Filtered by vendor Google
Subscribe
Total
12830 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-0078 | 1 Google | 1 Android | 2020-04-23 | 4.6 MEDIUM | 7.8 HIGH |
| In releaseSecureStops of DrmPlugin.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-144766455 | |||||
| CVE-2020-0077 | 1 Google | 1 Android | 2020-04-23 | 2.1 LOW | 4.4 MEDIUM |
| In authorize_enroll of the FPC IRIS TrustZone app, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-146055840 | |||||
| CVE-2020-0072 | 1 Google | 1 Android | 2020-04-22 | 10.0 HIGH | 9.8 CRITICAL |
| In rw_t2t_handle_tlv_detect_rsp of rw_t2t_ndef.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-147310271 | |||||
| CVE-2020-0073 | 1 Google | 1 Android | 2020-04-22 | 10.0 HIGH | 9.8 CRITICAL |
| In rw_t2t_handle_tlv_detect_rsp of rw_t2t_ndef.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-147309942 | |||||
| CVE-2020-0075 | 1 Google | 1 Android | 2020-04-22 | 2.1 LOW | 4.4 MEDIUM |
| In set_shared_key of the FPC IRIS TrustZone app, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-146057864 | |||||
| CVE-2020-0076 | 1 Google | 1 Android | 2020-04-22 | 4.6 MEDIUM | 6.7 MEDIUM |
| In get_auth_result of the FPC IRIS TrustZone app, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-146056878 | |||||
| CVE-2019-20770 | 1 Google | 1 Android | 2020-04-22 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered on LG mobile devices with Android OS 9.0 software. The HAL service has a buffer overflow that leads to arbitrary code execution. The LG ID is LVE-SMP-190013 (September 2019). | |||||
| CVE-2019-20778 | 1 Google | 1 Android | 2020-04-22 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. The Backup subsystem does not properly restrict operations or validate their input. The LG ID is LVE-SMP-190004 (June 2019). | |||||
| CVE-2020-11873 | 1 Google | 1 Android | 2020-04-22 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. A stack-based buffer overflow in the logging tool could allow an attacker to gain privileges. The LG ID is LVE-SMP-200005 (April 2020). | |||||
| CVE-2020-0071 | 1 Google | 1 Android | 2020-04-21 | 10.0 HIGH | 9.8 CRITICAL |
| In rw_t2t_extract_default_locks_info of rw_t2t_ndef.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-147310721 | |||||
| CVE-2020-0070 | 1 Google | 1 Android | 2020-04-21 | 10.0 HIGH | 9.8 CRITICAL |
| In rw_t2t_update_lock_attributes of rw_t2t_ndef.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-148159613 | |||||
| CVE-2019-20777 | 2 Google, Lg | 3 Android, G7, V40 | 2020-04-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. WapService mishandles OTA Provisioning on V40 and G7 devices. The LG ID is LVE-SMP-190006 (July 2019). | |||||
| CVE-2011-3015 | 1 Google | 1 Chrome | 2020-04-16 | 6.8 MEDIUM | N/A |
| Multiple integer overflows in the PDF codecs in Google Chrome before 17.0.963.56 allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2011-3016 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2020-04-16 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving counter nodes, related to a "read-after-free" issue. | |||||
| CVE-2011-3017 | 1 Google | 1 Chrome | 2020-04-16 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to database handling. | |||||
| CVE-2011-3019 | 1 Google | 1 Chrome | 2020-04-16 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska video (aka MKV) file. | |||||
| CVE-2011-3018 | 1 Google | 1 Chrome | 2020-04-16 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to path rendering. | |||||
| CVE-2011-3020 | 1 Google | 1 Chrome | 2020-04-16 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the Native Client validator implementation in Google Chrome before 17.0.963.56 has unknown impact and remote attack vectors. | |||||
| CVE-2011-3021 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2020-04-16 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading. | |||||
| CVE-2011-3022 | 1 Google | 1 Chrome | 2020-04-16 | 5.0 MEDIUM | N/A |
| translate/translate_manager.cc in Google Chrome before 17.0.963.56 and 19.x before 19.0.1036.7 uses an HTTP session to exchange data for translation, which allows remote attackers to obtain sensitive information by sniffing the network. | |||||