Vulnerabilities > Google > High

DATE CVE VULNERABILITY TITLE RISK
2024-09-11 CVE-2024-8637 Use After Free vulnerability in Google Chrome
Use after free in Media Router in Google Chrome on Android prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-416
8.8
2024-09-11 CVE-2024-8638 Type Confusion vulnerability in Google Chrome
Type Confusion in V8 in Google Chrome prior to 128.0.6613.137 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.
network
low complexity
google CWE-843
8.8
2024-09-11 CVE-2024-8639 Use After Free vulnerability in Google Chrome
Use after free in Autofill in Google Chrome on Android prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-416
8.8
2024-09-11 CVE-2024-23716 Use After Free vulnerability in Google Android
In DevmemIntPFNotify of devicemem_server.c, there is a possible use-after-free due to a race condition.
local
high complexity
google CWE-416
7.0
2024-09-11 CVE-2024-31336 Unspecified vulnerability in Google Android
In PVRSRVBridgeRGXKickTA3D2 of server_rgxta3d_bridge.c, there is a possible arbitrary code execution due to improper input validation.
local
low complexity
google
7.8
2024-09-11 CVE-2024-40650 Missing Authorization vulnerability in Google Android
In wifi_item_edit_content of styles.xml , there is a possible FRP bypass due to Missing check for FRP state.
local
low complexity
google CWE-862
7.8
2024-09-11 CVE-2024-40652 Missing Authorization vulnerability in Google Android
In onCreate of SettingsHomepageActivity.java, there is a possible way to access the Settings app while the device is provisioning due to a missing permission check.
local
low complexity
google CWE-862
7.8
2024-09-11 CVE-2024-40654 Incorrect Default Permissions vulnerability in Google Android
In multiple locations, there is a possible permission bypass due to a confused deputy.
local
low complexity
google CWE-276
7.8
2024-09-11 CVE-2024-40655 Unspecified vulnerability in Google Android
In bindAndGetCallIdentification of CallScreeningServiceHelper.java, there is a possible way to maintain a while-in-use permission in the background due to a permissions bypass.
local
low complexity
google
7.8
2024-09-11 CVE-2024-40657 Unspecified vulnerability in Google Android
In addPreferencesForType of AccountTypePreferenceLoader.java, there is a possible way to disable apps for other users due to a confused deputy.
local
low complexity
google
7.8