Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-18 | CVE-2017-15818 | Integer Overflow or Wraparound vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while loading a user application in qseecom, an integer overflow could potentially occur if the application partition size is rounded up to page_size. | 7.2 |
| 2018-09-04 | CVE-2018-11262 | Incorrect Calculation vulnerability in Google Android In Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel while trying to find out total number of partition via a non zero check, there could be possibility where the 'TotalPart' could cross 'GptHeader->MaxPtCnt' and which could result in OOB write in patching GPT. | 7.2 |
| 2018-09-02 | CVE-2018-16359 | Unspecified vulnerability in Google Gvisor Google gVisor before 2018-08-23, within the seccomp sandbox, permits access to the renameat system call, which allows attackers to rename files on the host OS. network google | 7.1 |
| 2018-08-29 | CVE-2018-12828 | Unspecified vulnerability in Adobe Flash Player Adobe Flash Player 30.0.0.134 and earlier have a "use of a component with a known vulnerability" vulnerability. | 7.5 |
| 2018-08-29 | CVE-2018-12825 | Unspecified vulnerability in Adobe Flash Player Adobe Flash Player 30.0.0.134 and earlier have a security bypass vulnerability. | 7.5 |
| 2018-08-28 | CVE-2017-15406 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Chrome A stack buffer overflow in V8 in Google Chrome prior to 62.0.3202.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | 8.8 |
| 2018-08-28 | CVE-2017-15399 | Use After Free vulnerability in multiple products A use after free in V8 in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2018-08-28 | CVE-2017-15413 | Incorrect Type Conversion or Cast vulnerability in multiple products Type confusion in WebAssembly in V8 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2018-08-28 | CVE-2017-15412 | Use After Free vulnerability in multiple products Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2018-08-28 | CVE-2017-15411 | Use After Free vulnerability in multiple products Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | 8.8 |