Vulnerabilities > Google > High

DATE CVE VULNERABILITY TITLE RISK
2025-05-05 CVE-2025-20668 Unspecified vulnerability in Google Android 14.0/15.0
In scp, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
google
7.8
2025-05-05 CVE-2025-20671 Unspecified vulnerability in Google Android 14.0/15.0
In thermal, there is a possible out of bounds write due to a race condition.
local
high complexity
google
7.0
2025-02-26 CVE-2024-39441 Unspecified vulnerability in Google Android 13.0/14.0/15.0
In wifi display, there is a possible missing permission check.
local
low complexity
google
8.4
2025-01-18 CVE-2018-9389 Out-of-bounds Write vulnerability in Google Android
In ip6_append_data of ip6_output.c, there is a possible way to achieve code execution due to a heap buffer overflow.
local
low complexity
google CWE-787
7.8
2025-01-15 CVE-2025-0437 Out-of-bounds Read vulnerability in Google Chrome
Out of bounds read in Metrics in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-125
8.8
2025-01-08 CVE-2025-0291 Type Confusion vulnerability in Google Chrome
Type Confusion in V8 in Google Chrome prior to 131.0.6778.264 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
network
low complexity
google CWE-843
8.8
2025-01-08 CVE-2023-35685 Unspecified vulnerability in Google Android
In DevmemIntMapPages of devicemem_server.c, there is a possible physical page uaf due to a logic error in the code.
local
low complexity
google
7.8
2024-12-18 CVE-2024-12692 Unspecified vulnerability in Google Chrome
Type Confusion in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google
8.8
2024-12-18 CVE-2024-12693 Out-of-bounds Write vulnerability in Google Chrome
Out of bounds memory access in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
network
low complexity
google CWE-787
8.8
2024-12-18 CVE-2024-12694 Unspecified vulnerability in Google Chrome
Use after free in Compositing in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google
8.8