Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

CVE-2021-38018: Chromium: CVE-2021-38018 Inappropriate implementation in navigation

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 96.0.1052.29 11/19/2021 96.0.4664.45

Microsoft Security Response Center
Open in Source
#microsoft#Microsoft Edge (Chromium-based)#Security Vulnerability
CVE-2021-38014: Chromium: CVE-2021-38014 Out of bounds write in Swiftshader

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 96.0.1052.29 11/19/2021 96.0.4664.45

CVE-2021-38016: Chromium: CVE-2021-38016 Insufficient policy enforcement in background fetch

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 96.0.1052.29 11/19/2021 96.0.4664.45

CVE-2021-38012: Chromium: CVE-2021-38012 Type Confusion in V8

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 96.0.1052.29 11/19/2021 96.0.4664.45

CVE-2021-38017: Chromium: CVE-2021-38017 Insufficient policy enforcement in iframe sandbox

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 96.0.1052.29 11/19/2021 96.0.4664.45

CVE-2021-38015: Chromium: CVE-2021-38015 Inappropriate implementation in input

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 96.0.1052.29 11/19/2021 96.0.4664.45

CVE-2021-43220: Microsoft Edge for iOS Spoofing Vulnerability

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 96.0.1052.29 11/19/2021 96.0.4664.45

CVE-2021-42308: Microsoft Edge (Chromium-based) Spoofing Vulnerability

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 96.0.1054.29 11/19/2021 96.0.4664.45

CVE-2021-35534

Insufficient security control vulnerability in internal database access mechanism of Hitachi Energy Relion 670/650/SAM600-IO, Relion 650, GMS600, PWC600 allows attacker who successfully exploited this vulnerability, of which the product does not sufficiently restrict access to an internal database tables, could allow anybody with user credentials to bypass security controls that is enforced by the product. Consequently, exploitation may lead to unauthorized modifications on data/firmware, and/or to permanently disabling the product. This issue affects: Hitachi Energy Relion 670 Series 2.0 all revisions; 2.2.2 all revisions; 2.2.3 versions prior to 2.2.3.5. Hitachi Energy Relion 670/650 Series 2.1 all revisions. 2.2.0 all revisions; 2.2.4 all revisions; Hitachi Energy Relion 670/650/SAM600-IO 2.2.1 all revisions; 2.2.5 versions prior to 2.2.5.2. Hitachi Energy Relion 650 1.0 all revisions. 1.1 all revisions; 1.2 all revisions; 1.3 versions prior to 1.3.0.8; Hitachi Energy GMS600 1.3.0; ...

CVE-2021-41165: ckeditor4/CHANGES.md at major · ckeditor/ckeditor4

CKEditor4 is an open source WYSIWYG HTML editor. In affected version a vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject malformed comments HTML bypassing content sanitization, which could result in executing JavaScript code. It affects all users using the CKEditor 4 at version < 4.17.0. The problem has been recognized and patched. The fix will be available in version 4.17.0.