{"vulnerability": "cve-2021-2114", "sightings": [{"uuid": "4af479bc-cb59-4d42-863f-0e09fd8f6f2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2021-21148", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=548", "content": "", "creation_timestamp": "2026-03-17T14:55:01.571377Z"}, {"uuid": "3e7d27c0-c8b7-4742-bb63-ca4d60c7d07d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21148", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/c7343d52-dd13-4321-947f-fb29745f05d2", "content": "", "creation_timestamp": "2026-02-02T12:28:45.196492Z"}, {"uuid": "97fa966a-1b03-4dea-914c-89a08bd32c04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21148", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/c7343d52-dd13-4321-947f-fb29745f05d2", "content": "", "creation_timestamp": "2026-02-02T12:28:45.196492Z"}, {"uuid": "45d1f06f-b06e-4a66-8ef2-37e978f72bfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21148", "type": "exploited", "source": "https://t.me/cKure/3846", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Google fixes Chrome zero-day actively exploited in the wild.\n\nCVE-2021-21148: A heap based buffer overflow. Exploit allegedly created by Zinc group; DPRK #NorthKorea \ud83c\uddf0\ud83c\uddf5\n\nhttps://www.bleepingcomputer.com/news/security/google-fixes-chrome-zero-day-actively-exploited-in-the-wild/ | #0day #Zeroday", "creation_timestamp": "2021-02-05T10:38:17.000000Z"}, {"uuid": "dfbdae0e-fcc4-4dbc-8317-54ac6f3b2432", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21148", "type": "exploited", "source": "https://t.me/cyberbannews_ir/3407", "content": "\u200d \ud83d\uded1\u0631\u0641\u0639 \u0647\u0641\u062a\u0645\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0631\u0648\u0632 \u0635\u0641\u0631 \u062f\u0631 \u0645\u0631\u0648\u0631\u06af\u0631 \u06a9\u0631\u0648\u0645 \n\n\u0634\u0631\u06a9\u062a \u06af\u0648\u06af\u0644 \u0628\u0647\u200c\u062a\u0627\u0632\u06af\u06cc \u0645\u0631\u0648\u0631\u06af\u0631 \u06a9\u0631\u0648\u0645 \u0631\u0627 \u062a\u0627 \u0646\u0633\u062e\u0647 91.0.4472.114 \u0627\u0631\u062a\u0642\u0627\u0621 \u062f\u0627\u062f\u0647 \u0648 4 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0631\u0637\u0631\u0641 \u06a9\u0631\u062f \u06a9\u0647 \u06cc\u06a9\u06cc \u0627\u0632 \u0622\u0646\u200c\u0647\u0627 \u0632\u06cc\u0631\u0648\u062f\u06cc \u0628\u0648\u062f\u0647 \u0648 \u0628\u0627 \u0634\u0646\u0627\u0633\u0647 \u00abCVE-2021-30554\u00bb \u0634\u0646\u0627\u062e\u062a\u0647 \u0645\u06cc\u200c\u0634\u0648\u062f.\n\n\u06a9\u0627\u0631\u0634\u0646\u0627\u0633\u0627\u0646 \u06af\u0648\u06af\u0644 \u0647\u0634\u062f\u0627\u0631 \u062f\u0627\u062f\u0647\u200c\u0627\u0646\u062f \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u06a9\u0633\u067e\u0644\u0648\u06cc\u062a \u0641\u0639\u0627\u0644 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0631\u0627 \u062f\u0631 \u0627\u062e\u062a\u06cc\u0627\u0631 \u062f\u0627\u0631\u0646\u062f \u0648 \u062d\u0645\u0644\u0627\u062a \u062e\u0648\u062f \u0631\u0627 \u0628\u0627 \u0628\u0647\u0631\u0647\u200c\u06af\u06cc\u0631\u06cc \u0627\u0632 \u0622\u0646 \u0627\u0646\u062c\u0627\u0645 \u0645\u06cc\u200c\u062f\u0647\u0646\u062f. \n\n\u0627\u06cc\u0646 \u06cc\u06a9 \u0646\u0642\u0635 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0627\u0632 \u0646\u0648\u0639 use-after-free \u062f\u0631 \u062a\u0631\u06a9\u06cc\u0628 WebGL (Web Graphics Library) JavaScript API \u0627\u0633\u062a \u06a9\u0647 \u062c\u0647\u062a \u0631\u0646\u062f\u0631\u06cc\u0646\u06af \u06af\u0631\u0627\u0641\u06cc\u06a9\u200c\u0647\u0627\u06cc \u062a\u0639\u0627\u0645\u0644\u06cc 2D \u0648 3D \u0628\u062f\u0648\u0646 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u067e\u0644\u0627\u06af\u06cc\u0646\u200c\u0647\u0627 \u0645\u0648\u0631\u062f\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u0645\u06cc\u200c\u06af\u06cc\u0631\u062f. \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0622\u0646 \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u0645\u0646\u062c\u0631 \u0628\u0647 \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u062f\u0631 \u0631\u0627\u06cc\u0627\u0646\u0647\u200c\u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0628\u0627 \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u06a9\u0631\u0648\u0645 \u06af\u0631\u062f\u062f. \n\n\u0646\u0645\u0627\u06cc\u0646\u062f\u06af\u0627\u0646 \u06af\u0648\u06af\u0644 \u0627\u0639\u0644\u0627\u0645 \u06a9\u0631\u062f\u0647\u200c\u0627\u0646\u062f \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u0648 \u0644\u06cc\u0646\u06a9\u200c\u0647\u0627 \u062a\u0627 \u0632\u0645\u0627\u0646\u06cc \u06a9\u0647 \u0627\u06a9\u062b\u0631 \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0646\u0633\u062e\u0647 \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u0631\u0627 \u0646\u0635\u0628 \u0646\u06a9\u0646\u0646\u062f\u060c \u0645\u062d\u062f\u0648\u062f \u0634\u0648\u062f. \u0639\u0644\u0627\u0648\u0647 \u0628\u0631 \u0627\u06cc\u0646\u060c \u0686\u0646\u0627\u0646\u0686\u0647 \u0627\u0634\u06a9\u0627\u0644\u06cc \u062f\u0631 \u06a9\u062a\u0627\u0628\u062e\u0627\u0646\u0647 \u062b\u0627\u0644\u062b \u0648\u062c\u0648\u062f \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u062f \u06a9\u0647 \u0633\u0627\u06cc\u0631 \u0628\u062e\u0634\u200c\u0647\u0627 \u0628\u0647 \u0631\u0648\u0634 \u0645\u0634\u0627\u0628\u0647 \u0628\u0647 \u0622\u0646 \u0648\u0627\u0628\u0633\u062a\u0647 \u0628\u0627\u0634\u0646\u062f \u0648 \u0647\u0646\u0648\u0632 \u0628\u0631\u0637\u0631\u0641 \u0646\u0634\u062f\u0647 \u0628\u0627\u0634\u062f\u060c \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u0645\u062d\u062f\u0648\u062f\u06cc\u062a\u200c\u0647\u0627\u06cc \u0645\u0634\u0627\u0628\u0647 \u0627\u0639\u0645\u0627\u0644 \u0634\u0648\u0646\u062f. \n\n\u0627\u06cc\u0646 \u0646\u0642\u0635 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0647\u0641\u062a\u0645\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0631\u0648\u0632 \u0635\u0641\u0631\u06cc \u0627\u0633\u062a \u06a9\u0647 \u062f\u0631 \u0633\u0627\u0644 2021 \u0627\u0632 \u06a9\u0631\u0648\u0645 \u0628\u0631\u0637\u0631\u0641 \u0634\u062f\u0647 \u0627\u0633\u062a. \u067e\u06cc\u0634\u200c\u062a\u0631 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc CVE-2021-21148\u060c CVE-2021-21166\u060c CVE-2021-21193\u060c CVE-2021-21220 \u0648 CVE-2021-30551 \u0646\u06cc\u0632 \u0627\u0632 \u0627\u06cc\u0646 \u0645\u0631\u0648\u0631\u06af\u0631 \u0628\u0631\u0637\u0631\u0641 \u0634\u062f\u0647\u200c\u0627\u0646\u062f. \n\n\u0634\u0634\u0645\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0631\u0648\u0632 \u0635\u0641\u0631 \u0646\u06cc\u0632 \u0686\u0646\u062f \u0631\u0648\u0632 \u067e\u06cc\u0634 \u0648\u0635\u0644\u0647 \u0634\u062f. \u06af\u0648\u06af\u0644 \u0645\u0631\u0648\u0631\u06af\u0631 \u06a9\u0631\u0648\u0645 \u0631\u0627 \u0628\u0631\u0627\u06cc \u0648\u06cc\u0646\u062f\u0648\u0632\u060c \u0645\u06a9 \u0648 \u0644\u06cc\u0646\u0648\u06a9\u0633 \u062a\u0627 \u0646\u0633\u062e\u0647 91.0.4472.101 \u0628\u0647 \u0631\u0633\u0627\u0646\u06cc \u06a9\u0631\u062f\u0647 \u0648 \u0628\u0627 \u0631\u0641\u0639 14 \u0646\u0642\u0635 \u0627\u0645\u0646\u06cc\u062a\u06cc \u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0631\u0648\u0632 \u0635\u0641\u0631 \u0628\u0627 \u0634\u0646\u0627\u0633\u0647 \u00abCVE-2021-30551\u00bb \u0631\u0627 \u0646\u06cc\u0632 \u0628\u0631\u0637\u0631\u0641 \u0646\u0645\u0648\u062f. \n\n#\u06af\u0648\u06af\u0644 \n\n@cyberbannews_ir", "creation_timestamp": "2021-06-19T11:23:57.000000Z"}, {"uuid": "7172cf3e-818c-4af9-816f-19585bb7e43e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21148", "type": "exploited", "source": "https://t.me/thesammymove/5733", "content": "Update your chrome browser immediately!