Edge Chromium
Monthly
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.
Microsoft Edge for Android Spoofing Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Microsoft Edge for Android (Chromium-based) Tampering Vulnerability. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.
Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated medium severity (CVSS 5.7), this vulnerability is no authentication required. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.
Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.
Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.
Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Microsoft Edge (Chromium-based) Tampering Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.
Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable.
Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required.
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.7), this vulnerability is no authentication required. No vendor patch available.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.
Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable, no authentication required. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.
Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required.
Microsoft Edge (Chromium-based) Tampering Vulnerability. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.
Chromium: CVE-2021-30624 Use after free in Autofill. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30623 Use after free in Bookmarks. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30622 Use after free in WebApp Installs. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30621 UI Spoofing in Autofill. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30619 UI Spoofing in Autofill. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30618 Inappropriate implementation in DevTools. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30617 Policy bypass in Blink. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30616 Use after free in Media. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30615 Cross-origin data leak in Navigation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30614 Heap buffer overflow in TabStrip. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
Chromium: CVE-2021-30613 Use after free in Base internals. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30612 Use after free in WebRTC. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30611 Use after free in WebRTC. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30610 Use after free in Extensions API. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30609 Use after free in Sign-In. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30608 Use after free in Web Share. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30607 Use after free in Permissions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30606 Use after free in Blink. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is no authentication required, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.0).
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Inappropriate implementation in iframe sandbox in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.
Microsoft Edge for Android Spoofing Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Microsoft Edge for Android (Chromium-based) Tampering Vulnerability. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.
Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated medium severity (CVSS 5.7), this vulnerability is no authentication required. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.
Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.
Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.
Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Microsoft Edge (Chromium-based) Tampering Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.
Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable.
Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required.
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.7), this vulnerability is no authentication required. No vendor patch available.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.
Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable, no authentication required. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.
Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required.
Microsoft Edge (Chromium-based) Tampering Vulnerability. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.
Chromium: CVE-2021-30624 Use after free in Autofill. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30623 Use after free in Bookmarks. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30622 Use after free in WebApp Installs. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30621 UI Spoofing in Autofill. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30619 UI Spoofing in Autofill. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30618 Inappropriate implementation in DevTools. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30617 Policy bypass in Blink. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30616 Use after free in Media. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30615 Cross-origin data leak in Navigation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30614 Heap buffer overflow in TabStrip. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
Chromium: CVE-2021-30613 Use after free in Base internals. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30612 Use after free in WebRTC. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30611 Use after free in WebRTC. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30610 Use after free in Extensions API. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30609 Use after free in Sign-In. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30608 Use after free in Web Share. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30607 Use after free in Permissions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Chromium: CVE-2021-30606 Use after free in Blink. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is no authentication required, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.0).
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Inappropriate implementation in iframe sandbox in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.