Filtered by vendor Google Subscriptions
Total 12502 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-39437 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2024-10-17 6.5 Medium
In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed.
CVE-2024-39436 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2024-10-17 6.5 Medium
In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed.
CVE-2024-9961 1 Google 1 Chrome 2024-10-16 8.8 High
Use after free in ParcelTracking in Google Chrome on iOS prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVE-2024-9960 1 Google 1 Chrome 2024-10-16 8.8 High
Use after free in Dawn in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVE-2024-9959 1 Google 1 Chrome 2024-10-16 8.8 High
Use after free in DevTools in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium)
CVE-2024-9957 1 Google 1 Chrome 2024-10-16 8.8 High
Use after free in UI in Google Chrome on iOS prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVE-2024-9956 1 Google 1 Chrome 2024-10-16 7.8 High
Inappropriate implementation in WebAuthentication in Google Chrome on Android prior to 130.0.6723.58 allowed a local attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)
CVE-2024-9955 1 Google 1 Chrome 2024-10-16 8.8 High
Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVE-2024-38208 2 Google, Microsoft 2 Android, Edge 2024-10-16 6.1 Medium
Microsoft Edge for Android Spoofing Vulnerability
CVE-2024-9859 1 Google 1 Chrome 2024-10-15 8.8 High
Type confusion in WebAssembly in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
CVE-2024-8198 1 Google 1 Chrome 2024-10-15 7.5 High
Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-7534 1 Google 1 Chrome 2024-10-15 8.8 High
Heap buffer overflow in Layout in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-44096 1 Google 1 Android 2024-10-15 4.4 Medium
there is a possible arbitrary read due to an insecure default value. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-44095 1 Google 1 Android 2024-10-15 7.4 High
In ppmp_protect_mfcfw_buf of code/drm_fw.c, there is a possible corrupt memory due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-20102 2 Google, Mediatek 9 Android, Mt3605, Mt6985 and 6 more 2024-10-10 4.9 Medium
In wlan driver, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998892; Issue ID: MSV-1601.
CVE-2024-9602 1 Google 1 Chrome 2024-10-10 8.8 High
Type Confusion in V8 in Google Chrome prior to 129.0.6668.100 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)
CVE-2024-9603 1 Google 1 Chrome 2024-10-10 8.8 High
Type Confusion in V8 in Google Chrome prior to 129.0.6668.100 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-20103 2 Google, Mediatek 13 Android, Mt3605, Mt6985 and 10 more 2024-10-07 9.8 Critical
In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09001358; Issue ID: MSV-1599.
CVE-2024-20101 2 Google, Mediatek 16 Android, Mt3605, Mt6985 and 13 more 2024-10-07 9.8 Critical
In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998901; Issue ID: MSV-1602.
CVE-2024-20100 2 Google, Mediatek 17 Android, Mt3605, Mt6985 and 14 more 2024-10-07 9.8 Critical
In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998449; Issue ID: MSV-1603.