Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-28 | CVE-2017-15410 | Use After Free vulnerability in multiple products Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | 8.8 |
| 2018-08-28 | CVE-2017-15409 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap buffer overflow in Skia in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2018-08-28 | CVE-2017-15408 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap buffer overflow in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file that is mishandled by PDFium. | 8.8 |
| 2018-08-28 | CVE-2017-15407 | Out-of-bounds Write vulnerability in multiple products Out-of-bounds Write in the QUIC networking stack in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to gain code execution via a malicious server. | 8.8 |
| 2018-08-17 | CVE-2018-15482 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android Certain LG devices based on Android 6.0 through 8.1 have incorrect access control for MLT application intents. | 7.5 |
| 2018-08-17 | CVE-2018-14982 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android Certain LG devices based on Android 6.0 through 8.1 have incorrect access control in the GNSS application. | 7.5 |
| 2018-08-17 | CVE-2018-14981 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android Certain LG devices based on Android 6.0 through 8.1 have incorrect access control for SystemUI application intents. | 7.5 |
| 2018-07-15 | CVE-2018-14066 | SQL Injection vulnerability in Google Android 6.0/7.0 The content://wappush content provider in com.android.provider.telephony, as found in some custom ROMs for Android phones, allows SQL injection. | 7.5 |
| 2018-07-06 | CVE-2018-5907 | Integer Overflow or Wraparound vulnerability in Google Android Possible buffer overflow in msm_adsp_stream_callback_put due to lack of input validation of user-provided data that leads to integer overflow in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel. | 7.8 |
| 2018-07-06 | CVE-2018-5873 | Use After Free vulnerability in multiple products An issue was discovered in the __ns_get_path function in fs/nsfs.c in the Linux kernel before 4.11. | 7.0 |