Filtered by vendor Google
Subscribe
Total
770 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-20391 | 1 Google | 1 Android | 2023-12-10 | N/A | 9.8 CRITICAL |
| Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238257000 | |||||
| CVE-2022-2010 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-12-10 | N/A | 9.3 CRITICAL |
| Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |||||
| CVE-2022-35937 | 1 Google | 1 Tensorflow | 2023-12-10 | N/A | 9.1 CRITICAL |
| TensorFlow is an open source platform for machine learning. The `GatherNd` function takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read is triggered. This issue has been patched in GitHub commit 595a65a3e224a0362d7e68c2213acfc2b499a196. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. | |||||
| CVE-2022-20237 | 1 Google | 1 Android | 2023-12-10 | N/A | 9.8 CRITICAL |
| In BuildDevIDResponse of miscdatabuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-229621649References: N/A | |||||
| CVE-2022-20378 | 1 Google | 1 Android | 2023-12-10 | N/A | 9.8 CRITICAL |
| Product: AndroidVersions: Android kernelAndroid ID: A-234657153References: N/A | |||||
| CVE-2022-33719 | 1 Google | 1 Android | 2023-12-10 | N/A | 9.8 CRITICAL |
| Improper input validation in baseband prior to SMR Aug-2022 Release 1 allows attackers to cause integer overflow to heap overflow. | |||||
| CVE-2022-20365 | 1 Google | 1 Android | 2023-12-10 | N/A | 9.8 CRITICAL |
| Product: AndroidVersions: Android kernelAndroid ID: A-229632566References: N/A | |||||
| CVE-2022-0977 | 1 Google | 1 Chrome | 2023-12-10 | N/A | 9.6 CRITICAL |
| Use after free in Browser UI in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-35939 | 1 Google | 1 Tensorflow | 2023-12-10 | N/A | 9.8 CRITICAL |
| TensorFlow is an open source platform for machine learning. The `ScatterNd` function takes an input argument that determines the indices of of the output tensor. An input index greater than the output tensor or less than zero will either write content at the wrong index or trigger a crash. We have patched the issue in GitHub commit b4d4b4cb019bd7240a52daa4ba61e3cc814f0384. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. | |||||
| CVE-2022-20384 | 1 Google | 1 Android | 2023-12-10 | N/A | 9.8 CRITICAL |
| Product: AndroidVersions: Android kernelAndroid ID: A-211727306References: N/A | |||||
| CVE-2022-1312 | 1 Google | 1 Chrome | 2023-12-10 | N/A | 9.6 CRITICAL |
| Use after free in storage in Google Chrome prior to 100.0.4896.88 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. | |||||
| CVE-2022-35938 | 1 Google | 1 Tensorflow | 2023-12-10 | N/A | 9.1 CRITICAL |
| TensorFlow is an open source platform for machine learning. The `GatherNd` function takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. This issue has been patched in GitHub commit 4142e47e9e31db481781b955ed3ff807a781b494. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. | |||||
| CVE-2022-0973 | 1 Google | 1 Chrome | 2023-12-10 | N/A | 9.6 CRITICAL |
| Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-20238 | 1 Google | 1 Android | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| 'remap_pfn_range' here may map out of size kernel memory (for example, may map the kernel area), and because the 'vma->vm_page_prot' can also be controlled by userspace, so userspace may map the kernel area to be writable, which is easy to be exploitedProduct: AndroidVersions: Android SoCAndroid ID: A-233154555 | |||||
| CVE-2022-20403 | 1 Google | 1 Android | 2023-12-10 | N/A | 9.8 CRITICAL |
| Product: AndroidVersions: Android kernelAndroid ID: A-207975764References: N/A | |||||
| CVE-2022-20229 | 1 Google | 1 Android | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| In bta_hf_client_handle_cind_list_item of bta_hf_client_at.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-224536184 | |||||
| CVE-2022-20361 | 1 Google | 1 Android | 2023-12-10 | N/A | 9.8 CRITICAL |
| In btif_dm_auth_cmpl_evt of btif_dm.cc, there is a possible vulnerability in Cross-Transport Key Derivation due to Weakness in Bluetooth Standard. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-231161832 | |||||
| CVE-2022-20381 | 1 Google | 1 Android | 2023-12-10 | N/A | 9.8 CRITICAL |
| Product: AndroidVersions: Android kernelAndroid ID: A-188935887References: N/A | |||||
| CVE-2022-20400 | 1 Google | 1 Android | 2023-12-10 | N/A | 9.8 CRITICAL |
| In cd_CodeMsg of cd_codec.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-225178325References: N/A | |||||
| CVE-2022-27572 | 1 Google | 1 Android | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| Heap-based buffer overflow vulnerability in parser_ipma function of libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attackers. | |||||