Vulnerabilities > Google > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-06-05 CVE-2020-13840 Classic Buffer Overflow vulnerability in Google Android
An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 (MTK chipsets).
network
low complexity
google CWE-120
critical
 9.8
9.8
2020-06-05 CVE-2020-13839 Classic Buffer Overflow vulnerability in Google Android
An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 (MTK chipsets).
network
low complexity
google CWE-120
critical
 9.8
9.8
2020-06-04 CVE-2020-13835 Improper Restriction of Excessive Authentication Attempts vulnerability in Google Android 8.0
An issue was discovered on Samsung mobile devices with O(8.x) (with TEEGRIS) software.
network
low complexity
google CWE-307
critical
 9.8
9.8
2020-06-04 CVE-2020-13833 Link Following vulnerability in Google Android
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software.
network
low complexity
google CWE-59
critical
 9.1
9.1
2020-06-04 CVE-2020-13832 Improper Input Validation vulnerability in Google Android 10.0
An issue was discovered on Samsung mobile devices with Q(10.0) (with TEEGRIS on Exynos chipsets) software.
network
low complexity
google CWE-20
critical
 9.8
9.8
2020-06-04 CVE-2020-13831 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android 8.0/8.1/9.0
An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (Exynos 7570 chipsets) software.
network
low complexity
google CWE-119
critical
 9.8
9.8
2020-06-03 CVE-2020-6493 Use After Free vulnerability in multiple products
Use after free in WebAuthentication in Google Chrome prior to 83.0.4103.97 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google debian opensuse CWE-416
critical
 9.6
9.6
2020-05-21 CVE-2020-6471 Incorrect Default Permissions vulnerability in multiple products
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
network
low complexity
google fedoraproject opensuse debian CWE-276
critical
 9.6
9.6
2020-05-21 CVE-2020-6469 Incorrect Default Permissions vulnerability in multiple products
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
network
low complexity
google debian opensuse fedoraproject CWE-276
critical
 9.6
9.6
2020-05-21 CVE-2020-6466 Use After Free vulnerability in multiple products
Use after free in media in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google debian opensuse fedoraproject CWE-416
critical
 9.6
9.6