Google Chrome vulnerabilities

CVE-2021-21110 [CRITICAL] CWE-416 CVE-2021-21110: Use after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to Use after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.

CVE-2021-21111 [CRITICAL] CWE-1021 CVE-2021-21111: Insufficient policy enforcement in WebUI in Google Chrome prior to 87.0.4280.141 allowed an attacker Insufficient policy enforcement in WebUI in Google Chrome prior to 87.0.4280.141 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.

CVE-2021-21107 [CRITICAL] CWE-416 CVE-2021-21107: Use after free in drag and drop in Google Chrome on Linux prior to 87.0.4280.141 allowed a remote at Use after free in drag and drop in Google Chrome on Linux prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

CVE-2020-16025 [CRITICAL] CWE-787 CVE-2020-16025: Heap buffer overflow in clipboard in Google Chrome prior to 87.0.4280.66 allowed a remote attacker w Heap buffer overflow in clipboard in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

CVE-2020-16018 [CRITICAL] CWE-416 CVE-2020-16018: Use after free in payments in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had Use after free in payments in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

CVE-2020-16017 [CRITICAL] CWE-416 CVE-2020-16017: Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker w Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

CVE-2021-21109 [CRITICAL] CWE-416 CVE-2021-21109: Use after free in payments in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had Use after free in payments in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

CVE-2021-21106 [CRITICAL] CWE-416 CVE-2021-21106: Use after free in autofill in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had Use after free in autofill in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

CVE-2020-16024 [CRITICAL] CWE-787 CVE-2020-16024: Heap buffer overflow in UI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had Heap buffer overflow in UI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

CVE-2021-21108 [CRITICAL] CWE-416 CVE-2021-21108: Use after free in media in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had co Use after free in media in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

CVE-2020-16016 [CRITICAL] CVE-2020-16016: Inappropriate implementation in base in Google Chrome prior to 86.0.4240.193 allowed a remote attack Inappropriate implementation in base in Google Chrome prior to 86.0.4240.193 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

CVE-2021-21115 [CRITICAL] CWE-416 CVE-2021-21115: User after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker w User after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

CVE-2020-16026 [HIGH] CWE-416 CVE-2020-16026: Use after free in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potenti Use after free in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2020-16028 [HIGH] CWE-787 CVE-2020-16028: Heap buffer overflow in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to p Heap buffer overflow in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2020-16043 [HIGH] CVE-2020-16043: Insufficient data validation in networking in Google Chrome prior to 87.0.4280.141 allowed a remote Insufficient data validation in networking in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to bypass discretionary access control via malicious network traffic.

CVE-2020-16023 [HIGH] CWE-416 CVE-2020-16023: Use after free in WebCodecs in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to pote Use after free in WebCodecs in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2020-16020 [HIGH] CVE-2020-16020: Inappropriate implementation in cryptohome in Google Chrome on ChromeOS prior to 87.0.4280.66 allowe Inappropriate implementation in cryptohome in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process to bypass discretionary access control via a malicious file.

CVE-2021-21114 [HIGH] CWE-416 CVE-2021-21114: Use after free in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potenti Use after free in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2020-16015 [HIGH] CWE-20 CVE-2020-16015: Insufficient data validation in WASM in Google Chrome prior to 87.0.4280.66 allowed a remote attacke Insufficient data validation in WASM in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2020-16037 [HIGH] CWE-416 CVE-2020-16037: Use after free in clipboard in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to pote Use after free in clipboard in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.