Filtered by vendor Google
Subscribe
Total
4234 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-3733 | 1 Google | 1 Chrome | 2024-01-31 | N/A | 4.3 MEDIUM |
Inappropriate implementation in WebApp Installs in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium) | |||||
CVE-2023-2941 | 1 Google | 1 Chrome | 2024-01-31 | N/A | 4.3 MEDIUM |
Inappropriate implementation in Extensions API in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to spoof the contents of the UI via a crafted Chrome Extension. (Chromium security severity: Low) | |||||
CVE-2023-2940 | 1 Google | 1 Chrome | 2024-01-31 | N/A | 6.5 MEDIUM |
Inappropriate implementation in Downloads in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium) | |||||
CVE-2023-2938 | 1 Google | 1 Chrome | 2024-01-31 | N/A | 4.3 MEDIUM |
Inappropriate implementation in Picture In Picture in Google Chrome prior to 114.0.5735.90 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium) | |||||
CVE-2023-2937 | 1 Google | 1 Chrome | 2024-01-31 | N/A | 4.3 MEDIUM |
Inappropriate implementation in Picture In Picture in Google Chrome prior to 114.0.5735.90 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium) | |||||
CVE-2024-0810 | 1 Google | 1 Chrome | 2024-01-29 | N/A | 4.3 MEDIUM |
Insufficient policy enforcement in DevTools in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. (Chromium security severity: Medium) | |||||
CVE-2024-0814 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-01-29 | N/A | 6.5 MEDIUM |
Incorrect security UI in Payments in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. (Chromium security severity: Medium) | |||||
CVE-2024-0809 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-01-29 | N/A | 4.3 MEDIUM |
Inappropriate implementation in Autofill in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low) | |||||
CVE-2024-0805 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-01-29 | N/A | 4.3 MEDIUM |
Inappropriate implementation in Downloads in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium) | |||||
CVE-2023-48339 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-01-25 | N/A | 4.4 MEDIUM |
In jpg driver, there is a possible missing permission check. This could lead to local information disclosure with System execution privileges needed | |||||
CVE-2023-48352 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-01-25 | N/A | 5.5 MEDIUM |
In phasecheckserver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed | |||||
CVE-2023-48357 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-01-24 | N/A | 4.4 MEDIUM |
In vsp driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | |||||
CVE-2023-48356 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-01-24 | N/A | 4.4 MEDIUM |
In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | |||||
CVE-2023-48355 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-01-24 | N/A | 4.4 MEDIUM |
In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | |||||
CVE-2023-48354 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-01-24 | N/A | 5.5 MEDIUM |
In telephone service, there is a possible improper input validation. This could lead to local information disclosure with no additional execution privileges needed | |||||
CVE-2023-48358 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-01-24 | N/A | 4.4 MEDIUM |
In drm driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | |||||
CVE-2023-48359 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-01-24 | N/A | 4.4 MEDIUM |
In autotest driver, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with System execution privileges needed | |||||
CVE-2023-48353 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-01-24 | N/A | 4.4 MEDIUM |
In vsp driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed | |||||
CVE-2023-48351 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-01-19 | N/A | 5.5 MEDIUM |
In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed | |||||
CVE-2023-48350 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-01-19 | N/A | 5.5 MEDIUM |
In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed |