Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

rory mcnamara vulnerabilities and exploits

(subscribe to this query)
7.8
CVSSv3
CVE-2017-15400
Insufficient restriction of IPP filters in CUPS in Google Chrome OS before 62.0.3202.74 allowed a remote malicious user to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issue.
Google Chrome Os
7.8
CVSSv3
CVE-2018-4180
In macOS High Sierra prior to 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.
Apple Mac Os XDebian Debian Linux 9.0Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 17.10Canonical Ubuntu Linux 14.04
5.5
CVSSv3
CVE-2018-4181
In macOS High Sierra prior to 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.
Apple Mac Os XCanonical Ubuntu Linux 16.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 17.10Canonical Ubuntu Linux 18.04Debian Debian Linux 8.0Debian Debian Linux 9.0
8.8
CVSSv3
CVE-2018-6553
The CUPS AppArmor profile incorrectly confined the dnssd backend due to use of hard links. A local attacker could possibly use this issue to escape confinement. This flaw affects versions before 2.2.7-1ubuntu2.1 in Ubuntu 18.04 LTS, before 2.2.4-7ubuntu3.1 in Ubuntu 17.10, before...
Cups Cups -Canonical Ubuntu Linux 17.10Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 14.04Debian Debian Linux 9.0Canonical Ubuntu Linux 18.04Debian Debian Linux 8.0
7.8
CVSSv3
CVE-2021-21117
Insufficient policy enforcement in Cryptohome in Google Chrome before 88.0.4324.96 allowed a local malicious user to perform OS-level privilege escalation via a crafted file.
Google Chrome
8.8
CVSSv3
CVE-2021-21118
Insufficient data validation in V8 in Google Chrome before 88.0.4324.96 allowed a remote malicious user to potentially perform out of bounds memory access via a crafted HTML page.
Google ChromeMicrosoft Edge Chromium
8.8
CVSSv3
CVE-2021-21120
Use after free in WebSQL in Google Chrome before 88.0.4324.96 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google ChromeMicrosoft Edge Chromium
9.6
CVSSv3
CVE-2021-21121
Use after free in Omnibox in Google Chrome on Linux before 88.0.4324.96 allowed a remote malicious user to potentially perform a sandbox escape via a crafted HTML page.
Google ChromeMicrosoft Edge Chromium
8.8
CVSSv3
CVE-2021-21122
Use after free in Blink in Google Chrome before 88.0.4324.96 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google ChromeMicrosoft Edge Chromium
6.5
CVSSv3
CVE-2021-21123
Insufficient data validation in File System API in Google Chrome before 88.0.4324.96 allowed a remote malicious user to bypass filesystem restrictions via a crafted HTML page.
Google ChromeMicrosoft Edge Chromium
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310CVE-2024-21683CVE-2024-22187chromedeserializationXPath injectionCVE-2024-27842denial of serviceCVE-2024-24851googleCVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook