Filtered by vendor Google
Subscribe
Total
11958 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-0519 | 1 Google | 1 Chrome | 2024-07-26 | N/A | 8.8 HIGH |
Out of bounds memory access in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2021-21193 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2024-07-26 | 6.8 MEDIUM | 8.8 HIGH |
Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2021-30632 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-07-26 | 6.8 MEDIUM | 8.8 HIGH |
Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2021-30633 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-07-26 | 6.8 MEDIUM | 9.6 CRITICAL |
Use after free in Indexed DB API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |||||
CVE-2021-37973 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2024-07-26 | 6.8 MEDIUM | 9.6 CRITICAL |
Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |||||
CVE-2021-37975 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2024-07-26 | 6.8 MEDIUM | 8.8 HIGH |
Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2021-37976 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2024-07-26 | 4.3 MEDIUM | 6.5 MEDIUM |
Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | |||||
CVE-2021-21148 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2024-07-25 | 6.8 MEDIUM | 8.8 HIGH |
Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2021-21166 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2024-07-25 | 6.8 MEDIUM | 8.8 HIGH |
Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2021-21224 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2024-07-25 | 6.8 MEDIUM | 8.8 HIGH |
Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | |||||
CVE-2021-21220 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-07-25 | 6.8 MEDIUM | 8.8 HIGH |
Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2021-21206 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-07-25 | 6.8 MEDIUM | 8.8 HIGH |
Use after free in Blink in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2020-16009 | 6 Cefsharp, Debian, Fedoraproject and 3 more | 8 Cefsharp, Debian Linux, Fedora and 5 more | 2024-07-25 | 6.8 MEDIUM | 8.8 HIGH |
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2020-15999 | 5 Debian, Fedoraproject, Freetype and 2 more | 5 Debian Linux, Fedora, Freetype and 2 more | 2024-07-25 | 4.3 MEDIUM | 6.5 MEDIUM |
Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2020-0069 | 2 Google, Huawei | 57 Android, Berkeley-l09, Berkeley-l09 Firmware and 54 more | 2024-07-25 | 7.2 HIGH | 7.8 HIGH |
In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-147882143References: M-ALPS04356754 | |||||
CVE-2020-6418 | 4 Debian, Fedoraproject, Google and 1 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2024-07-25 | 6.8 MEDIUM | 8.8 HIGH |
Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2019-2215 | 5 Canonical, Debian, Google and 2 more | 145 Ubuntu Linux, Debian Linux, Android and 142 more | 2024-07-25 | 4.6 MEDIUM | 7.8 HIGH |
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095 | |||||
CVE-2016-3751 | 2 Google, Libpng | 2 Android, Libpng | 2024-07-19 | 7.5 HIGH | 7.8 HIGH |
Unspecified vulnerability in libpng before 1.6.20, as used in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01, allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 23265085. | |||||
CVE-2024-2884 | 1 Google | 1 Chrome | 2024-07-19 | N/A | 6.5 MEDIUM |
Out of bounds read in V8 in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium) | |||||
CVE-2024-3168 | 1 Google | 1 Chrome | 2024-07-19 | N/A | 8.8 HIGH |
Use after free in DevTools in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) |