Filtered by vendor Google
Subscribe
Total
14440 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-0766 | 1 Google | 1 Android | 2026-05-13 | 9.3 HIGH | 7.8 HIGH |
| A remote code execution vulnerability in the Android media framework (libjhead). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37776688. | |||||
| CVE-2017-5057 | 5 Apple, Google, Linux and 2 more | 8 Macos, Android, Chrome and 5 more | 2026-05-13 | 6.8 MEDIUM | 8.8 HIGH |
| Type confusion in PDFium in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. | |||||
| CVE-2017-0594 | 1 Google | 1 Android | 2026-05-13 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in codecs/aacenc/SoftAACEncoder2.cpp in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34617444. | |||||
| CVE-2017-0769 | 1 Google | 1 Android | 2026-05-13 | 9.3 HIGH | 7.8 HIGH |
| A elevation of privilege vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37662122. | |||||
| CVE-2014-7921 | 1 Google | 1 Android | 2026-05-13 | 10.0 HIGH | 9.8 CRITICAL |
| mediaserver in Android 4.0.3 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7920. | |||||
| CVE-2017-0553 | 1 Google | 1 Android | 2026-05-13 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in libnl could enable a local malicious application to execute arbitrary code within the context of the Wi-Fi service. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32342065. NOTE: this issue also exists in the upstream libnl before 3.3.0 library. | |||||
| CVE-2017-3072 | 6 Adobe, Apple, Google and 3 more | 11 Flash Player, Flash Player Desktop Runtime, Mac Os X and 8 more | 2026-05-13 | 9.3 HIGH | 8.8 HIGH |
| Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-0596 | 1 Google | 1 Android | 2026-05-13 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34749392. | |||||
| CVE-2015-9072 | 1 Google | 1 Android | 2026-05-13 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an untrusted pointer dereference can occur in a TrustZone syscall. | |||||
| CVE-2017-7365 | 1 Google | 1 Android | 2026-05-13 | 9.3 HIGH | 7.8 HIGH |
| In all Android releases from CAF using the Linux kernel, a buffer overread can occur if a particular string is not NULL terminated. | |||||
| CVE-2017-0412 | 1 Google | 1 Android | 2026-05-13 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-33039926. | |||||
| CVE-2016-10346 | 1 Google | 1 Android | 2026-05-13 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in the hypervisor. | |||||
| CVE-2016-5854 | 1 Google | 1 Android | 2026-05-13 | 2.6 LOW | 4.7 MEDIUM |
| In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, kernel heap memory can be exposed to userspace. | |||||
| CVE-2017-8260 | 1 Google | 1 Android | 2026-05-13 | 6.8 MEDIUM | 7.8 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, due to a type downcast, a value may improperly pass validation and cause an out of bounds write later. | |||||
| CVE-2015-9003 | 1 Google | 1 Android | 2026-05-13 | 9.3 HIGH | 7.8 HIGH |
| In TrustZone a cryptographic issue can potentially occur in all Android releases from CAF using the Linux kernel. | |||||
| CVE-2017-0693 | 1 Google | 1 Android | 2026-05-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| A denial of service vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36993291. | |||||
| CVE-2017-0491 | 1 Google | 1 Android | 2026-05-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| An elevation of privilege vulnerability in Package Manager could enable a local malicious application to prevent users from uninstalling applications or removing permissions from applications. This issue is rated as Moderate because it is a local bypass of user interaction requirements. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32553261. | |||||
| CVE-2017-3078 | 5 Adobe, Apple, Google and 2 more | 7 Flash Player, Mac Os X, Chrome Os and 4 more | 2026-05-13 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the Adobe Texture Format (ATF) module. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-5101 | 6 Apple, Debian, Google and 3 more | 8 Macos, Debian Linux, Chrome and 5 more | 2026-05-13 | 4.3 MEDIUM | 6.5 MEDIUM |
| Inappropriate implementation in Omnibox in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox via a crafted HTML page. | |||||
| CVE-2017-5115 | 2 Google, Microsoft | 2 Chrome, Windows | 2026-05-13 | 6.8 MEDIUM | 8.8 HIGH |
| Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Windows allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. | |||||