{"vulnerability": "CVE-2021-2111", "sightings": [{"uuid": "27c7c0a8-a09a-4a72-ac24-84ba0b6e65ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21114", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2873", "content": "#exploit\n1. CVE-2020-6507:\nChrome RCE on macOS 11.2.1\nhttps://github.com/r0t0tiller/Exploits/tree/master/V8/CVE-2020-6507\n\n2. CVE-2020-15972, CVE-2021-21114:\nUaF in Chrome AudioHandler\nhttps://securitylab.github.com/advisories/GHSL-2020-167-chrome", "creation_timestamp": "2024-05-07T14:30:28.000000Z"}, {"uuid": "7dd3705f-e886-4e7a-acaa-8f3f7bd36162", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21115", "type": "seen", "source": "https://t.me/cibsecurity/21871", "content": "\u203c CVE-2021-21115 \u203c\n\nUser after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-08T22:48:05.000000Z"}, {"uuid": "e1dd7e39-5132-423a-a6a3-007c8b2dab5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21116", "type": "seen", "source": "https://t.me/cibsecurity/21847", "content": "\u203c CVE-2021-21116 \u203c\n\nHeap buffer overflow in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-08T22:41:56.000000Z"}, {"uuid": "a0a220c3-7cc5-4a80-a523-56176d8fa21e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21113", "type": "seen", "source": "https://t.me/cibsecurity/21867", "content": "\u203c CVE-2021-21113 \u203c\n\nHeap buffer overflow in Skia in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-08T22:47:59.000000Z"}, {"uuid": "5a0f9bbd-dc9e-4102-9c38-66ef113937d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21111", "type": "seen", "source": "https://t.me/cibsecurity/21863", "content": "\u203c CVE-2021-21111 \u203c\n\nInsufficient policy enforcement in WebUI in Google Chrome prior to 87.0.4280.141 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-08T22:42:13.000000Z"}, {"uuid": "0f7250f8-9e74-400b-b081-b9717ebee58e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21112", "type": "seen", "source": "https://t.me/cibsecurity/21861", "content": "\u203c CVE-2021-21112 \u203c\n\nUse after free in Blink in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-08T22:42:11.000000Z"}, {"uuid": "259be608-2709-4128-978f-b162f13586c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21114", "type": "seen", "source": "https://t.me/cibsecurity/21857", "content": "\u203c CVE-2021-21114 \u203c\n\nUse after free in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-08T22:42:07.000000Z"}, {"uuid": "cf612d4d-ed3e-4398-b8c7-59ed243c763e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-2111", "type": "seen", "source": "https://t.me/cibsecurity/22378", "content": "\u203c CVE-2021-2111 \u203c\n\nVulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 6.0 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-20T18:37:31.000000Z"}, {"uuid": "eb49cdb4-d831-4f51-ba84-31c388a62ad7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21110", "type": "seen", "source": "https://t.me/cibsecurity/21870", "content": "\u203c CVE-2021-21110 \u203c\n\nUse after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-08T22:48:03.000000Z"}]}