{"vulnerability": "CVE-2021-2115", "sightings": [{"uuid": "34c6f0fd-5bd8-4b12-98c5-a0168a34b76c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21153", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/3290", "content": "#Threat_Research\nAttack llvmpipe Graphics Driver from Chromium WebGL\nhttps://insinuator.net/2021/05/attack-llvmpipe-graphics-driver-from-chromium\n]-> CVE-2021-21153 (PoC for Ubuntu 20.04):\nhttps://bugs.chromium.org/p/chromium/issues/detail?id=1155974", "creation_timestamp": "2021-05-05T11:01:30.000000Z"}, {"uuid": "9a0f4cd4-d0a3-471d-abb7-0384ec5168fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21156", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/3428", "content": "#exploit\nCVE-2021-21148,\nCVE-2021-21156:\nChrome Array Transfer Bypass (PoC)\n\n// The fix for CVE-2021-21148 has added a check in |ValueSerializer::WriteJSArrayBuffer| to make sure non-detachable array buffers cannot be transferred. The check can be bypassed with the help of asm.js and property getters", "creation_timestamp": "2021-05-22T13:03:01.000000Z"}, {"uuid": "70672330-4048-4327-80ac-cc1a6434b88a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21159", "type": "seen", "source": "MISP/6c8ab802-bdfb-477e-a92b-4d8e83907392", "content": "", "creation_timestamp": "2024-11-14T06:10:09.000000Z"}, {"uuid": "6d8015c6-1b72-498f-bb72-3588cd1e8140", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21159", "type": "seen", "source": "https://t.me/cibsecurity/24630", "content": "\u203c CVE-2021-21159 \u203c\n\nHeap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-09T20:51:56.000000Z"}, {"uuid": "ba75962d-9e97-4936-b528-d4272b32e0bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21154", "type": "seen", "source": "https://t.me/cibsecurity/23951", "content": "\u203c CVE-2021-21154 \u203c\n\nHeap buffer overflow in Tab Strip in Google Chrome prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-23T00:33:52.000000Z"}, {"uuid": "f673de21-a81b-4e6d-afc9-d95e29fb71e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21156", "type": "seen", "source": "https://t.me/cibsecurity/23964", "content": "\u203c CVE-2021-21156 \u203c\n\nHeap buffer overflow in V8 in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted script.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-23T00:34:06.000000Z"}, {"uuid": "47153da3-e37d-499b-b04c-a2be183fb80d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21150", "type": "seen", "source": "https://t.me/cibsecurity/23961", "content": "\u203c CVE-2021-21150 \u203c\n\nUse after free in Downloads in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-23T00:34:02.000000Z"}, {"uuid": "b35fdb93-3772-40e4-90df-f7ebd0ad29be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21151", "type": "seen", "source": "https://t.me/cibsecurity/23960", "content": "\u203c CVE-2021-21151 \u203c\n\nUse after free in Payments in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-23T00:34:01.000000Z"}, {"uuid": "ff6ccc03-bf62-40ca-8b8f-a5f59fba22ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21155", "type": "seen", "source": "https://t.me/cibsecurity/23959", "content": "\u203c CVE-2021-21155 \u203c\n\nHeap buffer overflow in Tab Strip in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-23T00:34:00.000000Z"}, {"uuid": "2da04e44-6612-4c30-b9ac-24f2cbf56a1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21153", "type": "seen", "source": "https://t.me/cibsecurity/23954", "content": "\u203c CVE-2021-21153 \u203c\n\nStack buffer overflow in GPU Process in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-23T00:33:55.000000Z"}, {"uuid": "9d369352-d8a2-41a5-8c18-c7808c4bfdae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-2115", "type": "seen", "source": "https://t.me/cibsecurity/22386", "content": "\u203c CVE-2021-2115 \u203c\n\nVulnerability in the Oracle Common Applications Calendar product of Oracle E-Business Suite (component: Tasks). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Common Applications Calendar. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Common Applications Calendar, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Common Applications Calendar accessible data as well as unauthorized update, insert or delete access to some of Oracle Common Applications Calendar accessible data. CVSS 3.1 Base Score 7.6 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-20T18:37:40.000000Z"}, {"uuid": "2d589ab1-323e-4938-b425-c90c2fea7496", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21152", "type": "seen", "source": "https://t.me/cibsecurity/23962", "content": "\u203c CVE-2021-21152 \u203c\n\nHeap buffer overflow in Media in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-23T00:34:04.000000Z"}, {"uuid": "3f43f37e-7d4f-491e-bd31-6fdbb376de4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21156", "type": "seen", "source": "https://t.me/pwnwiki_zhchannel/427", "content": "CVE-2021-21156&CVE-2021-21148 Chrome Array Transfer \u7e5e\u904e\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2021-21156%26CVE-2021-21148_Chrome_Array_Transfer_%E7%B9%9E%E9%81%8E%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-05-15T05:05:20.000000Z"}, {"uuid": "481cde34-eef9-4895-b2f5-70295b497987", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21158", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfxwg64tsj2e", "content": "", "creation_timestamp": "2025-01-17T23:16:05.052847Z"}, {"uuid": "7b548bec-4760-4a05-90df-032415437d80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21158", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfxxxrx5xt2e", "content": "", "creation_timestamp": "2025-01-17T23:43:50.588875Z"}, {"uuid": "02645a6b-e67b-41f6-b88c-9562056e09c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21157", "type": "seen", "source": "https://t.me/cibsecurity/23963", "content": "\u203c CVE-2021-21157 \u203c\n\nUse after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-23T00:34:05.000000Z"}]}