\ud83d\udea8  \n\nChannel: @thesammymove\n#thesammymovenews \n\n- Google has patched a zero-day vulnerability in Chrome web browser for desktop that it says is being actively exploited in the wild.\n\n-The company released 88.0.4324.150 for Windows, Mac, and Linux, with a fix for a heap buffer overflow flaw (CVE-2021-21148) in its V8 JavaScript rendering engine.\n\n\"Google is aware of reports that an exploit for CVE-2021-21148 exists in the wild,\" the company said in a statement.\n\n-The security flaw was reported to Google by Mattias Buelens on January 24", "creation_timestamp": "2021-02-06T20:54:42.000000Z"}, {"uuid": "d9ff3c66-256b-4954-b69a-fed59a152344", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21148", "type": "seen", "source": "https://t.me/pwnwiki_zhchannel/427", "content": "CVE-2021-21156&amp;CVE-2021-21148 Chrome Array Transfer \u7e5e\u904e\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2021-21156%26CVE-2021-21148_Chrome_Array_Transfer_%E7%B9%9E%E9%81%8E%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-05-15T05:05:20.000000Z"}, {"uuid": "d12753ef-ae04-4438-aed0-0af6fd3e5aee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21141", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2985", "content": "#exploit\nCVE-2021-21123, CVE-2021-21129, CVE-2021-21130, CVE-2021-21131, CVE-2021-21141:\nGoogle Chrome File System Access API vulnerabilities\nhttps://github.com/Puliczek/CVE-2021-21123-PoC-Google-Chrome", "creation_timestamp": "2022-07-04T20:50:53.000000Z"}, {"uuid": "1039c84f-f110-4de5-a751-e55c8dab2e4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21148", "type": "exploited", "source": "Telegram/9RHj3eL8JEPv9m7C413UU7_ewFPt-Ox3W930FtyU4VNnI9g", "content": "", "creation_timestamp": "2021-02-08T11:38:28.000000Z"}, {"uuid": "c9c409d4-e84e-45c4-97ea-0ebcf13b3d41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2021-21148", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=548", "content": "", "creation_timestamp": "2021-02-08T04:00:00.000000Z"}, {"uuid": "550d712d-23d6-4353-a9c3-cf1e011acc31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21148", "type": "exploited", "source": "https://t.me/ARinteg/326", "content": "\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u00ab\u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e\u00bb \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u0441\u0440\u043e\u0447\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c Google Chrome \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 88.0.4324.150\n\n\u0412 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0435 \u0432\u0441\u043a\u0440\u044b\u043b\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0431\u0440\u0435\u0448\u044c CVE-2021-21148, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0443\u0436\u0435 \u0432\u043e\u0448\u043b\u0430 \u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u043c\u0438 \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438. \u0412 \u0437\u043e\u043d\u0443 \u0440\u0438\u0441\u043a\u0430 \u043f\u043e\u043f\u0430\u0434\u0430\u044e\u0442 \u0432\u0441\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b: Windows, MacOS \u0438 Linux. \u041f\u0430\u0442\u0447, \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u044e\u0449\u0438\u0439 \u0434\u0430\u043d\u043d\u0443\u044e \u0431\u0440\u0435\u0448\u044c, \u0443\u0436\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d. \u0414\u043b\u044f \u0442\u043e\u0433\u043e, \u0447\u0442\u043e\u0431\u044b \u043e\u043d \u0440\u0430\u0431\u043e\u0442\u0430\u043b, \u043f\u0435\u0440\u0435\u0439\u0434\u0438\u0442\u0435 \u0432 \u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 -&gt; \u041e \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0435 Chrome. \u0411\u0440\u0430\u0443\u0437\u0435\u0440 \u043f\u043e\u0441\u043b\u0435 \u044d\u0442\u043e\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u0441\u044f \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438. \u041a\u043d\u043e\u043f\u043a\u0430 \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432 \u0432\u0435\u0440\u0445\u043d\u0435\u043c \u043f\u0440\u0430\u0432\u043e\u043c \u0443\u0433\u043b\u0443 \u043e\u043a\u043d\u0430.", "creation_timestamp": "2021-02-20T12:43:00.000000Z"}, {"uuid": "81f861e9-9932-4b43-9495-a2cba3ac828c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21148", "type": "exploited", "source": "https://t.me/thesammymove/1694", "content": "Update your chrome browser immediately!