Vulnerabilities > Google > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-05-14 CVE-2024-4671 Use After Free vulnerability in Google Chrome
Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google CWE-416
critical
9.6
2024-02-07 CVE-2024-1283 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in Skia in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-787
critical
9.8
2024-02-07 CVE-2024-1284 Use After Free vulnerability in multiple products
Use after free in Mojo in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
critical
9.8
2024-02-05 CVE-2024-20011 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android 11.0/12.0/13.0
In alac decoder, there is a possible information disclosure due to an incorrect bounds check.
network
low complexity
google CWE-119
critical
9.8
2024-01-24 CVE-2024-0808 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
Integer underflow in WebUI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via a malicious file.
network
low complexity
google fedoraproject CWE-191
critical
9.8
2024-01-02 CVE-2023-6339 Missing Encryption of Sensitive Data vulnerability in Google Nest Wifi PRO Firmware
Google Nest WiFi Pro root code-execution & user-data compromise
network
low complexity
google CWE-311
critical
9.8
2024-01-02 CVE-2023-48419 Unspecified vulnerability in Google products
An attacker in the wifi vicinity of a target Google Home can spy on the victim, resulting in Elevation of Privilege 
network
low complexity
google
critical
9.8
2023-12-11 CVE-2023-48417 Missing Authorization vulnerability in Google Chromecast Firmware
Missing Permission checks resulting in unauthorized access and Manipulation in KeyChainActivity Application
network
low complexity
google CWE-862
critical
9.8
2023-12-11 CVE-2023-48424 Unspecified vulnerability in Google Chromecast Firmware
U-Boot shell vulnerability resulting in Privilege escalation in a production device
network
low complexity
google
critical
9.8
2023-12-11 CVE-2023-48425 Unspecified vulnerability in Google Chromecast Firmware
U-Boot vulnerability resulting in persistent Code Execution 
network
low complexity
google
critical
9.8