Filtered by vendor Google
Subscribe
Total
12830 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-1941 | 3 Debian, Fedoraproject, Google | 4 Debian Linux, Fedora, Protobuf-cpp and 1 more | 2024-08-01 | N/A | 7.5 HIGH |
| A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 3.21.5 for protobuf-cpp, and versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 4.21.5 for protobuf-python can lead to out of memory failures. A specially crafted message with multiple key-value per elements creates parsing issues, and can lead to a Denial of Service against services receiving unsanitized input. We recommend upgrading to versions 3.18.3, 3.19.5, 3.20.2, 3.21.6 for protobuf-cpp and 3.18.3, 3.19.5, 3.20.2, 4.21.6 for protobuf-python. Versions for 3.16 and 3.17 are no longer updated. | |||||
| CVE-2020-0022 | 2 Google, Huawei | 43 Android, Honor 8a, Honor 8a Firmware and 40 more | 2024-08-01 | 8.3 HIGH | 8.8 HIGH |
| In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715 | |||||
| CVE-2016-3751 | 2 Google, Libpng | 2 Android, Libpng | 2024-07-19 | 7.5 HIGH | 7.8 HIGH |
| Unspecified vulnerability in libpng before 1.6.20, as used in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01, allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 23265085. | |||||
| CVE-2024-32907 | 1 Google | 1 Android | 2024-07-11 | N/A | 7.8 HIGH |
| In memcall_add of memlog.c, there is a possible buffer overflow due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-32909 | 1 Google | 1 Android | 2024-07-11 | N/A | 7.8 HIGH |
| In handle_msg of main.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-29786 | 1 Google | 1 Android | 2024-07-11 | N/A | 9.8 CRITICAL |
| In pktproc_fill_data_addr_without_bm of link_rx_pktproc.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-32891 | 1 Google | 1 Android | 2024-07-11 | N/A | 7.0 HIGH |
| In sec_media_unprotect of media.c, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-29787 | 1 Google | 1 Android | 2024-07-11 | N/A | 7.8 HIGH |
| In lwis_process_transactions_in_queue of lwis_transaction.c, there is a possible use after free due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-32893 | 1 Google | 1 Android | 2024-07-11 | N/A | 5.5 MEDIUM |
| In _s5e9865_mif_set_rate of exynos_dvfs.c, there is a possible out of bounds read due to improper casting. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-29784 | 1 Google | 1 Android | 2024-07-11 | N/A | 7.8 HIGH |
| In prepare_response of lwis_periodic_io.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-6100 | 1 Google | 1 Chrome | 2024-07-03 | N/A | 8.8 HIGH |
| Type Confusion in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2024-5831 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-07-03 | N/A | 8.8 HIGH |
| Use after free in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2024-5837 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-07-03 | N/A | 8.8 HIGH |
| Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2024-6103 | 1 Google | 1 Chrome | 2024-07-03 | N/A | 8.8 HIGH |
| Use after free in Dawn in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2024-5841 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-07-03 | N/A | 8.8 HIGH |
| Use after free in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2024-5846 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-07-03 | N/A | 8.8 HIGH |
| Use after free in PDFium in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) | |||||
| CVE-2024-6102 | 1 Google | 1 Chrome | 2024-07-03 | N/A | 8.8 HIGH |
| Out of bounds memory access in Dawn in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2024-5832 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-07-03 | N/A | 8.8 HIGH |
| Use after free in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2024-5839 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-07-03 | N/A | 6.5 MEDIUM |
| Inappropriate Implementation in Memory Allocator in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2024-5845 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-07-03 | N/A | 8.8 HIGH |
| Use after free in Audio in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) | |||||