Vulnerabilities > Google > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-12-06 | CVE-2018-9568 | Incorrect Type Conversion or Cast vulnerability in multiple products In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. | 7.8 |
2018-12-06 | CVE-2018-9567 | Unspecified vulnerability in Google Android On Pixel devices there is a bug causing verified boot to show the same certificate fingerprint despite using different signing keys. | 7.2 |
2018-12-06 | CVE-2018-9558 | Out-of-bounds Write vulnerability in Google Android In rw_t2t_handle_tlv_detect of rw_t2t_ndef.cc, there is a possible out-of-bounds write due to a missing bounds check. | 7.2 |
2018-12-06 | CVE-2018-9557 | Release of Invalid Pointer or Reference vulnerability in Google Android 7.0/7.1.1/7.1.2 In really_install_package of install.cpp, there is a possible free of arbitrary memory due to uninitialized data. | 7.2 |
2018-12-06 | CVE-2018-9555 | Out-of-bounds Write vulnerability in Google Android In l2c_lcc_proc_pdu of l2c_fcr.cc, there is a possible out of bounds write due to a missing bounds check. | 8.3 |
2018-12-06 | CVE-2018-9547 | Improper Input Validation vulnerability in Google Android 8.1/9.0 In unflatten of GraphicBuffer.cpp, there is a possible bad fd close due to improper input validation. | 7.2 |
2018-12-06 | CVE-2018-9538 | Out-of-bounds Read vulnerability in Google Android 8.1/9.0 In V4L2SliceVideoDecodeAccelerator::Dequeue of v4l2_slice_video_decode_accelerator.cc, there is a possible out of bounds read of a function pointer due to an incorrect bounds check. | 7.2 |
2018-12-04 | CVE-2018-6101 | Improper Input Validation vulnerability in multiple products A lack of host validation in DevTools in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page, if the user is running a remote DevTools debugging server. | 7.5 |
2018-12-04 | CVE-2018-6094 | Out-of-bounds Write vulnerability in multiple products Inline metadata in GarbageCollection in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2018-12-04 | CVE-2018-6092 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow on 32-bit systems in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | 8.8 |