Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-09 | CVE-2022-39119 | Missing Authorization vulnerability in Google Android 10.0/11.0/12.0 In network service, there is a missing permission check. | 7.8 |
| 2022-09-06 | CVE-2022-26469 | Unsafe Reflection vulnerability in Google Android 11.0/12.0 In MtkEmail, there is a possible escalation of privilege due to fragment injection. | 7.8 |
| 2022-08-24 | CVE-2021-0891 | Improper Privilege Management vulnerability in Google Android An unprivileged app can trigger PowerVR driver to return an uninitialized heap memory causing information disclosure.Product: AndroidVersions: Android SoCAndroid ID: A-236849490 | 7.5 |
| 2022-08-24 | CVE-2021-0946 | Missing Initialization of Resource vulnerability in Google Android The method PVRSRVBridgePMRPDumpSymbolicAddr allocates puiMemspaceNameInt on the heap, fills the contents of the buffer via PMR_PDumpSymbolicAddr, and then copies the buffer to userspace. | 7.5 |
| 2022-08-24 | CVE-2021-0947 | Missing Initialization of Resource vulnerability in Google Android The method PVRSRVBridgeTLDiscoverStreams allocates puiStreamsInt on the heap, fills the contents of the buffer via TLServerDiscoverStreamsKM, and then copies the buffer to userspace. | 7.5 |
| 2022-08-12 | CVE-2022-2603 | Use After Free vulnerability in multiple products Use after free in Omnibox in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-08-12 | CVE-2022-2604 | Use After Free vulnerability in multiple products Use after free in Safe Browsing in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-08-12 | CVE-2022-2606 | Use After Free vulnerability in multiple products Use after free in Managed devices API in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who convinced a user to enable a specific Enterprise policy to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-08-12 | CVE-2022-2607 | Race Condition vulnerability in multiple products Use after free in Tab Strip in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. | 8.8 |
| 2022-08-12 | CVE-2022-2608 | Race Condition vulnerability in multiple products Use after free in Overview Mode in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. | 8.8 |