Vulnerabilities > Google > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-11-09 CVE-2022-3890 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in Crashpad in Google Chrome on Android prior to 107.0.5304.106 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google debian CWE-787
critical
 9.6
9.6
2022-09-26 CVE-2022-3075 Improper Input Validation vulnerability in multiple products
Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google fedoraproject CWE-20
critical
 9.6
9.6
2022-09-16 CVE-2022-35937 Out-of-bounds Read vulnerability in Google Tensorflow
TensorFlow is an open source platform for machine learning.
network
low complexity
google CWE-125
critical
 9.1
9.1
2022-09-16 CVE-2022-35938 Out-of-bounds Read vulnerability in Google Tensorflow
TensorFlow is an open source platform for machine learning.
network
low complexity
google CWE-125
critical
 9.1
9.1
2022-09-16 CVE-2022-35939 Out-of-bounds Write vulnerability in Google Tensorflow
TensorFlow is an open source platform for machine learning.
network
low complexity
google CWE-787
critical
 9.8
9.8
2022-09-13 CVE-2021-0942 Out-of-bounds Read vulnerability in Google Android
The path in this case is a little bit convoluted.
network
low complexity
google CWE-125
critical
 9.8
9.8
2022-09-13 CVE-2022-20385 Improper Validation of Specified Quantity in Input vulnerability in Google Android
a function called 'nla_parse', do not check the len of para, it will check nla_type (which can be controlled by userspace) with 'maxtype' (in this case, it is GSCAN_MAX), then it access polciy array 'policy[type]', which OOB access happens.Product: AndroidVersions: Android SoCAndroid ID: A-238379819
network
low complexity
google CWE-1284
critical
 9.8
9.8
2022-09-13 CVE-2022-20386 Unspecified vulnerability in Google Android
Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238227328
network
low complexity
google
critical
 9.8
9.8
2022-09-13 CVE-2022-20387 Unspecified vulnerability in Google Android
Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238227324
network
low complexity
google
critical
 9.8
9.8
2022-09-13 CVE-2022-20388 Unspecified vulnerability in Google Android
Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238227323
network
low complexity
google
critical
 9.8
9.8