Filtered by vendor Google
Subscribe
Total
12717 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-9409 | 1 Google | 1 Android | 2025-07-03 | N/A | 7.8 HIGH |
In HWCSession::SetColorModeById of hwc_session.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2018-9375 | 1 Google | 1 Android | 2025-07-03 | N/A | 7.8 HIGH |
In multiple functions of UserDictionaryProvider.java, there is a possible way to add and delete words in the user dictionary due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2023-4358 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2025-07-03 | N/A | 8.8 HIGH |
Use after free in DNS in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | |||||
CVE-2024-43077 | 1 Google | 1 Android | 2025-07-03 | N/A | 7.8 HIGH |
In DevmemValidateFlags of devicemem_server.c , there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2024-43097 | 1 Google | 1 Android | 2025-07-03 | N/A | 7.8 HIGH |
In resizeToAtLeast of SkRegion.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2024-43762 | 1 Google | 1 Android | 2025-07-03 | N/A | 7.8 HIGH |
In multiple locations, there is a possible way to avoid unbinding of a service from the system due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2024-43764 | 1 Google | 1 Android | 2025-07-03 | N/A | 7.8 HIGH |
In onPrimaryClipChanged of ClipboardListener.java, there is a possible way to partially bypass lock screen. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2025-6177 | 1 Google | 1 Chrome Os | 2025-07-02 | N/A | 7.4 HIGH |
Privilege Escalation in MiniOS in Google ChromeOS (16063.45.2 and potentially others) on enrolled devices allows a local attacker to gain root code execution via exploiting a debug shell (VT3 console) accessible through specific key combinations during developer mode entry and MiniOS access, even when developer mode is blocked by device policy or Firmware Write Protect (FWMP). | |||||
CVE-2025-6179 | 1 Google | 1 Chrome Os | 2025-07-02 | N/A | 9.8 CRITICAL |
Permissions Bypass in Extension Management in Google ChromeOS 16181.27.0 on managed Chrome devices allows a local attacker to disable extensions and access Developer Mode, including loading additional extensions via exploiting vulnerabilities using the ExtHang3r and ExtPrint3r tools. | |||||
CVE-2025-6555 | 1 Google | 1 Chrome | 2025-07-02 | N/A | 5.4 MEDIUM |
Use after free in Animation in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | |||||
CVE-2025-6556 | 1 Google | 1 Chrome | 2025-07-02 | N/A | 5.4 MEDIUM |
Insufficient policy enforcement in Loader in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low) | |||||
CVE-2025-5063 | 1 Google | 1 Chrome | 2025-07-02 | N/A | 8.8 HIGH |
Use after free in Compositing in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2023-4428 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2025-07-01 | N/A | 8.1 HIGH |
Out of bounds memory access in CSS in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2024-34732 | 1 Google | 1 Android | 2025-06-27 | N/A | 8.4 HIGH |
In RGXMMUCacheInvalidate of rgxmem.c, there is a possible arbitrary code execution due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2024-34733 | 1 Google | 1 Android | 2025-06-27 | N/A | 8.4 HIGH |
In DevmemXIntMapPages of devicemem_server.c, there is a possible arbitrary code execution due to an integer overflow. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2024-34748 | 1 Google | 1 Android | 2025-06-27 | N/A | 8.4 HIGH |
In _DevmemXReservationPageAddress of devicemem_server.c, there is a possible use-after-free due to improper casting. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2024-40649 | 1 Google | 1 Android | 2025-06-27 | N/A | 8.4 HIGH |
In TBD of TBD, there is a possible use-after-free due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2024-40651 | 1 Google | 1 Android | 2025-06-27 | N/A | 8.4 HIGH |
In TBD of TBD, there is a possible use-after-free due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2024-40669 | 1 Google | 1 Android | 2025-06-27 | N/A | 8.4 HIGH |
In TBD of TBD, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2024-40670 | 1 Google | 1 Android | 2025-06-27 | N/A | 8.4 HIGH |
In TBD of TBD, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. |