Vulnerabilities > Google > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-11-25 CVE-2022-4135 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google microsoft CWE-787
critical
9.6
2022-11-18 CVE-2022-41880 Unspecified vulnerability in Google Tensorflow
TensorFlow is an open source platform for machine learning.
network
low complexity
google
critical
9.1
2022-11-18 CVE-2022-41900 Unspecified vulnerability in Google Tensorflow
TensorFlow is an open source platform for machine learning.
network
low complexity
google
critical
9.8
2022-11-09 CVE-2022-3890 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in Crashpad in Google Chrome on Android prior to 107.0.5304.106 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google debian CWE-787
critical
9.6
2022-09-26 CVE-2022-3075 Improper Input Validation vulnerability in multiple products
Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google fedoraproject CWE-20
critical
9.6
2022-09-16 CVE-2022-35937 Unspecified vulnerability in Google Tensorflow
TensorFlow is an open source platform for machine learning.
network
low complexity
google
critical
9.1
2022-09-16 CVE-2022-35938 Unspecified vulnerability in Google Tensorflow
TensorFlow is an open source platform for machine learning.
network
low complexity
google
critical
9.1
2022-09-16 CVE-2022-35939 Unspecified vulnerability in Google Tensorflow
TensorFlow is an open source platform for machine learning.
network
low complexity
google
critical
9.8
2022-09-13 CVE-2021-0942 Out-of-bounds Read vulnerability in Google Android
The path in this case is a little bit convoluted.
network
low complexity
google CWE-125
critical
9.8
2022-09-13 CVE-2022-20385 Improper Validation of Specified Quantity in Input vulnerability in Google Android
a function called 'nla_parse', do not check the len of para, it will check nla_type (which can be controlled by userspace) with 'maxtype' (in this case, it is GSCAN_MAX), then it access polciy array 'policy[type]', which OOB access happens.Product: AndroidVersions: Android SoCAndroid ID: A-238379819
network
low complexity
google CWE-1284
critical
9.8