Filtered by vendor Google
Subscriptions
Total
12088 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-1418 | 3 Acer, Google, Samsung | 4 Ac700 Chromebook, Chrome Os, Cr-48 Chromebook and 1 more | 2024-09-16 | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 17.0.963.60 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors. | ||||
| CVE-2012-4677 | 1 Google | 1 Tunnelblick | 2024-09-16 | N/A |
| Tunnelblick 3.3beta20 and earlier allows local users to gain privileges by using a crafted Info.plist file to control the gOkIfNotSecure value. | ||||
| CVE-2017-0686 | 1 Google | 1 Android | 2024-09-16 | N/A |
| A denial of service vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34231231. | ||||
| CVE-2017-14908 | 1 Google | 1 Android | 2024-09-16 | N/A |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the SafeSwitch test application does not properly validate the number of blocks to verify. | ||||
| CVE-2017-0671 | 1 Google | 1 Android | 2024-09-16 | N/A |
| A remote code execution vulnerability in the Android libraries. Product: Android. Versions: 4.4.4. Android ID: A-34514762. | ||||
| CVE-2015-9062 | 1 Google | 1 Android | 2024-09-16 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow to buffer overflow vulnerability exists when loading an ELF file. | ||||
| CVE-2011-1352 | 1 Google | 1 Android | 2024-09-16 | N/A |
| The PowerVR SGX driver in Android before 2.3.6 allows attackers to gain root privileges via an application that triggers kernel memory corruption using crafted user data to the pvrsrvkm device. | ||||
| CVE-2018-3582 | 1 Google | 1 Android | 2024-09-16 | N/A |
| Buffer overflow can occur due to improper input validation in multiple WMA event handler functions in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | ||||
| CVE-2017-0675 | 1 Google | 1 Android | 2024-09-16 | N/A |
| A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34779227. | ||||
| CVE-2012-1397 | 2 Goforandroid, Google | 2 Go Qqweibowidget, Android | 2024-09-16 | N/A |
| Unspecified vulnerability in the GO QQWeiboWidget (com.gau.go.launcherex.gowidget.qqweibowidget) application 1.2 for Android has unknown impact and attack vectors. | ||||
| CVE-2018-9444 | 1 Google | 1 Android | 2024-09-16 | N/A |
| In ih264d_video_decode of ih264d_api.c there is a possible resource exhaustion due to an infinite loop. This could lead to remote temporary device denial of service (remote hang or reboot) with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android ID: A-63521984. | ||||
| CVE-2018-5834 | 1 Google | 1 Android | 2024-09-16 | N/A |
| In __wlan_hdd_cfg80211_vendor_scan(), a buffer overwrite can potentially occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. | ||||
| CVE-2018-9506 | 1 Google | 1 Android | 2024-09-16 | N/A |
| In avrc_msg_cback of avrc_api.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111803925 | ||||
| CVE-2008-7298 | 2 Android, Google | 2 Android Browser, Android | 2024-09-16 | N/A |
| The Android browser in Android cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue. | ||||
| CVE-2017-13208 | 1 Google | 1 Android | 2024-09-16 | N/A |
| In receive_packet of libnetutils/packet.c, there is a possible out-of-bounds write due to a missing bounds check on the DHCP response. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67474440. | ||||
| CVE-2017-13221 | 1 Google | 1 Android | 2024-09-16 | N/A |
| An elevation of privilege vulnerability in the Upstream kernel wifi driver. Product: Android. Versions: Android kernel. Android ID: A-64709938. | ||||
| CVE-2013-2834 | 1 Google | 1 Chrome Os | 2024-09-16 | N/A |
| Google Chrome OS before 26.0.1410.57 does not properly enforce origin restrictions for the O3D and Google Talk plug-ins, which allows remote attackers to bypass the domain-whitelist protection mechanism via a crafted web site, a different vulnerability than CVE-2013-2835. | ||||
| CVE-2017-0736 | 1 Google | 1 Android | 2024-09-16 | N/A |
| A denial of service vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-38487564. | ||||
| CVE-2017-13184 | 1 Google | 1 Android | 2024-09-16 | N/A |
| In the enableVSyncInjections function of SurfaceFlinger, there is a possible use after free of mVSyncInjector. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 8.0, 8.1. Android ID: A-65483324. | ||||
| CVE-2018-3579 | 1 Google | 1 Android | 2024-09-16 | N/A |
| In the WLAN driver in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, event->num_entries_in_page is a value received from firmware that is not properly validated which can lead to a buffer over-read | ||||