Filtered by vendor Google Subscriptions
Total 12503 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-20100 2 Google, Mediatek 17 Android, Mt3605, Mt6985 and 14 more 2024-10-07 9.8 Critical
In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998449; Issue ID: MSV-1603.
CVE-2024-20099 2 Google, Mediatek 7 Android, Mt6768, Mt6833 and 4 more 2024-10-07 6.7 Medium
In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08997492; Issue ID: MSV-1625.
CVE-2024-20092 2 Google, Mediatek 17 Android, Mt6761, Mt6765 and 14 more 2024-10-07 7.8 High
In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1700.
CVE-2024-20090 2 Google, Mediatek 17 Android, Mt6761, Mt6765 and 14 more 2024-10-07 6.7 Medium
In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1703.
CVE-2024-44097 1 Google 4 Nest Cam Battery Firmware, Nest Cam Floodlight Firmware, Nest Cam Indoor Firmware and 1 more 2024-10-04 9.8 Critical
According to the researcher: "The TLS connections are encrypted against tampering or eavesdropping. However, the application does not validate the server certificate properly while initializing the TLS connection. This allows for a network attacker to intercept the connection and read the data. The attacker could the either send the client a malicious response, or forward the (possibly modified) data to the real server."
CVE-2024-39433 2 Google, Unisoc 10 Android, S8000, T606 and 7 more 2024-09-30 6.2 Medium
In drm service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
CVE-2024-39434 2 Google, Unisoc 10 Android, S8000, T606 and 7 more 2024-09-30 6.2 Medium
In drm service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
CVE-2024-39435 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2024-09-30 6.5 Medium
In Logmanager service, there is a possible missing verification incorrect input. This could lead to local escalation of privilege with no additional execution privileges needed.
CVE-2024-39432 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2024-09-30 8.3 High
In UMTS RLC driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed.
CVE-2024-39431 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2024-09-30 8.3 High
In UMTS RLC driver, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed.
CVE-2024-43201 4 Apple, Google, Planet Fitness and 1 more 4 Iphone Os, Android, Planet Fitness Workouts and 1 more 2024-09-30 8.8 High
The Planet Fitness Workouts iOS and Android mobile apps prior to version 9.8.12 (released on 2024-07-25) fail to properly validate TLS certificates, allowing an attacker with appropriate network access to obtain session tokens and sensitive information.
CVE-2018-20072 1 Google 1 Chrome 2024-09-27 7.8 High
Insufficient data validation in PDF in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform out of bounds memory access via a crafted PDF file. (Chromium security severity: Low)
CVE-2024-7020 1 Google 1 Chrome 2024-09-26 4.3 Medium
Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2024-7024 1 Google 1 Chrome 2024-09-26 9.3 Critical
Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)
CVE-2024-7023 1 Google 1 Chrome 2024-09-26 8 High
Insufficient data validation in Updater in Google Chrome prior to 128.0.6537.0 allowed a remote attacker to perform privilege escalation via a malicious file. (Chromium security severity: Medium)
CVE-2024-7018 1 Google 1 Chrome 2024-09-26 8.8 High
Heap buffer overflow in PDF in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium)
CVE-2024-7022 1 Google 1 Chrome 2024-09-26 8.8 High
Uninitialized Use in V8 in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)
CVE-2024-7019 1 Google 1 Chrome 2024-09-26 4.3 Medium
Inappropriate implementation in UI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-7282 1 Google 1 Chrome 2024-09-26 4.3 Medium
Inappropriate implementation in Navigation in Google Chrome prior to 113.0.5672.63 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2023-7281 1 Google 1 Chrome 2024-09-26 4.3 Medium
Inappropriate implementation in Compositing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)