Filtered by vendor Google
Subscriptions
Total
12558 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-9962 | 1 Google | 1 Chrome | 2024-10-17 | 4.3 Medium |
| Inappropriate implementation in Permissions in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2024-9958 | 1 Google | 1 Chrome | 2024-10-17 | 4.3 Medium |
| Inappropriate implementation in PictureInPicture in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2024-39440 | 2 Google, Unisoc | 10 Android, S8000, T606 and 7 more | 2024-10-17 | 6.2 Medium |
| In DRM service, there is a possible system crash due to null pointer dereference. This could lead to local denial of service with System execution privileges needed. | ||||
| CVE-2024-39439 | 2 Google, Unisoc | 10 Android, S8000, T606 and 7 more | 2024-10-17 | 6.2 Medium |
| In DRM service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | ||||
| CVE-2024-39438 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-10-17 | 6.5 Medium |
| In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. | ||||
| CVE-2024-39437 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-10-17 | 6.5 Medium |
| In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. | ||||
| CVE-2024-39436 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-10-17 | 6.5 Medium |
| In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. | ||||
| CVE-2024-8198 | 1 Google | 1 Chrome | 2024-10-15 | 7.5 High |
| Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-7534 | 1 Google | 1 Chrome | 2024-10-15 | 8.8 High |
| Heap buffer overflow in Layout in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-44096 | 1 Google | 1 Android | 2024-10-15 | 4.4 Medium |
| there is a possible arbitrary read due to an insecure default value. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-44095 | 1 Google | 1 Android | 2024-10-15 | 7.4 High |
| In ppmp_protect_mfcfw_buf of code/drm_fw.c, there is a possible corrupt memory due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-20102 | 2 Google, Mediatek | 9 Android, Mt3605, Mt6985 and 6 more | 2024-10-10 | 4.9 Medium |
| In wlan driver, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998892; Issue ID: MSV-1601. | ||||
| CVE-2024-20103 | 2 Google, Mediatek | 13 Android, Mt3605, Mt6985 and 10 more | 2024-10-07 | 9.8 Critical |
| In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09001358; Issue ID: MSV-1599. | ||||
| CVE-2024-20101 | 2 Google, Mediatek | 16 Android, Mt3605, Mt6985 and 13 more | 2024-10-07 | 9.8 Critical |
| In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998901; Issue ID: MSV-1602. | ||||
| CVE-2024-20100 | 2 Google, Mediatek | 17 Android, Mt3605, Mt6985 and 14 more | 2024-10-07 | 9.8 Critical |
| In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998449; Issue ID: MSV-1603. | ||||
| CVE-2024-20099 | 2 Google, Mediatek | 7 Android, Mt6768, Mt6833 and 4 more | 2024-10-07 | 6.7 Medium |
| In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08997492; Issue ID: MSV-1625. | ||||
| CVE-2024-20092 | 2 Google, Mediatek | 17 Android, Mt6761, Mt6765 and 14 more | 2024-10-07 | 7.8 High |
| In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1700. | ||||
| CVE-2024-20090 | 2 Google, Mediatek | 17 Android, Mt6761, Mt6765 and 14 more | 2024-10-07 | 6.7 Medium |
| In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1703. | ||||
| CVE-2024-44097 | 1 Google | 4 Nest Cam Battery Firmware, Nest Cam Floodlight Firmware, Nest Cam Indoor Firmware and 1 more | 2024-10-04 | 9.8 Critical |
| According to the researcher: "The TLS connections are encrypted against tampering or eavesdropping. However, the application does not validate the server certificate properly while initializing the TLS connection. This allows for a network attacker to intercept the connection and read the data. The attacker could the either send the client a malicious response, or forward the (possibly modified) data to the real server." | ||||
| CVE-2024-39433 | 2 Google, Unisoc | 10 Android, S8000, T606 and 7 more | 2024-09-30 | 6.2 Medium |
| In drm service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | ||||