\ud83d\udea8  \n\nChannel: @thesammymove\n#thesammymovenews \n\n- Google has patched a zero-day vulnerability in Chrome web browser for desktop that it says is being actively exploited in the wild.\n\n-The company released 88.0.4324.150 for Windows, Mac, and Linux, with a fix for a heap buffer overflow flaw (CVE-2021-21148) in its V8 JavaScript rendering engine.\n\n\"Google is aware of reports that an exploit for CVE-2021-21148 exists in the wild,\" the company said in a statement.\n\n-The security flaw was reported to Google by Mattias Buelens on January 24", "creation_timestamp": "2021-02-06T20:54:39.000000Z"}, {"uuid": "52e555ce-3832-4068-a29c-2758e9b9eac9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21148", "type": "exploited", "source": "https://t.me/true_secator/1402", "content": "Google \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0432\u0435\u0440\u0441\u0438\u044e Chrome 88.0.4324.150 \u0434\u043b\u044f Windows, Mac \u0438 Linux.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0432\u0441\u0435\u0433\u043e \u043e\u0434\u043d\u0443 \u043e\u0448\u0438\u0431\u043a\u0443, \u0437\u0430\u0442\u043e \u043a\u0430\u043a\u0443\u044e. CVE-2021-21148 - \u044d\u0442\u043e 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u0443\u0447\u0438 \u0432 \u0434\u0432\u0438\u0436\u043a\u0435 V8 \u0438, \u043a\u0430\u043a \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 Google, \u043a \u043c\u043e\u043c\u0435\u043d\u0442\u0443 \u0435\u0435 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u044f 24 \u044f\u043d\u0432\u0430\u0440\u044f \u0443\u0436\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u0421\u0443\u0434\u044f \u043f\u043e \u0432\u0441\u0435\u043c\u0443, \u044d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0445 \u0431\u043e\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442-\u043a\u0438\u0442\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u043b\u0438 \u0445\u0430\u043a\u0435\u0440\u044b \u0438\u0437 \u0441\u0435\u0432\u0435\u0440\u043e\u043a\u043e\u0440\u0435\u0439\u0441\u043a\u043e\u0439 APT Lazarus \u043f\u0440\u0438 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0430 \u0438\u043d\u0444\u043e\u0441\u0435\u043a \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u043e\u0432.\n\n\u0422\u0430\u043a \u0447\u0442\u043e \u0432\u0441\u0435\u043c \u043f\u0440\u0438\u0447\u0430\u0441\u0442\u043d\u044b\u043c \u043a \u043e\u0442\u0440\u0430\u0441\u043b\u0438 \u0418\u0411 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0441\u0440\u043e\u0447\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 Chrome. \u041d\u0443, \u0438 \u043e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u043c \u0442\u043e\u0436\u0435.\n\n\u0414\u0440\u0443\u0433\u0443\u044e 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Internet Explorer, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0441\u0435\u0432\u0435\u0440\u043e\u043a\u043e\u0440\u0435\u0439\u0446\u044b \u0432 \u044d\u0442\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u044e\u0436\u043d\u043e\u043a\u043e\u0440\u0435\u0439\u0441\u043a\u043e\u0439 \u0438\u043d\u0444\u043e\u0441\u0435\u043a \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 ENKI. \u041f\u043e \u0438\u0445 \u0434\u0430\u043d\u043d\u044b\u043c, \u0430\u0442\u0430\u043a\u0435 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u043b\u0438\u0441\u044c \u0438\u0445 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b. \u0418, \u0445\u043e\u0442\u044f \u043e\u043d\u0430 \u043d\u0435 \u0443\u0432\u0435\u043d\u0447\u0430\u043b\u0430\u0441\u044c \u0443\u0441\u043f\u0435\u0445\u043e\u043c, \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u043e\u043c\u043e\u0433\u043b\u0438 \u0432\u044b\u044f\u0432\u0438\u0442\u044c \u0441\u0432\u0435\u0436\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443. \u0421\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0439 PoC \u0438\u043c\u0435\u0435\u0442\u0441\u044f.