Vulnerabilities > Google > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-24 | CVE-2014-9654 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted string, a related issue to CVE-2014-7923. | 9.8 |
| 2017-04-17 | CVE-2016-6727 | Permissions, Privileges, and Access Controls vulnerability in Google Android The Qualcomm GPS subsystem in Android on Android One devices allows remote attackers to execute arbitrary code. | 9.8 |
| 2017-04-17 | CVE-2016-6726 | Unspecified vulnerability in Google Android Unspecified vulnerability in Qualcomm components in Android on Nexus 6 and Android One devices. | 9.8 |
| 2017-04-13 | CVE-2016-1155 | Injection vulnerability in Google Android HTTP header injection vulnerability in the URLConnection class in Android OS 2.2 through 6.0 allows remote attackers to execute arbitrary scripts or set arbitrary values in cookies. | 9.8 |
| 2017-04-13 | CVE-2014-7921 | Permissions, Privileges, and Access Controls vulnerability in Google Android mediaserver in Android 4.0.3 through 5.x before 5.1 allows attackers to gain privileges. | 9.8 |
| 2017-04-13 | CVE-2014-7920 | Permissions, Privileges, and Access Controls vulnerability in Google Android mediaserver in Android 2.2 through 5.x before 5.1 allows attackers to gain privileges. | 9.8 |
| 2017-04-11 | CVE-2013-6647 | Use After Free vulnerability in Google Chrome A use-after-free in AnimationController::endAnimationUpdate in Google Chrome. | 9.8 |
| 2017-04-04 | CVE-2016-10229 | Improperly Implemented Security Check for Standard vulnerability in multiple products udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag. | 9.8 |
| 2017-02-08 | CVE-2016-8418 | Improper Access Control vulnerability in Google Android A remote code execution vulnerability in the Qualcomm crypto driver could enable a remote attacker to execute arbitrary code within the context of the kernel. | 9.8 |
| 2017-01-27 | CVE-2016-8411 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android Buffer overflow vulnerability while processing QMI QOS TLVs. | 9.8 |