Vulnerabilities > Google > High

DATE CVE VULNERABILITY TITLE RISK
2020-08-11 CVE-2020-0254 Out-of-bounds Read vulnerability in Google Android
There is a possible out of bounds read due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-152647751
network
low complexity
google CWE-125
7.5
7.5
2020-08-11 CVE-2020-0251 Out-of-bounds Read vulnerability in Google Android
There is a possible out of bounds read due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-152647626
network
low complexity
google CWE-125
7.5
7.5
2020-08-11 CVE-2020-0243 Improper Locking vulnerability in Google Android
In clearPropValue of MediaAnalyticsItem.cpp, there is a possible use-after-free due to improper locking.
local
low complexity
google CWE-667
7.8
7.8
2020-08-11 CVE-2020-0242 Improper Locking vulnerability in Google Android
In reset of NuPlayerDriver.cpp, there is a possible use-after-free due to improper locking.
local
low complexity
google CWE-667
7.8
7.8
2020-08-11 CVE-2020-0241 Double Free vulnerability in Google Android
In NuPlayerStreamListener of NuPlayerStreamListener.cpp, there is possible memory corruption due to a double free.
local
low complexity
google CWE-415
7.8
7.8
2020-08-11 CVE-2020-0240 Integer Overflow or Wraparound vulnerability in Google Android 10.0
In NewFixedDoubleArray of factory.cc, there is a possible out of bounds write due to an integer overflow.
network
low complexity
google CWE-190
8.8
8.8
2020-08-11 CVE-2020-0238 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android
In updatePreferenceIntents of AccountTypePreferenceLoader, there is a possible confused deputy attack due to a race condition.
local
high complexity
google CWE-367
7.0
7.0
2020-08-11 CVE-2020-0108 Improper Handling of Exceptional Conditions vulnerability in Google Android 10.0/8.1/9.0
In postNotification of ServiceRecord.java, there is a possible bypass of foreground process restrictions due to an uncaught exception.
local
low complexity
google CWE-755
7.8
7.8
2020-08-11 CVE-2020-8918 Improper Initialization vulnerability in Google Go-Tpm
An improperly initialized 'migrationAuth' value in Google's go-tpm TPM1.2 library versions prior to 0.3.0 can lead an eavesdropping attacker to discover the auth value for a key created with CreateWrapKey.
local
low complexity
google CWE-665
7.1
7.1
2020-07-22 CVE-2020-6534 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in WebRTC in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google opensuse debian fedoraproject CWE-787
8.8
8.8