\n\n\u041f\u0440\u0430\u0432\u0434\u0430 Microsoft, \u0432 \u043e\u0442\u043b\u0438\u0447\u0438\u0435 \u043e\u0442 Google, \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043a\u0430 \u043d\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0438.", "creation_timestamp": "2021-02-05T10:35:08.000000Z"}, {"uuid": "e244bbb5-3b6e-4223-8d8e-af2225d4b670", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21148", "type": "exploited", "source": "https://t.me/NeKaspersky/485", "content": "Google \u0437\u0430\u043a\u0440\u044b\u043b\u0438 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f Windows, Mac \u0438 Linux\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2021-21148 \u043f\u043e\u0444\u0438\u043a\u0441\u0438\u043b\u0438 \u0432 \u043d\u043e\u0432\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 Chrome. \u041e\u043d\u0430 \u0431\u044b\u043b\u0430 \u0432 \u0434\u0432\u0438\u0436\u043a\u0435 V8 JavaScript \u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438. \u0415\u0451 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0442 \u043a\u0430\u043a \u043e\u0448\u0438\u0431\u043a\u0443 \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u044f \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438. \n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430. \u041f\u043e\u044d\u0442\u043e\u043c\u0443, \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u043e\u0432\u0435\u0442\u0443\u0435\u043c \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f, \u043f\u0440\u0435\u0436\u0434\u0435 \u0447\u0435\u043c \u043f\u043e\u0435\u0445\u0430\u0442\u044c \u0431\u0443\u0445\u0430\u0442\u044c \u0432 \u0431\u0430\u0440.\n\nhttps://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_4.html", "creation_timestamp": "2021-02-05T17:44:53.000000Z"}, {"uuid": "d6cbfc81-e100-4c6f-b34f-80594e1e7fe0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21147", "type": "seen", "source": "https://t.me/cibsecurity/23301", "content": "\u203c CVE-2021-21147 \u203c\n\nInappropriate implementation in Skia in Google Chrome prior to 88.0.4324.146 allowed a local attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-09T18:40:33.000000Z"}, {"uuid": "89f4210a-b82f-489c-ad52-46cdd5620106", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21143", "type": "seen", "source": "https://t.me/cibsecurity/23315", "content": "\u203c CVE-2021-21143 \u203c\n\nHeap buffer overflow in Extensions in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-09T18:40:46.000000Z"}, {"uuid": "ea98bafe-690d-40e2-9061-e86d218ce580", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21144", "type": "seen", "source": "https://t.me/cibsecurity/23309", "content": "\u203c CVE-2021-21144 \u203c\n\nHeap buffer overflow in Tab Groups in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-09T18:40:41.000000Z"}, {"uuid": "c1c38d40-9e7e-42ba-8a28-b8ca72fdcb0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21145", "type": "seen", "source": "https://t.me/cibsecurity/23312", "content": "\u203c CVE-2021-21145 \u203c\n\nUse after free in Fonts in Google Chrome prior to 88.0.4324.