Vulnerabilities > Google

DATE CVE VULNERABILITY TITLE RISK
2024-06-13 CVE-2024-32909 Out-of-bounds Write vulnerability in Google Android
In handle_msg of main.cpp, there is a possible out of bounds write due to a heap buffer overflow.
local
low complexity
google CWE-787
7.8
7.8
2024-06-13 CVE-2024-32910 Use of Uninitialized Resource vulnerability in Google Android
In handle_msg_shm_map_req of trusty/user/base/lib/spi/srv/tipc/tipc.c, there is a possible stack data disclosure due to uninitialized data.
local
low complexity
google CWE-908
5.5
5.5
2024-06-13 CVE-2024-32911 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Google Android
There is a possible escalation of privilege due to improperly used crypto.
network
low complexity
google CWE-327
critical
 9.8
9.8
2024-06-13 CVE-2024-32912 Unspecified vulnerability in Google Android
there is a possible persistent Denial of Service due to test/debugging code left in a production build.
local
low complexity
google
5.5
5.5
2024-06-13 CVE-2024-32913 Integer Overflow or Wraparound vulnerability in Google Android
In wl_notify_rx_mgmt_frame of wl_cfg80211.c, there is a possible out of bounds write due to an integer overflow.
network
low complexity
google CWE-190
critical
 9.8
9.8
2024-06-13 CVE-2024-32918 Improper Privilege Management vulnerability in Google Android
Permission Bypass allowing attackers to disable HDCP 2.2 encryption by not completing the HDCP Key Exchange initialization steps
low complexity
google CWE-269
6.1
6.1
2024-06-11 CVE-2024-5830 Type Confusion vulnerability in multiple products
Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
network
low complexity
google fedoraproject CWE-843
8.8
8.8
2024-06-11 CVE-2024-5831 Use After Free vulnerability in multiple products
Use after free in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2024-06-11 CVE-2024-5832 Use After Free vulnerability in multiple products
Use after free in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2024-06-11 CVE-2024-5833 Type Confusion vulnerability in multiple products
Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
network
low complexity
google fedoraproject CWE-843
8.8
8.8