Vulnerabilities > Google > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-14 | CVE-2020-0339 | Out-of-bounds Read vulnerability in Google Android There is a possible out of bounds read due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-162980705 | 9.1 |
| 2020-10-14 | CVE-2020-0283 | Out-of-bounds Write vulnerability in Google Android There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-163008257 | 9.1 |
| 2020-10-06 | CVE-2020-26607 | Unspecified vulnerability in Google Android An issue was discovered in TimaService on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. | 9.8 |
| 2020-09-25 | CVE-2020-15208 | Out-of-bounds Write vulnerability in multiple products In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of two tensors, TFLite uses a `DCHECK` which is no-op outside of debug compilation modes. | 9.8 |
| 2020-09-25 | CVE-2020-15207 | Out-of-bounds Write vulnerability in multiple products In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, to mimic Python's indexing with negative values, TFLite uses `ResolveAxis` to convert negative values to positive indices. | 9.0 |
| 2020-09-25 | CVE-2020-15205 | Out-of-bounds Write vulnerability in multiple products In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `data_splits` argument of `tf.raw_ops.StringNGrams` lacks validation. | 9.8 |
| 2020-09-25 | CVE-2020-15202 | In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `Shard` API in TensorFlow expects the last argument to be a function taking two `int64` (i.e., `long long`) arguments. | 9.0 |
| 2020-09-25 | CVE-2020-15196 | Out-of-bounds Read vulnerability in Google Tensorflow 2.3.0 In Tensorflow version 2.3.0, the `SparseCountSparseOutput` and `RaggedCountSparseOutput` implementations don't validate that the `weights` tensor has the same shape as the data. | 9.9 |
| 2020-09-21 | CVE-2020-6573 | Use After Free vulnerability in multiple products Use after free in video in Google Chrome on Android prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
| 2020-09-21 | CVE-2020-15963 | Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. | 9.6 |