Vulnerabilities > Google > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-19 | CVE-2019-2030 | Use After Free vulnerability in Google Android 9.0 In removeInterfaceAddress of NetworkController.cpp, there is a possible use after free. | 9.8 |
| 2019-02-19 | CVE-2019-5759 | Use After Free vulnerability in multiple products Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
| 2019-02-11 | CVE-2018-9583 | Out-of-bounds Write vulnerability in Google Android In bta_ag_parse_cmer of bta_ag_cmd.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out-of-bounds write due to a missing bounds check. | 9.8 |
| 2019-01-09 | CVE-2018-6127 | Use After Free vulnerability in multiple products Early free of object in use in IndexDB in Google Chrome prior to 67.0.3396.62 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
| 2019-01-09 | CVE-2018-16068 | Improper Input Validation vulnerability in multiple products Missing validation in Mojo in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
| 2019-01-09 | CVE-2017-15402 | Improper Input Validation vulnerability in Google Chrome Using an ID that can be controlled by a compromised renderer which allows any frame to overwrite the page_state of any other frame in the same process in Navigation in Google Chrome on Chrome OS prior to 62.0.3202.74 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
| 2018-12-07 | CVE-2018-9578 | Out-of-bounds Write vulnerability in Google Android 9.0 In ixheaacd_adts_crc_start_reg of ixheaacd_adts_crc_check.c, there is a possible out of bounds write due to a missing bounds check. | 9.8 |
| 2018-12-07 | CVE-2018-11905 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Possible buffer overflow in WLAN function due to lack of input validation in values received from firmware. | 9.8 |
| 2018-12-06 | CVE-2018-9556 | Integer Overflow or Wraparound vulnerability in Google Android 9.0 In ParsePayloadHeader of payload_metadata.cc, there is a possible out of bounds write due to an integer overflow. | 9.8 |
| 2018-12-04 | CVE-2018-6152 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page and user interaction. | 9.6 |