Vulnerabilities > Google > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-17 | CVE-2018-19333 | Unspecified vulnerability in Google Gvisor 20180822/20180823 pkg/sentry/kernel/shm/shm.go in Google gVisor before 2018-11-01 allows attackers to overwrite memory locations in processes running as root (but not escape the sandbox) via vectors involving IPC_RMID shmctl calls, because reference counting is mishandled. | 9.8 |
| 2018-11-14 | CVE-2018-9580 | Unspecified vulnerability in Google Android A Elevation of privilege vulnerability in the HTC bootloader. | 9.8 |
| 2018-11-14 | CVE-2018-17472 | Improper Input Validation vulnerability in multiple products Incorrect handling of googlechrome:// URL scheme on iOS in Intents in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to escape the <iframe> sandbox via a crafted HTML page. | 9.6 |
| 2018-11-14 | CVE-2018-17462 | Use After Free vulnerability in multiple products Incorrect refcounting in AppCache in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform a sandbox escape via a crafted HTML page. | 9.6 |
| 2018-11-06 | CVE-2018-9446 | Out-of-bounds Write vulnerability in Google Android In smp_br_state_machine_event of smp_br_main.cc, there is a possible out of bounds write due to memory corruption. | 9.8 |
| 2018-11-06 | CVE-2018-9356 | Double Free vulnerability in Google Android In bnep_data_ind of bnep_main.c, there is a possible remote code execution due to a double free. | 9.8 |
| 2018-11-06 | CVE-2018-9355 | Out-of-bounds Write vulnerability in Google Android In bta_dm_sdp_result of bta_dm_act.cc, there is a possible out of bounds stack write due to a missing bounds check. | 9.8 |
| 2018-10-02 | CVE-2018-9476 | Use After Free vulnerability in Google Android 8.0/8.1 In avrc_pars_browsing_cmd of avrc_pars_tg.cc, there is a possible use-after-free due to improper locking. | 9.8 |
| 2018-08-28 | CVE-2017-15398 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A stack buffer overflow in the QUIC networking stack in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to gain code execution via a malicious server. | 9.8 |
| 2018-08-17 | CVE-2018-15482 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android Certain LG devices based on Android 6.0 through 8.1 have incorrect access control for MLT application intents. | 9.8 |