Vulnerabilities > Google > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-06-11 | CVE-2021-25385 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android An improper input validation vulnerability in sdfffd_parse_chunk_PROP() in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process. | 7.5 |
2021-06-11 | CVE-2021-25386 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android An improper input validation vulnerability in sdfffd_parse_chunk_FVER() in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process. | 7.5 |
2021-06-11 | CVE-2021-25387 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android An improper input validation vulnerability in sflacfd_get_frm() in libsflacextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process. | 7.5 |
2021-06-11 | CVE-2021-25412 | Unspecified vulnerability in Google Android 10.0 An improper access control vulnerability in genericssoservice prior to SMR JUN-2021 Release 1 allows local attackers to execute protected activity with system privilege via untrusted applications. | 7.2 |
2021-06-08 | CVE-2021-22549 | Exposure of Resource to Wrong Sphere vulnerability in Google Asylo An attacker can modify the address to point to trusted memory to overwrite arbitrary trusted memory. | 7.8 |
2021-06-07 | CVE-2021-30521 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in Autofill in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. | 8.8 |
2021-06-07 | CVE-2021-30522 | Use After Free vulnerability in multiple products Use after free in WebAudio in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2021-06-07 | CVE-2021-30523 | Use After Free vulnerability in multiple products Use after free in WebRTC in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet. | 8.8 |
2021-06-07 | CVE-2021-30524 | Use After Free vulnerability in multiple products Use after free in TabStrip in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2021-06-07 | CVE-2021-30525 | Use After Free vulnerability in multiple products Use after free in TabGroups in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | 8.8 |