Vulnerabilities > Google > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-14 | CVE-2024-4671 | Use After Free vulnerability in multiple products Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
| 2024-05-07 | CVE-2024-4558 | Use After Free vulnerability in multiple products Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 9.6 |
| 2024-04-10 | CVE-2024-3157 | Out-of-bounds Write vulnerability in multiple products Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via specific UI gestures. | 9.6 |
| 2024-03-11 | CVE-2024-0039 | Out-of-bounds Write vulnerability in Google Android In attp_build_value_cmd of att_protocol.cc, there is a possible out of bounds write due to a missing bounds check. | 9.8 |
| 2024-02-16 | CVE-2024-0031 | Out-of-bounds Write vulnerability in Google Android In attp_build_read_by_type_value_cmd of att_protocol.cc , there is a possible out of bounds write due to improper input validation. | 9.8 |
| 2024-02-07 | CVE-2024-1283 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in Skia in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 9.8 |
| 2024-02-07 | CVE-2024-1284 | Use After Free vulnerability in multiple products Use after free in Mojo in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 9.8 |
| 2024-02-05 | CVE-2024-20011 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android 11.0/12.0/13.0 In alac decoder, there is a possible information disclosure due to an incorrect bounds check. | 9.8 |
| 2024-01-24 | CVE-2024-0808 | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products Integer underflow in WebUI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via a malicious file. | 9.8 |
| 2024-01-02 | CVE-2023-6339 | Missing Encryption of Sensitive Data vulnerability in Google Nest Wifi PRO Firmware Google Nest WiFi Pro root code-execution & user-data compromise | 9.8 |