Vulnerabilities > Google > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-10 | CVE-2022-25818 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android 12.0 Improper boundary check in UWB stack prior to SMR Mar-2022 Release 1 allows arbitrary code execution. | 9.8 |
| 2022-02-12 | CVE-2022-0290 | Use After Free vulnerability in Google Chrome Use after free in Site isolation in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
| 2022-02-12 | CVE-2022-0097 | Inappropriate implementation in DevTools in Google Chrome prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to to potentially allow extension to escape the sandbox via a crafted HTML page. | 9.6 |
| 2022-02-11 | CVE-2021-39616 | Unspecified vulnerability in Google Android Summary:Product: AndroidVersions: Android SoCAndroid ID: A-204686438 | 9.8 |
| 2022-02-11 | CVE-2021-39635 | Incorrect Default Permissions vulnerability in Google Android ims_ex is a vendor system service used to manage VoLTE in unisoc devices,But it does not verify the caller's permissions,so that normal apps (No phone permissions) can obtain some VoLTE sensitive information and manage VoLTE calls.Product: AndroidVersions: Android SoCAndroid ID: A-206492634 | 9.1 |
| 2022-02-11 | CVE-2021-39658 | Incorrect Default Permissions vulnerability in Google Android ismsEx service is a vendor service in unisoc equipment?ismsEx service is an extension of sms system service,but it does not check the permissions of the caller,resulting in permission leaks?Third-party apps can use this service to arbitrarily modify and set system properties?Product: AndroidVersions: Android SoCAndroid ID: A-207479207 | 9.8 |
| 2022-02-11 | CVE-2021-39675 | Out-of-bounds Write vulnerability in Google Android 12.0 In GKI_getbuf of gki_buffer.cc, there is a possible out of bounds write due to a heap buffer overflow. | 9.8 |
| 2022-02-11 | CVE-2022-23425 | Improper Input Validation vulnerability in Google Android 10.0/11.0/12.0 Improper input validation in Exynos baseband prior to SMR Feb-2022 Release 1 allows attackers to send arbitrary NAS signaling messages with fake base station. | 9.8 |
| 2022-02-04 | CVE-2022-23587 | Integer Overflow or Wraparound vulnerability in Google Tensorflow Tensorflow is an Open Source Machine Learning Framework. | 9.8 |
| 2022-01-18 | CVE-2021-22566 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Fuchsia An incorrect setting of UXN bits within mmu_flags_to_s1_pte_attr lead to privileged executable pages being mapped as executable from an unprivileged context. | 9.8 |