Filtered by vendor Google
Subscribe
Total
11977 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-2929 | 1 Google | 1 Chrome | 2024-01-31 | N/A | 8.8 HIGH |
| Out of bounds write in Swiftshader in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2023-2312 | 1 Google | 2 Android, Chrome | 2024-01-31 | N/A | 8.8 HIGH |
| Use after free in Offline in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2024-0804 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-01-29 | N/A | 7.5 HIGH |
| Insufficient policy enforcement in iOS Security UI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2024-0810 | 1 Google | 1 Chrome | 2024-01-29 | N/A | 4.3 MEDIUM |
| Insufficient policy enforcement in DevTools in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. (Chromium security severity: Medium) | |||||
| CVE-2024-0812 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-01-29 | N/A | 8.8 HIGH |
| Inappropriate implementation in Accessibility in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2024-0813 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-01-29 | N/A | 8.8 HIGH |
| Use after free in Reading Mode in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium) | |||||
| CVE-2024-0814 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-01-29 | N/A | 6.5 MEDIUM |
| Incorrect security UI in Payments in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2024-0809 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-01-29 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in Autofill in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low) | |||||
| CVE-2024-0808 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-01-29 | N/A | 9.8 CRITICAL |
| Integer underflow in WebUI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via a malicious file. (Chromium security severity: High) | |||||
| CVE-2024-0807 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-01-29 | N/A | 8.8 HIGH |
| Use after free in Web Audio in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2024-0806 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-01-29 | N/A | 8.8 HIGH |
| Use after free in Passwords in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium) | |||||
| CVE-2024-0805 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-01-29 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in Downloads in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium) | |||||
| CVE-2015-1241 | 6 Canonical, Debian, Google and 3 more | 11 Ubuntu Linux, Debian Linux, Chrome and 8 more | 2024-01-26 | 4.3 MEDIUM | N/A |
| Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a "tapjacking" attack. | |||||
| CVE-2016-2496 | 1 Google | 1 Android | 2024-01-26 | 10.0 HIGH | 9.8 CRITICAL |
| The Framework UI permission-dialog implementation in Android 6.x before 2016-06-01 allows attackers to conduct tapjacking attacks and access arbitrary private-storage files by creating a partially overlapping window, aka internal bug 26677796. | |||||
| CVE-2023-48339 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-01-25 | N/A | 4.4 MEDIUM |
| In jpg driver, there is a possible missing permission check. This could lead to local information disclosure with System execution privileges needed | |||||
| CVE-2023-48352 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-01-25 | N/A | 5.5 MEDIUM |
| In phasecheckserver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed | |||||
| CVE-2023-48357 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-01-24 | N/A | 4.4 MEDIUM |
| In vsp driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | |||||
| CVE-2023-48356 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-01-24 | N/A | 4.4 MEDIUM |
| In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | |||||
| CVE-2023-48355 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-01-24 | N/A | 4.4 MEDIUM |
| In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | |||||
| CVE-2023-48354 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-01-24 | N/A | 5.5 MEDIUM |
| In telephone service, there is a possible improper input validation. This could lead to local information disclosure with no additional execution privileges needed | |||||