Filtered by vendor Google
Subscribe
Total
12048 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-3171 | 1 Google | 1 Chrome | 2024-08-01 | N/A | 8.8 HIGH |
Use after free in Accessibility in Google Chrome prior to 122.0.6261.57 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium) | |||||
CVE-2024-3170 | 1 Google | 1 Chrome | 2024-08-01 | N/A | 8.8 HIGH |
Use after free in WebRTC in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2024-3169 | 1 Google | 1 Chrome | 2024-08-01 | N/A | 8.8 HIGH |
Use after free in V8 in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2024-3168 | 1 Google | 1 Chrome | 2024-08-01 | N/A | 8.8 HIGH |
Use after free in DevTools in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | |||||
CVE-2024-3156 | 1 Google | 1 Chrome | 2024-08-01 | N/A | 8.8 HIGH |
Inappropriate implementation in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2024-32908 | 1 Google | 1 Android | 2024-08-01 | N/A | 7.8 HIGH |
In sec_media_protect of media.c, there is a possible permission bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2024-32905 | 1 Google | 1 Android | 2024-08-01 | N/A | 9.8 CRITICAL |
In circ_read of link_device_memory_legacy.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2023-6347 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2024-08-01 | N/A | 8.8 HIGH |
Use after free in Mojo in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2023-40088 | 1 Google | 1 Android | 2024-08-01 | N/A | 8.8 HIGH |
In callback_thread_event of com_android_bluetooth_btservice_AdapterService.cpp, there is a possible memory corruption due to a use after free. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2023-40077 | 1 Google | 1 Android | 2024-08-01 | N/A | 8.1 HIGH |
In multiple functions of MetaDataBase.cpp, there is a possible UAF write due to a race condition. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2022-1941 | 3 Debian, Fedoraproject, Google | 4 Debian Linux, Fedora, Protobuf-cpp and 1 more | 2024-08-01 | N/A | 7.5 HIGH |
A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 3.21.5 for protobuf-cpp, and versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 4.21.5 for protobuf-python can lead to out of memory failures. A specially crafted message with multiple key-value per elements creates parsing issues, and can lead to a Denial of Service against services receiving unsanitized input. We recommend upgrading to versions 3.18.3, 3.19.5, 3.20.2, 3.21.6 for protobuf-cpp and 3.18.3, 3.19.5, 3.20.2, 4.21.6 for protobuf-python. Versions for 3.16 and 3.17 are no longer updated. | |||||
CVE-2020-0022 | 2 Google, Huawei | 43 Android, Honor 8a, Honor 8a Firmware and 40 more | 2024-08-01 | 8.3 HIGH | 8.8 HIGH |
In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715 | |||||
CVE-2023-4863 | 8 Bentley, Debian, Fedoraproject and 5 more | 13 Seequent Leapfrog, Debian Linux, Fedora and 10 more | 2024-07-31 | N/A | 8.8 HIGH |
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) | |||||
CVE-2021-38000 | 3 Debian, Fedoraproject, Google | 4 Debian Linux, Fedora, Android and 1 more | 2024-07-29 | 5.8 MEDIUM | 6.1 MEDIUM |
Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69 allowed a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page. | |||||
CVE-2021-38003 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2024-07-29 | 6.8 MEDIUM | 8.8 HIGH |
Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2021-30551 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-07-29 | 6.8 MEDIUM | 8.8 HIGH |
Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2021-30554 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-07-29 | 6.8 MEDIUM | 8.8 HIGH |
Use after free in WebGL in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2021-21193 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2024-07-26 | 6.8 MEDIUM | 8.8 HIGH |
Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2021-30632 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-07-26 | 6.8 MEDIUM | 8.8 HIGH |
Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2021-30633 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-07-26 | 6.8 MEDIUM | 9.6 CRITICAL |
Use after free in Indexed DB API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. |