Filtered by vendor Google
Subscribe
Total
12026 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-5274 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-27 | N/A | 9.6 CRITICAL |
Type Confusion in V8 in Google Chrome prior to 125.0.6422.112 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2024-7971 | 1 Google | 1 Chrome | 2024-11-27 | N/A | 9.6 CRITICAL |
Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2023-52536 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-27 | N/A | 4.4 MEDIUM |
In faceid service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | |||||
CVE-2023-52352 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-27 | N/A | 5.5 MEDIUM |
In Network Adapter Service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges needed | |||||
CVE-2023-52350 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-27 | N/A | 4.4 MEDIUM |
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | |||||
CVE-2023-52349 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-27 | N/A | 4.4 MEDIUM |
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | |||||
CVE-2023-33905 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-27 | N/A | 4.4 MEDIUM |
In iwnpi server, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | |||||
CVE-2023-40122 | 1 Google | 1 Android | 2024-11-26 | N/A | 3.3 LOW |
In applyCustomDescription of SaveUi.java, there is a possible way to view other user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2024-0029 | 1 Google | 1 Android | 2024-11-26 | N/A | 7.8 HIGH |
In multiple files, there is a possible way to capture the device screen when disallowed by device policy due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2024-0019 | 1 Google | 1 Android | 2024-11-26 | N/A | 5.0 MEDIUM |
In setListening of AppOpsControllerImpl.java, there is a possible way to hide the microphone privacy indicator when restarting systemUI due to a missing check for active recordings. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation. | |||||
CVE-2024-0053 | 1 Google | 1 Android | 2024-11-26 | N/A | 3.3 LOW |
In getCustomPrinterIcon of PrintManagerService.java, there is a possible way to view other user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2024-0039 | 1 Google | 1 Android | 2024-11-26 | N/A | 9.8 CRITICAL |
In attp_build_value_cmd of att_protocol.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2023-7013 | 1 Google | 1 Chrome | 2024-11-25 | N/A | 4.7 MEDIUM |
Inappropriate implementation in Compositing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. (Chromium security severity: Medium) | |||||
CVE-2024-34742 | 1 Google | 1 Android | 2024-11-25 | N/A | 5.5 MEDIUM |
In shouldWrite of OwnersData.java, there is a possible edge case that prevents MDM policies from being persisted due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2024-0022 | 1 Google | 1 Android | 2024-11-25 | N/A | 5.5 MEDIUM |
In multiple functions of CompanionDeviceManagerService.java, there is a possible launch NotificationAccessConfirmationActivity of another user profile due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2024-11026 | 2 Free-now, Google | 2 Freenow, Android | 2024-11-23 | 2.6 LOW | 3.7 LOW |
A vulnerability was found in Intelligent Apps Freenow App 12.10.0 on Android. It has been rated as problematic. Affected by this issue is some unknown functionality of the file ch/qos/logback/core/net/ssl/SSL.java of the component Keystore Handler. The manipulation of the argument DEFAULT_KEYSTORE_PASSWORD with the input changeit leads to use of hard-coded password. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
CVE-2018-9411 | 1 Google | 1 Android | 2024-11-22 | N/A | 8.8 HIGH |
In decrypt of ClearKeyCasPlugin.cpp there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote arbitrary code execution with no additional execution privileges needed. User interaction is needed for exploitation. | |||||
CVE-2018-9410 | 1 Google | 1 Android | 2024-11-22 | N/A | 5.5 MEDIUM |
In analyzeAxes of FontUtils.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2018-9417 | 1 Google | 1 Android | 2024-11-22 | N/A | 7.8 HIGH |
In f_hidg_read and hidg_disable of f_hid.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2018-9419 | 1 Google | 1 Android | 2024-11-22 | N/A | 7.5 HIGH |
In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. |