Show filters
1,988 Total Results
Displaying 771-780 of 1,988
Sort by:
Attacker Value
Unknown

CVE-2021-21137

Disclosure Date: February 09, 2021 (last updated February 22, 2025)
Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.
Attacker Value
Unknown

CVE-2021-21140

Disclosure Date: February 09, 2021 (last updated February 22, 2025)
Uninitialized use in USB in Google Chrome prior to 88.0.4324.96 allowed a local attacker to potentially perform out of bounds memory access via via a USB device.
Attacker Value
Unknown

CVE-2021-21133

Disclosure Date: February 09, 2021 (last updated February 22, 2025)
Insufficient policy enforcement in Downloads in Google Chrome prior to 88.0.4324.96 allowed an attacker who convinced a user to download files to bypass navigation restrictions via a crafted HTML page.
Attacker Value
Unknown

CVE-2021-21129

Disclosure Date: February 09, 2021 (last updated February 22, 2025)
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
Attacker Value
Unknown

CVE-2021-21122

Disclosure Date: February 09, 2021 (last updated February 22, 2025)
Use after free in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Attacker Value
Unknown

CVE-2021-21118

Disclosure Date: February 09, 2021 (last updated February 22, 2025)
Insufficient data validation in V8 in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
Attacker Value
Unknown

CVE-2021-3326

Disclosure Date: January 27, 2021 (last updated February 22, 2025)
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.
Attacker Value
Unknown

CVE-2021-21259

Disclosure Date: January 22, 2021 (last updated February 22, 2025)
HedgeDoc is open source software which lets you create real-time collaborative markdown notes. In HedgeDoc before version 1.7.2, an attacker can inject arbitrary JavaScript into a HedgeDoc note, which is executed when the note is viewed in slide mode. Depending on the configuration of the instance, the attacker may not need authentication to create or edit notes. The problem is patched in HedgeDoc 1.7.2. As a workaround, disallow loading JavaScript from 3rd party sites using the `Content-Security-Policy` header. Note that this will break some embedded content.
Attacker Value
Unknown

CVE-2020-28386

Disclosure Date: January 12, 2021 (last updated February 22, 2025)
A vulnerability has been identified in Solid Edge SE2020 (All Versions < SE2020MP12), Solid Edge SE2021 (All Versions < SE2021MP2). Affected applications lack proper validation of user-supplied data when parsing DFT files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process.
Attacker Value
Unknown

CVE-2020-28381

Disclosure Date: January 12, 2021 (last updated February 22, 2025)
A vulnerability has been identified in Solid Edge SE2020 (All Versions < SE2020MP12), Solid Edge SE2021 (All Versions < SE2021MP2). Affected applications lack proper validation of user-supplied data when parsing PAR files. This could result in an out of bounds write into uninitialized memory. An attacker could leverage this vulnerability to execute code in the context of the current process.