Vulnerabilities > Google > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-11-02 CVE-2020-6492 Use After Free vulnerability in Google Chrome
Use after free in ANGLE in Google Chrome prior to 83.0.4103.97 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google CWE-416
critical
9.6
2021-11-02 CVE-2021-37981 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google debian CWE-787
critical
9.6
2021-10-08 CVE-2021-37973 Use After Free vulnerability in multiple products
Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-416
critical
9.6
2021-10-08 CVE-2021-30633 Use After Free vulnerability in multiple products
Use after free in Indexed DB API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
critical
9.6
2021-09-21 CVE-2021-0869 Out-of-bounds Write vulnerability in Google Android
In GetTimeStampAndPkt of DumpstateDevice.cpp, there is a possible out of bounds write due to an incorrect bounds check.
network
low complexity
google CWE-787
critical
9.8
2021-09-09 CVE-2021-25449 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
An improper input validation vulnerability in libsapeextractor library prior to SMR Sep-2021 Release 1 allows attackers to execute arbitrary code in mediaextractor process.
network
low complexity
google CWE-119
critical
9.8
2021-08-03 CVE-2021-30571 Incorrect Authorization vulnerability in multiple products
Insufficient policy enforcement in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google fedoraproject CWE-863
critical
9.6
2021-07-14 CVE-2021-0515 Out-of-bounds Write vulnerability in Google Android
In Factory::CreateStrictFunctionMap of factory.cc, there is a possible out of bounds write due to an incorrect bounds check.
network
low complexity
google CWE-787
critical
9.8
2021-06-30 CVE-2021-35958 Path Traversal vulnerability in Google Tensorflow
TensorFlow through 2.5.0 allows attackers to overwrite arbitrary files via a crafted archive when tf.keras.utils.get_file is used with extract=True.
network
low complexity
google CWE-22
critical
9.1
2021-06-21 CVE-2021-0516 Use After Free vulnerability in Google Android
In p2p_process_prov_disc_req of p2p_pd.c, there is a possible out of bounds read and write due to a use after free.
network
low complexity
google CWE-416
critical
9.8