In drivers/char/virtio_console.c in the Linux kernel before 5.13.4 data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior

read_header_tga in gd_tga.c in the GD Graphics Library (aka LibGD) through 2.3.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.

Chromium: CVE-2021-38022 Inappropriate implementation in WebAuthentication

Chromium: CVE-2021-38021 Inappropriate implementation in referrer

Chromium: CVE-2021-38020 Insufficient policy enforcement in contacts picker

Chromium: CVE-2021-38019 Insufficient policy enforcement in CORS

Chromium: CVE-2021-38018 Inappropriate implementation in navigation

Chromium: CVE-2021-38017 Insufficient policy enforcement in iframe sandbox

Chromium: CVE-2021-38016 Insufficient policy enforcement in background fetch

Chromium: CVE-2021-38015 Inappropriate implementation in input

Chromium: CVE-2021-38014 Out of bounds write in Swiftshader

Chromium: CVE-2021-38013 Heap buffer overflow in fingerprint recognition

Chromium: CVE-2021-38012 Type Confusion in V8

Chromium: CVE-2021-38011 Use after free in storage foundation

Chromium: CVE-2021-38010 Inappropriate implementation in service workers

A flaw was found in glib before version 2.63.6. Due to random charset alias pkexec can leak content from files owned by privileged users to unprivileged ones under the right condition.

Chromium: CVE-2021-38009 Inappropriate implementation in cache

Chromium: CVE-2021-38008 Use after free in media

Chromium: CVE-2021-38007 Type Confusion in V8

Chromium: CVE-2021-38006 Use after free in storage foundation