Vulnerabilities > Google > High

DATE CVE VULNERABILITY TITLE RISK
2024-07-09 CVE-2024-34723 Unspecified vulnerability in Google Android
In onTransact of ParcelableListBinder.java , there is a possible way to steal mAllowlistToken to launch an app from background due to a logic error in the code.
local
low complexity
google
7.8
7.8
2024-07-09 CVE-2024-34724 Race Condition vulnerability in Google Android
In _UnrefAndMaybeDestroy of pmr.c, there is a possible arbitrary code execution due to a race condition.
local
high complexity
google CWE-362
7.0
7.0
2024-07-09 CVE-2024-34725 Race Condition vulnerability in Google Android
In DevmemIntUnexportCtx of devicemem_server.c, there is a possible arbitrary code execution due to a race condition.
local
high complexity
google CWE-362
7.0
7.0
2024-07-09 CVE-2024-34726 Unspecified vulnerability in Google Android
In PVRSRV_MMap of pvr_bridge_k.c, there is a possible arbitrary code execution due to a logic error in the code.
local
low complexity
google
7.8
7.8
2024-06-24 CVE-2024-6290 Use After Free vulnerability in multiple products
Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2024-06-24 CVE-2024-6291 Use After Free vulnerability in multiple products
Use after free in Swiftshader in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2024-06-24 CVE-2024-6292 Use After Free vulnerability in multiple products
Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2024-06-24 CVE-2024-6293 Use After Free vulnerability in multiple products
Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2024-06-20 CVE-2024-6100 Type Confusion vulnerability in Google Chrome
Type Confusion in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
network
low complexity
google CWE-843
8.8
8.8
2024-06-20 CVE-2024-6101 Unspecified vulnerability in Google Chrome
Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.
network
low complexity
google
8.8
8.8