Filtered by vendor Google
Subscribe
Total
12952 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-21199 | 1 Google | 1 Android | 2024-12-04 | N/A | 4.4 MEDIUM |
| In btu_ble_proc_ltk_req of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-254445961 | |||||
| CVE-2023-21208 | 1 Google | 1 Android | 2024-12-04 | N/A | 4.4 MEDIUM |
| In setCountryCodeInternal of sta_iface.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262245254 | |||||
| CVE-2023-40093 | 1 Google | 1 Android | 2024-12-03 | N/A | 5.5 MEDIUM |
| In multiple files, there is a possible way that trimmed content could be included in PDF output due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-52345 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-12-03 | N/A | 6.0 MEDIUM |
| In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed | |||||
| CVE-2024-0037 | 1 Google | 1 Android | 2024-12-03 | N/A | 3.3 LOW |
| In applyCustomDescription of SaveUi.java, there is a possible way to view images belonging to a different user due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-32896 | 1 Google | 1 Android | 2024-11-29 | N/A | 7.8 HIGH |
| there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | |||||
| CVE-2024-29748 | 1 Google | 2 Android, Pixel | 2024-11-29 | N/A | 7.8 HIGH |
| there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | |||||
| CVE-2024-4671 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-27 | N/A | 9.6 CRITICAL |
| Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2024-4761 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-27 | N/A | 8.8 HIGH |
| Out of bounds write in V8 in Google Chrome prior to 124.0.6367.207 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2024-4947 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-27 | N/A | 9.6 CRITICAL |
| Type Confusion in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2024-5274 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-27 | N/A | 9.6 CRITICAL |
| Type Confusion in V8 in Google Chrome prior to 125.0.6422.112 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2023-33905 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-27 | N/A | 4.4 MEDIUM |
| In iwnpi server, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | |||||
| CVE-2023-40122 | 1 Google | 1 Android | 2024-11-26 | N/A | 3.3 LOW |
| In applyCustomDescription of SaveUi.java, there is a possible way to view other user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-7013 | 1 Google | 1 Chrome | 2024-11-25 | N/A | 4.7 MEDIUM |
| Inappropriate implementation in Compositing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2024-34742 | 1 Google | 1 Android | 2024-11-25 | N/A | 5.5 MEDIUM |
| In shouldWrite of OwnersData.java, there is a possible edge case that prevents MDM policies from being persisted due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-11026 | 2 Free-now, Google | 2 Freenow, Android | 2024-11-23 | 2.6 LOW | 3.7 LOW |
| A vulnerability was found in Intelligent Apps Freenow App 12.10.0 on Android. It has been rated as problematic. Affected by this issue is some unknown functionality of the file ch/qos/logback/core/net/ssl/SSL.java of the component Keystore Handler. The manipulation of the argument DEFAULT_KEYSTORE_PASSWORD with the input changeit leads to use of hard-coded password. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2018-9411 | 1 Google | 1 Android | 2024-11-22 | N/A | 8.8 HIGH |
| In decrypt of ClearKeyCasPlugin.cpp there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote arbitrary code execution with no additional execution privileges needed. User interaction is needed for exploitation. | |||||
| CVE-2018-9410 | 1 Google | 1 Android | 2024-11-22 | N/A | 5.5 MEDIUM |
| In analyzeAxes of FontUtils.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2018-9417 | 1 Google | 1 Android | 2024-11-22 | N/A | 7.8 HIGH |
| In f_hidg_read and hidg_disable of f_hid.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2018-9419 | 1 Google | 1 Android | 2024-11-22 | N/A | 7.5 HIGH |
| In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||