Vulnerabilities > Google > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-11-16 | CVE-2017-0838 | Unspecified vulnerability in Google Android 7.0/7.1.1/7.1.2 An elevation of privilege vulnerability in the Android media framework (libstagefright). | 7.2 |
2017-11-16 | CVE-2017-9690 | Integer Overflow or Wraparound vulnerability in Google Android In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a qbt1000 ioctl handler, an incorrect buffer size check has an integer overflow vulnerability potentially leading to a buffer overflow. | 7.2 |
2017-11-14 | CVE-2017-6274 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android An elevation of Privilege vulnerability exists in the Thermal Driver, where a missing bounds checks in the thermal throttle driver can cause an out-of-bounds write in the kernel. | 7.5 |
2017-10-27 | CVE-2017-5122 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Inappropriate use of table size handling in V8 in Google Chrome prior to 61.0.3163.100 for Windows allowed a remote attacker to trigger out-of-bounds access via a crafted HTML page. | 8.8 |
2017-10-27 | CVE-2017-5121 | Improper Input Validation vulnerability in multiple products Inappropriate use of JIT optimisation in V8 in Google Chrome prior to 61.0.3163.100 for Linux, Windows, and Mac allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to the escape analysis phase. | 8.8 |
2017-10-27 | CVE-2017-5116 | Type Confusion vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | 8.8 |
2017-10-27 | CVE-2017-5115 | Incorrect Type Conversion or Cast vulnerability in Google Chrome Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Windows allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. | 8.8 |
2017-10-27 | CVE-2017-5114 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Inappropriate use of partition alloc in PDFium in Google Chrome prior to 61.0.3163.79 for Linux, Windows, and Mac, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit memory corruption via a crafted PDF file. | 8.8 |
2017-10-27 | CVE-2017-5113 | Out-of-bounds Write vulnerability in multiple products Math overflow in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2017-10-27 | CVE-2017-5112 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Chrome Heap buffer overflow in WebGL in Google Chrome prior to 61.0.3163.79 for Windows allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | 8.8 |