Vulnerabilities > Google

DATE CVE VULNERABILITY TITLE RISK
2025-01-18 CVE-2018-9389 Out-of-bounds Write vulnerability in Google Android
In ip6_append_data of ip6_output.c, there is a possible way to achieve code execution due to a heap buffer overflow.
local
low complexity
google CWE-787
7.8
7.8
2025-01-18 CVE-2018-9406 Missing Authorization vulnerability in Google Android
In NlpService, there is a possible way to obtain location information due to a missing permission check.
local
low complexity
google CWE-862
5.5
5.5
2025-01-17 CVE-2017-13322 Unspecified vulnerability in Google Android
In endCallForSubscriber of PhoneInterfaceManager.java, there is a possible way to prevent access to emergency services due to a logic error in the code.
local
low complexity
google
5.5
5.5
2025-01-15 CVE-2025-0437 Out-of-bounds Read vulnerability in Google Chrome
Out of bounds read in Metrics in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-125
8.8
8.8
2025-01-08 CVE-2025-0291 Type Confusion vulnerability in Google Chrome
Type Confusion in V8 in Google Chrome prior to 131.0.6778.264 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
network
low complexity
google CWE-843
8.8
8.8
2025-01-08 CVE-2023-35685 Unspecified vulnerability in Google Android
In DevmemIntMapPages of devicemem_server.c, there is a possible physical page uaf due to a logic error in the code.
local
low complexity
google
7.8
7.8
2024-12-18 CVE-2024-12692 Unspecified vulnerability in Google Chrome
Type Confusion in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google
8.8
8.8
2024-12-18 CVE-2024-12693 Out-of-bounds Write vulnerability in Google Chrome
Out of bounds memory access in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
network
low complexity
google CWE-787
8.8
8.8
2024-12-18 CVE-2024-12694 Unspecified vulnerability in Google Chrome
Use after free in Compositing in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google
8.8
8.8
2024-12-18 CVE-2024-12695 Unspecified vulnerability in Google Chrome
Out of bounds write in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
network
low complexity
google
8.8
8.8