Filtered by vendor Google
Subscribe
Total
12830 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-1390 | 2 Gomiso, Google | 2 Miso, Android | 2012-03-07 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Miso (com.bazaarlabs.miso) application 2.2 for Android has unknown impact and attack vectors. | |||||
| CVE-2012-1406 | 2 Goforandroid, Google | 2 Go Bookmark Widget, Android | 2012-03-07 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the GO Bookmark Widget (com.gau.go.launcherex.gowidget.bookmark) application 1.1 for Android has unknown impact and attack vectors. | |||||
| CVE-2012-1407 | 2 Goforandroid, Google | 2 Go Message Widget, Android | 2012-03-07 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the GO Message Widget (com.gau.go.launcherex.gowidget.smswidget) application 1.9, 2.1, and 2.3 for Android has unknown impact and attack vectors. | |||||
| CVE-2012-1393 | 2 Goforandroid, Google | 2 Go Sms Pro, Android | 2012-03-07 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the GO SMS Pro (com.jb.gosms) application 3.72, 4.10, and 4.35 for Android has unknown impact and attack vectors. | |||||
| CVE-2012-1395 | 2 Goforandroid, Google | 2 Go Twiwidget, Android | 2012-03-07 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the GO TwiWidget (com.gau.go.launcherex.gowidget.twitterwidget) application 1.7 and 2.1 for Android has unknown impact and attack vectors. | |||||
| CVE-2011-4865 | 2 Google, Tencent | 3 Android, Microblogpad, Wblog | 2012-02-29 | 5.8 MEDIUM | N/A |
| The Tencent WBlog (com.tencent.WBlog) 3.3.1 and MicroBlogPad 1.4.0 applications for Android do not properly protect data, which allows remote attackers to read or modify message drafts and search keywords via a crafted application. | |||||
| CVE-2011-4864 | 2 Google, Tencent | 2 Android, Mobileqq | 2012-02-29 | 5.8 MEDIUM | N/A |
| The Tencent MobileQQ (com.tencent.mobileqq) application 2.2 for Android does not properly protect data, which allows remote attackers to read or modify messages and a friends list via a crafted application. | |||||
| CVE-2011-4276 | 1 Google | 1 Android | 2012-01-26 | 4.3 MEDIUM | N/A |
| The Bluetooth service (com/android/phone/BluetoothHeadsetService.java) in Android 2.3 before 2.3.6 allows remote attackers within Bluetooth range to obtain contact data via an AT phonebook transfer. | |||||
| CVE-2011-2171 | 1 Google | 1 Chrome Os | 2012-01-18 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the dbugs package in Google Chrome OS before R12 0.12.433.38 Beta has unknown impact and attack vectors. | |||||
| CVE-2011-2170 | 1 Google | 1 Chrome Os | 2012-01-18 | 4.4 MEDIUM | N/A |
| Google Chrome OS before R12 0.12.433.38 Beta, when Guest mode is enabled, does not prevent changes on the about:flags page, which has unspecified impact and local attack vectors. | |||||
| CVE-2011-1840 | 2 Google, Martinicreations | 2 Android, Passmanlite Password Manager | 2011-09-22 | 2.1 LOW | N/A |
| The MartiniCreations PassmanLite Password Manager application before 1.48 for Android stores the master password and unspecified other account information in cleartext, which allows local users to obtain sensitive information by leveraging shell access. | |||||
| CVE-2010-0316 | 1 Google | 1 Google Sketchup | 2011-08-08 | 9.3 HIGH | N/A |
| Integer overflow in Google SketchUp before 7.1 M2 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via a crafted SKP file. | |||||
| CVE-2011-1339 | 1 Google | 1 Search Appliance | 2011-08-01 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Google Search Appliance before 5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2011-2169 | 1 Google | 1 Chrome Os | 2011-05-25 | 7.2 HIGH | N/A |
| Google Chrome OS before R12 0.12.433.38 Beta allows local users to gain privileges by creating a /var/lib/chromeos-aliases.conf file and placing commands in it. | |||||
| CVE-2010-4212 | 2 Google, Usaa | 2 Android, Usaa | 2010-12-22 | 1.9 LOW | N/A |
| The USAA application 3.0 for Android stores a mirror image of each visited web page, which might allow physically proximate attackers to obtain sensitive banking information by reading application data. | |||||
| CVE-2010-4214 | 2 Google, Wellsfargo | 2 Android, Wells Fargo Mobile | 2010-11-09 | 4.3 MEDIUM | N/A |
| The Wells Fargo Mobile application 1.1 for Android stores a username and password, along with account balances, in cleartext, which might allow physically proximate attackers to obtain sensitive information by reading application data. | |||||
| CVE-2010-4213 | 2 Bankofamerica, Google | 2 Bank Of America, Android | 2010-11-09 | 4.3 MEDIUM | N/A |
| The Bank of America application 2.12 for Android stores a security question's answer in cleartext, which might allow physically proximate attackers to obtain sensitive information by reading application data. | |||||
| CVE-2009-3932 | 1 Google | 1 Chrome | 2009-11-13 | 9.3 HIGH | N/A |
| The Gears plugin in Google Chrome before 3.0.195.32 allows user-assisted remote attackers to cause a denial of service (memory corruption and plugin crash) or possibly execute arbitrary code via unspecified use of the Gears SQL API, related to putting "SQL metadata into a bad state." | |||||
| CVE-2009-3264 | 1 Google | 1 Chrome | 2009-10-01 | 4.3 MEDIUM | N/A |
| The getSVGDocument method in Google Chrome before 3.0.195.21 omits an unspecified "access check," which allows remote web servers to bypass the Same Origin Policy and conduct cross-site scripting attacks via unknown vectors, related to a user's visit to a different web server that hosts an SVG document. | |||||
| CVE-2009-3456 | 1 Google | 1 Chrome | 2009-09-30 | 7.5 HIGH | N/A |
| Google Chrome, possibly 3.0.195.21 and earlier, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||