Filtered by vendor Google
Subscribe
Total
12830 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-39908 | 1 Google | 1 Android | 2022-12-12 | N/A | 7.4 HIGH |
| TOCTOU vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write. | |||||
| CVE-2022-39907 | 1 Google | 1 Android | 2022-12-12 | N/A | 7.8 HIGH |
| Integer overflow vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write. | |||||
| CVE-2022-39903 | 1 Google | 1 Android | 2022-12-12 | N/A | 3.3 LOW |
| Improper access control vulnerability in RCS call prior to SMR Dec-2022 Release 1 allows local attackers to access RCS incoming call number. | |||||
| CVE-2022-39905 | 1 Google | 1 Android | 2022-12-10 | N/A | 5.5 MEDIUM |
| Implicit intent hijacking vulnerability in Telecom application prior to SMR Dec-2022 Release 1 allows attacker to access sensitive information via implicit intent. | |||||
| CVE-2022-39894 | 1 Google | 1 Android | 2022-12-09 | N/A | 3.3 LOW |
| Improper access control vulnerability in ContactListStartActivityHelper in Phone prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent. | |||||
| CVE-2022-39895 | 1 Google | 1 Android | 2022-12-09 | N/A | 3.3 LOW |
| Improper access control vulnerability in ContactListUtils in Phone prior to SMR Dec-2022 Release 1 allows to access contact group information via implicit intent. | |||||
| CVE-2022-39896 | 1 Google | 1 Android | 2022-12-09 | N/A | 3.3 LOW |
| Improper access control vulnerabilities in Contacts prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent. | |||||
| CVE-2022-39897 | 1 Google | 1 Android | 2022-12-09 | N/A | 5.5 MEDIUM |
| Exposure of Sensitive Information vulnerability in kernel prior to SMR Dec-2022 Release 1 allows attackers to access the kernel address information via log. | |||||
| CVE-2022-28605 | 3 Apple, Google, Linkplay | 3 Iphone Os, Android, Sound Bar | 2022-12-09 | 10.0 HIGH | 9.8 CRITICAL |
| Hardcoded admin token in SoundBar apps in Linkplay SDK 1.00 allows remote attackers to gain admin privilege access in linkplay antifactory | |||||
| CVE-2016-0985 | 5 Adobe, Apple, Google and 2 more | 13 Air Desktop Runtime, Air Sdk, Air Sdk \& Compiler and 10 more | 2022-12-09 | 9.3 HIGH | 8.8 HIGH |
| Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion." | |||||
| CVE-2022-3311 | 1 Google | 1 Chrome | 2022-12-09 | N/A | 6.5 MEDIUM |
| Use after free in import in Google Chrome prior to 106.0.5249.62 allowed a remote attacker who had compromised a WebUI process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2022-3654 | 1 Google | 1 Chrome | 2022-12-09 | N/A | 8.8 HIGH |
| Use after free in Layout in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2022-3655 | 1 Google | 1 Chrome | 2022-12-09 | N/A | 8.8 HIGH |
| Heap buffer overflow in Media Galleries in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2022-3652 | 1 Google | 1 Chrome | 2022-12-09 | N/A | 8.8 HIGH |
| Type confusion in V8 in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2022-3653 | 1 Google | 1 Chrome | 2022-12-09 | N/A | 8.8 HIGH |
| Heap buffer overflow in Vulkan in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2022-3656 | 1 Google | 1 Chrome | 2022-12-09 | N/A | 8.8 HIGH |
| Insufficient data validation in File System in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2022-3658 | 1 Google | 2 Chrome, Chrome Os | 2022-12-09 | N/A | 8.8 HIGH |
| Use after free in Feedback service on Chrome OS in Google Chrome on Chrome OS prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium) | |||||
| CVE-2022-3657 | 1 Google | 1 Chrome | 2022-12-09 | N/A | 8.8 HIGH |
| Use after free in Extensions in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium) | |||||
| CVE-2022-3659 | 1 Google | 2 Chrome, Chrome Os | 2022-12-09 | N/A | 8.8 HIGH |
| Use after free in Accessibility in Google Chrome on Chrome OS prior to 107.0.5304.62 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions. (Chromium security severity: Medium) | |||||
| CVE-2022-3661 | 1 Google | 1 Chrome | 2022-12-08 | N/A | 4.3 MEDIUM |
| Insufficient data validation in Extensions in Google Chrome prior to 107.0.5304.62 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted Chrome Extension. (Chromium security severity: Low) | |||||