Filtered by vendor Google
Subscriptions
Total
12532 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-9462 | 1 Google | 2 Android, Pixel | 2024-12-19 | 7.8 High |
| In store_cmd of ftm4_pdc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2018-9463 | 1 Google | 2 Android, Pixel | 2024-12-19 | 7.8 High |
| In sw49408_irq_runtime_engine_debug of touch_sw49408.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2017-13308 | 1 Google | 1 Android | 2024-12-19 | 6.7 Medium |
| In tscpu_write_GPIO_out and mtkts_Abts_write of mtk_ts_Abts.c, there is a possible buffer overflow in an sscanf due to improper input validation. This could lead to a local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2018-9386 | 1 Google | 1 Android | 2024-12-19 | 6.7 Medium |
| In reboot_block_command of htc reboot_block driver, there is a possible stack buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2018-9388 | 1 Google | 1 Android | 2024-12-19 | 7.8 High |
| In store_upgrade and store_cmd of drivers/input/touchscreen/stm/ftm4_pdc.c, there are out of bound writes due to missing bounds checks or integer underflows. These could lead to escalation of privilege. | ||||
| CVE-2018-9390 | 1 Google | 1 Android | 2024-12-19 | 6.7 Medium |
| In procfile_write of gl_proc.c, there is a possible out of bounds read of a function pointer due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2018-9400 | 1 Google | 2 Android, Pixel | 2024-12-19 | 7.8 High |
| In gt1x_debug_write_proc and gt1x_tool_write of drivers/input/touchscreen/mediatek/GT1151/gt1x_generic.c and gt1x_tools.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2018-9402 | 1 Google | 2 Android, Pixel | 2024-12-19 | 8.8 High |
| In multiple functions of gl_proc.c, there is a buffer overwrite due to a missing bounds check. This could lead to escalation of privileges in the kernel. | ||||
| CVE-2018-9403 | 1 Google | 2 Android, Pixel | 2024-12-19 | 7.8 High |
| In the MTK_FLP_MSG_HAL_DIAG_REPORT_DATA_NTF handler of flp2hal_- interface.c, there is a possible stack buffer overflow due to a missing bounds check. This could lead to local escalation of privilege in a privileged process with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2018-9404 | 1 Google | 2 Android, Pixel | 2024-12-19 | 7.8 High |
| In oemCallback of ril.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2018-9407 | 1 Google | 1 Android | 2024-12-19 | 6.5 Medium |
| In emmc_rpmb_ioctl of emmc_rpmb.c, there is an Information Disclosure due to a Missing Bounds Check. This could lead to Information Disclosure of kernel data. | ||||
| CVE-2018-9408 | 1 Google | 1 Android | 2024-12-19 | 5.5 Medium |
| In m3326_gps_write and m3326_gps_read of gps.s, there is a possible Out Of Bounds Read due to a missing bounds check. This could lead to a local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2018-9439 | 1 Google | 2 Android, Pixel | 2024-12-19 | 7.8 High |
| In __unregister_prot_hook and packet_release of af_packet.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-3157 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-12-19 | 9.6 Critical |
| Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via specific UI gestures. (Chromium security severity: High) | ||||
| CVE-2024-3515 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-12-19 | 6.5 Medium |
| Use after free in Dawn in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-3845 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-12-19 | 4.3 Medium |
| Inappropriate implementation in Networks in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass mixed content policy via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2024-2886 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-12-19 | 7.5 High |
| Use after free in WebCodecs in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-2885 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-12-19 | 8.8 High |
| Use after free in Dawn in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-2883 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-12-19 | 8.8 High |
| Use after free in ANGLE in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) | ||||
| CVE-2018-9487 | 1 Google | 1 Android | 2024-12-19 | 6.5 Medium |
| In setVpnForcedLocked of Vpn.java, there is a possible blocking of internet traffic through vpn due to a bad uid check. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation. | ||||