Vulnerabilities > Google
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-21 | CVE-2024-7978 | Unspecified vulnerability in Google Chrome Insufficient policy enforcement in Data Transfer in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. | 4.3 |
| 2024-08-21 | CVE-2024-7979 | Insufficient Verification of Data Authenticity vulnerability in Google Chrome Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege escalation via a crafted symbolic link. | 7.8 |
| 2024-08-21 | CVE-2024-7980 | Insufficient Verification of Data Authenticity vulnerability in Google Chrome Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege escalation via a crafted symbolic link. | 7.8 |
| 2024-08-21 | CVE-2024-7981 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Views in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. | 4.3 |
| 2024-08-21 | CVE-2024-8033 | Unspecified vulnerability in Google Chrome Inappropriate implementation in WebApp Installs in Google Chrome on Windows prior to 128.0.6613.84 allowed an attacker who convinced a user to install a malicious application to perform UI spoofing via a crafted HTML page. | 4.3 |
| 2024-08-21 | CVE-2024-8034 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. | 4.3 |
| 2024-08-21 | CVE-2024-8035 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Extensions in Google Chrome on Windows prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. | 4.3 |
| 2024-08-19 | CVE-2024-32927 | Use After Free vulnerability in Google Android In sendDeviceState_1_6 of RadioExt.cpp, there is a possible use after free due to improper locking. | 7.8 |
| 2024-08-19 | CVE-2024-32928 | The libcurl CURLOPT_SSL_VERIFYPEER option was disabled on a subset of requests made by Nest production devices which enabled a potential man-in-the-middle attack on requests to Google cloud services by any host the traffic was routed through. | 5.9 |
| 2024-08-15 | CVE-2024-34727 | Classic Buffer Overflow vulnerability in Google Android In sdpu_compare_uuid_with_attr of sdp_utils.cc, there is a possible out of bounds read due to a heap buffer overflow. | 7.5 |