Filtered by vendor Google
Subscribe
Total
14884 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-10604 | 1 Google | 1 Fuchsia | 2026-06-17 | N/A | 5.3 MEDIUM |
| Vulnerabilities in the algorithms used by Fuchsia to populate network protocol header fields, specifically the TCP ISN, TCP timestamp, TCP and UDP source ports, and IPv4/IPv6 fragment ID allow for these values to be guessed under circumstances | |||||
| CVE-2024-10603 | 1 Google | 1 Gvisor | 2026-06-17 | N/A | 5.3 MEDIUM |
| Weaknesses in the generation of TCP/UDP source ports and some other header values in Google's gVisor allowed them to be predicted by an external attacker in some circumstances. | |||||
| CVE-2024-10488 | 1 Google | 1 Chrome | 2026-06-17 | N/A | 8.8 HIGH |
| Use after free in WebRTC in Google Chrome prior to 130.0.6723.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2024-10487 | 1 Google | 1 Chrome | 2026-06-17 | N/A | 8.8 HIGH |
| Out of bounds write in Dawn in Google Chrome prior to 130.0.6723.92 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical) | |||||
| CVE-2024-10389 | 1 Google | 1 Safearchive | 2026-06-17 | N/A | 7.5 HIGH |
| There exists a Path Traversal vulnerability in Safearchive on Platforms with Case-Insensitive Filesystems (e.g., NTFS). This allows Attackers to Write Arbitrary Files via Archive Extraction containing symbolic links. We recommend upgrading past commit f7ce9d7b6f9c6ecd72d0b0f16216b046e55e44dc | |||||
| CVE-2024-10382 | 1 Google | 1 Androidx.car.app | 2026-06-17 | N/A | 7.5 HIGH |
| There exists a code execution vulnerability in the Car App Android Jetpack Library. CarAppService uses deserialization logic that allows construction of arbitrary java classes. This can lead to arbitrary code execution when combined with specific Java deserialization gadgets. An attacker needs to install a malicious application on victims device to be able to attack any application that uses vulnerable library. We recommend upgrading the library past version 1.7.0-beta02. | |||||
| CVE-2024-10231 | 1 Google | 1 Chrome | 2026-06-17 | N/A | 8.8 HIGH |
| Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2024-10230 | 1 Google | 1 Chrome | 2026-06-17 | N/A | 8.8 HIGH |
| Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2024-10229 | 1 Google | 1 Chrome | 2026-06-17 | N/A | 8.1 HIGH |
| Inappropriate implementation in Extensions in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension. (Chromium security severity: High) | |||||
| CVE-2024-10026 | 1 Google | 1 Gvisor | 2026-06-17 | N/A | 5.3 MEDIUM |
| A weak hashing algorithm and small sizes of seeds/secrets in Google's gVisor allowed for a remote attacker to calculate a local IP address and a per-boot identifier that could aid in tracking of a device in certain circumstances. | |||||
| CVE-2024-0814 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2026-06-17 | N/A | 6.5 MEDIUM |
| Incorrect security UI in Payments in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2024-0813 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2026-06-17 | N/A | 8.8 HIGH |
| Use after free in Reading Mode in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium) | |||||
| CVE-2024-0812 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2026-06-17 | N/A | 8.8 HIGH |
| Inappropriate implementation in Accessibility in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2024-0811 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2026-06-17 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in Extensions API in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. (Chromium security severity: Low) | |||||
| CVE-2024-0810 | 1 Google | 1 Chrome | 2026-06-17 | N/A | 4.3 MEDIUM |
| Insufficient policy enforcement in DevTools in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. (Chromium security severity: Medium) | |||||
| CVE-2024-0809 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2026-06-17 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in Autofill in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low) | |||||
| CVE-2024-0808 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2026-06-17 | N/A | 9.8 CRITICAL |
| Integer underflow in WebUI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via a malicious file. (Chromium security severity: High) | |||||
| CVE-2024-0807 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2026-06-17 | N/A | 8.8 HIGH |
| Use after free in Web Audio in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2024-0806 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2026-06-17 | N/A | 8.8 HIGH |
| Use after free in Passwords in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium) | |||||
| CVE-2024-0805 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2026-06-17 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in Downloads in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium) | |||||