.

Google Microsoft Authentication Bypass +1
NVD
EPSS 3% CVSS 6.4
MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Tampering Vulnerability. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.

Google Microsoft Information Disclosure +2
NVD
EPSS 4% CVSS 8.8
HIGH PATCH This Week

Chromium: CVE-2021-30624 Use after free in Autofill. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption +4
NVD
EPSS 4% CVSS 8.8
HIGH PATCH This Week

Chromium: CVE-2021-30623 Use after free in Bookmarks. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption +4
NVD
EPSS 4% CVSS 8.8
HIGH PATCH This Week

Chromium: CVE-2021-30622 Use after free in WebApp Installs. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption +4
NVD
EPSS 3% CVSS 6.5
MEDIUM PATCH This Month

Chromium: CVE-2021-30621 UI Spoofing in Autofill. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Authentication Bypass Fedora +2
NVD
EPSS 4% CVSS 8.8
HIGH PATCH This Week

Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Information Disclosure Fedora +2
NVD
EPSS 3% CVSS 6.5
MEDIUM PATCH This Month

Chromium: CVE-2021-30619 UI Spoofing in Autofill. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Authentication Bypass Fedora +2
NVD
EPSS 4% CVSS 8.8
HIGH PATCH This Week

Chromium: CVE-2021-30618 Inappropriate implementation in DevTools. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Information Disclosure Fedora +2
NVD
EPSS 4% CVSS 6.5
MEDIUM PATCH This Month

Chromium: CVE-2021-30617 Policy bypass in Blink. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Authentication Bypass Fedora +2
NVD
EPSS 4% CVSS 8.8
HIGH PATCH This Week

Chromium: CVE-2021-30616 Use after free in Media. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption +4
NVD
EPSS 6% CVSS 6.5
MEDIUM PATCH This Month

Chromium: CVE-2021-30615 Cross-origin data leak in Navigation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Information Disclosure Fedora +2
NVD
EPSS 4% CVSS 8.8
HIGH PATCH This Week

Chromium: CVE-2021-30614 Heap buffer overflow in TabStrip. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Google +3
NVD
EPSS 4% CVSS 8.8
HIGH PATCH This Week

Chromium: CVE-2021-30613 Use after free in Base internals. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption +4
NVD
EPSS 3% CVSS 8.8
HIGH PATCH This Week

Chromium: CVE-2021-30612 Use after free in WebRTC. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption +4
NVD
EPSS 3% CVSS 8.8
HIGH PATCH This Week

Chromium: CVE-2021-30611 Use after free in WebRTC. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption +4
NVD
EPSS 4% CVSS 8.8
HIGH PATCH This Week

Chromium: CVE-2021-30610 Use after free in Extensions API. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption +4
NVD
EPSS 4% CVSS 8.8
HIGH PATCH This Week

Chromium: CVE-2021-30609 Use after free in Sign-In. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption +4
NVD
EPSS 4% CVSS 8.8
HIGH PATCH This Week

Chromium: CVE-2021-30608 Use after free in Web Share. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption +4
NVD
EPSS 4% CVSS 8.8
HIGH PATCH This Week

Chromium: CVE-2021-30607 Use after free in Permissions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption +4
NVD
EPSS 4% CVSS 8.8
HIGH PATCH This Week

Chromium: CVE-2021-30606 Use after free in Blink. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption +4
NVD
EPSS 1% CVSS 4.4
MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is no authentication required, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Google Microsoft Privilege Escalation +1
NVD
EPSS 3% CVSS 6.3
MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity.

Google Microsoft Information Disclosure +1
NVD
EPSS 1% CVSS 6.0
MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.0).

Google Microsoft Information Disclosure +1
NVD
EPSS 3% CVSS 8.2
HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Microsoft Information Disclosure +1
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Microsoft Authentication Bypass +1
NVD
EPSS 9% CVSS 8.8
HIGH POC This Week

Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Denial Of Service Memory Corruption +5
NVD
EPSS 5% CVSS 6.5
MEDIUM POC This Month

Inappropriate implementation in iframe sandbox in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google XSS Chrome +1
NVD
EPSS 6% CVSS 6.5
MEDIUM POC This Month

Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Information Disclosure Chrome +1
NVD
EPSS 4% CVSS 6.5
MEDIUM PATCH This Month

Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Information Disclosure Chrome +1
NVD
EPSS 19% CVSS 6.5
MEDIUM This Month

Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Chrome +1
NVD
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy