Filtered by vendor Google
Subscriptions
Total
12532 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-9486 | 1 Google | 1 Android | 2024-12-19 | 6.5 Medium |
| In hidh_l2cif_data_ind of hidh_conn.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-3846 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-12-19 | 5.4 Medium |
| Inappropriate implementation in Prompts in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2024-3847 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-12-19 | 6.1 Medium |
| Insufficient policy enforcement in WebUI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2024-3516 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-12-19 | 6.5 Medium |
| Heap buffer overflow in ANGLE in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-3832 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-12-19 | 8.8 High |
| Object corruption in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-3833 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-12-19 | 8.8 High |
| Object corruption in WebAssembly in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-3840 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-12-19 | 7.5 High |
| Insufficient policy enforcement in Site Isolation in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2024-3841 | 3 Fedoraproject, Google, Microsoft | 3 Fedora, Chrome, Windows | 2024-12-19 | 6.1 Medium |
| Insufficient data validation in Browser Switcher in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to inject scripts or HTML into a privileged page via a malicious file. (Chromium security severity: Medium) | ||||
| CVE-2024-3843 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-12-19 | 4.3 Medium |
| Insufficient data validation in Downloads in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2024-3844 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-12-19 | 4.3 Medium |
| Inappropriate implementation in Extensions in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low) | ||||
| CVE-2018-9416 | 1 Google | 2 Android, Pixel | 2024-12-18 | 6.7 Medium |
| In sg_remove_scat of scsi/sg.c, there is a possible memory corruption due to an unusual root cause. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2018-9395 | 1 Google | 2 Android, Pixel | 2024-12-18 | 7.8 High |
| In mtk_cfg80211_vendor_packet_keep_alive_start and mtk_cfg80211_vendor_set_config of drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/gl_vendor.c, there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2018-9396 | 1 Google | 2 Android, Pixel | 2024-12-18 | 7.8 High |
| In rpc_msg_handler and related handlers of drivers/misc/mediatek/eccci/port_rpc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2018-9350 | 1 Google | 1 Android | 2024-12-18 | 6.5 Medium |
| In ih264d_assign_pic_num of ih264d_utils.c there is a possible out of bound read due to missing bounds check. This could lead to a denial of service with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2018-9349 | 1 Google | 1 Android | 2024-12-18 | 6.5 Medium |
| In mv_err_cost of mcomp.c there is a possible out of bounds read due to missing bounds check. This could lead to denial of service with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2017-13323 | 1 Google | 2 Android, Pixel | 2024-12-18 | 8.4 High |
| In String16 of String16.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2017-13321 | 1 Google | 1 Android | 2024-12-18 | 6.2 Medium |
| In SensorService::isDataInjectionEnabled of frameworks/native/services/sensorservice/SensorService.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2017-13320 | 1 Google | 1 Android | 2024-12-18 | 6.5 Medium |
| In impeg2d_bit_stream_flush() of libmpeg2dec there is a possible OOB read due to a missing bounds check. This could lead to Remote DoS with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2017-13319 | 1 Google | 2 Android, Pixel | 2024-12-18 | 7.5 High |
| In pvmp3_get_main_data_size of pvmp3_get_main_data_size.cpp, there is a possible buffer overread due to a missing bounds check. This could lead to remote information disclosure of global static variables with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2018-9393 | 1 Google | 2 Android, Pixel | 2024-12-18 | 7.8 High |
| In procfile_write of drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/gl_proc.c, there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||