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-09T18:40:43.000000Z"}, {"uuid": "57afcb6e-ba8e-4645-8666-8e3f61f5c75c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21148", "type": "seen", "source": "https://t.me/cibsecurity/23306", "content": "\u203c CVE-2021-21148 \u203c\n\nHeap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-09T18:40:38.000000Z"}, {"uuid": "33eb9deb-9e39-4ff0-9f86-2b38130fa0c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21142", "type": "seen", "source": "https://t.me/cibsecurity/23305", "content": "\u203c CVE-2021-21142 \u203c\n\nUse after free in Payments in Google Chrome on Mac prior to 88.0.4324.146 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-09T18:40:37.000000Z"}, {"uuid": "054df958-eb83-4f6f-83a4-10e6c4e0f8b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21146", "type": "seen", "source": "https://t.me/cibsecurity/23297", "content": "\u203c CVE-2021-21146 \u203c\n\nUse after free in Navigation in Google Chrome prior to 88.0.4324.146 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-09T18:40:29.000000Z"}, {"uuid": "db8adfbc-2408-45aa-a7cb-26b52df45b87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21141", "type": "seen", "source": "MISP/45220254-d37d-4ca6-bd1b-8fd75bdd19f3", "content": "", "creation_timestamp": "2024-11-14T06:08:20.000000Z"}, {"uuid": "e0119e31-67a3-4215-b09b-2753ae600bec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21148", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971073", "content": "", "creation_timestamp": "2024-12-24T20:23:52.189049Z"}, {"uuid": "b4e02d45-9fff-4c76-a079-ce439efeb26d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21148", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:51.000000Z"}, {"uuid": "702e1469-34b9-4c56-a106-f4b7a27b876c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21148", "type": "exploited", "source": "https://t.me/noobhackersyoutube/633", "content": "#cybernews by @noobhackersofficial\n\n\u26a0\ufe0f An important update for all users: update #Google Chrome immediately. \n\nHackers are actively exploiting a dangerous vulnerability (CVE-2021-21148) in Google Chrome. Time to get to updating! https://t.co/ws4JxZLAJZ", "creation_timestamp": "2021-02-08T12:52:12.000000Z"}, {"uuid": "02427923-3848-4c6b-975c-a7ac071af490", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21148", "type": "seen", "source": "https://t.me/arpsyndicate/1006", "content": "#ExploitObserverAlert\n\nCVE-2021-21148\n\nDESCRIPTION: Exploit Observer has 18 entries related to CVE-2021-21148. Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\nFIRST-EPSS: 0.019330000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-12-03T19:05:52.000000Z"}, {"uuid": "619cdcc2-f9a4-4489-8e69-406fc7e06aa3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21149", "type": "seen", "source": "https://t.me/cibsecurity/23965", "content": "\u203c CVE-2021-21149 \u203c\n\nStack buffer overflow in Data Transfer in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-23T00:34:08.000000Z"}, {"uuid": "aa4835ae-3cf6-4c3c-bedd-2e5ea8865a95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21148", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/3428", "content": "#exploit\nCVE-2021-21148,\nCVE-2021-21156:\nChrome Array Transfer Bypass (PoC)\n\n// The fix for CVE-2021-21148 has added a check in |ValueSerializer::WriteJSArrayBuffer| to make sure non-detachable array buffers cannot be transferred. The check can be bypassed with the help of asm.js and property getters", "creation_timestamp": "2021-05-22T13:03:01.000000Z"}, {"uuid": "834ebe40-72ec-4381-843b-4461cb90c79a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21148", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "d64682bf-8fde-4175-bae5-2423b10f4b14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21148", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:17.000000Z"}, {"uuid": "27cab4c9-94c8-44b7-9011-012c3870e2d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21148", "type": "seen", "source": "MISP/1122b900-e4ba-4aaa-8ce3-cc7fc447cb31", "content": "", "creation_timestamp": "2024-11-14T06:08:25.000000Z"}]}