Vulnerabilities > Google > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-03-07 CVE-2016-5179 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Chrome OS
Chrome OS before 53.0.2785.144 allows remote attackers to execute arbitrary commands at boot.
network
low complexity
google CWE-119
critical
 9.8
9.8
2018-02-19 CVE-2017-7376 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects.
network
low complexity
xmlsoft google debian CWE-119
critical
 9.8
9.8
2018-02-19 CVE-2017-7375 XXE vulnerability in multiple products
A flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes).
network
low complexity
xmlsoft debian google CWE-611
critical
 9.8
9.8
2018-02-12 CVE-2017-13229 Improper Input Validation vulnerability in Google Android
A remote code execution vulnerability in the Android media framework (n/a).
network
low complexity
google CWE-20
critical
 9.8
9.8
2018-01-12 CVE-2017-13208 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In receive_packet of libnetutils/packet.c, there is a possible out-of-bounds write due to a missing bounds check on the DHCP response.
network
low complexity
google CWE-119
critical
 9.8
9.8
2018-01-12 CVE-2017-13205 Information Exposure vulnerability in Google Android
An information disclosure vulnerability in the Android media framework (libmpeg2).
network
low complexity
google CWE-200
critical
 9.1
9.1
2018-01-12 CVE-2017-13204 Information Exposure vulnerability in Google Android
An information disclosure vulnerability in the Android media framework (libavc).
network
low complexity
google CWE-200
critical
 9.1
9.1
2018-01-12 CVE-2017-13203 Information Exposure vulnerability in Google Android
An information disclosure vulnerability in the Android media framework (libavc).
network
low complexity
google CWE-200
critical
 9.1
9.1
2018-01-12 CVE-2017-13188 Information Exposure vulnerability in Google Android
An information disclosure vulnerability in the Android media framework (aac).
network
low complexity
google CWE-200
critical
 9.1
9.1
2018-01-12 CVE-2017-13187 Information Exposure vulnerability in Google Android
An information disclosure vulnerability in the Android media framework (libhevc).
network
low complexity
google CWE-200
critical
 9.1
9.1