Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-14 | CVE-2020-0408 | Integer Overflow or Wraparound vulnerability in Google Android In remove of String16.cpp, there is a possible out of bounds write due to an integer overflow. | 7.2 |
| 2020-10-14 | CVE-2020-0377 | Out-of-bounds Read vulnerability in Google Android In gatt_process_read_by_type_rsp of gatt_cl.cc, there is a possible out of bounds read due to a missing bounds check. | 7.8 |
| 2020-10-06 | CVE-2020-26607 | Improper Privilege Management vulnerability in Google Android An issue was discovered in TimaService on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. | 7.5 |
| 2020-09-25 | CVE-2020-15212 | Out-of-bounds Write vulnerability in Google Tensorflow 2.2.0/2.3.0 In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor. | 7.5 |
| 2020-09-25 | CVE-2020-15208 | Out-of-bounds Write vulnerability in multiple products In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of two tensors, TFLite uses a `DCHECK` which is no-op outside of debug compilation modes. | 7.5 |
| 2020-09-25 | CVE-2020-15205 | Out-of-bounds Write vulnerability in multiple products In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `data_splits` argument of `tf.raw_ops.StringNGrams` lacks validation. | 7.5 |
| 2020-09-21 | CVE-2020-6559 | Use After Free vulnerability in multiple products Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2020-09-21 | CVE-2020-6555 | Out-of-bounds Read vulnerability in multiple products Out of bounds read in WebGL in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | 7.6 |
| 2020-09-21 | CVE-2020-6554 | Use After Free vulnerability in multiple products Use after free in extensions in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension. | 8.6 |
| 2020-09-21 | CVE-2020-6553 | Use After Free vulnerability in multiple products Use after free in offline mode in Google Chrome on iOS prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |