Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-13 | CVE-2020-0027 | Out-of-bounds Write vulnerability in Google Android In HidRawSensor::batch of HidRawSensor.cpp, there is a possible out of bounds write due to an unexpected switch fallthrough. | 7.8 |
| 2020-02-13 | CVE-2020-0026 | Use After Free vulnerability in Google Android In Parcel::continueWrite of Parcel.cpp, there is possible memory corruption due to a use after free. | 7.8 |
| 2020-02-13 | CVE-2020-0022 | Incorrect Calculation vulnerability in multiple products In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. | 8.8 |
| 2020-02-13 | CVE-2020-0015 | Unspecified vulnerability in Google Android In onCreate of CertInstaller.java, there is a possible way to overlay the Certificate Installation dialog by a malicious application. | 7.8 |
| 2020-02-13 | CVE-2019-2200 | Incorrect Default Permissions vulnerability in Google Android 10.0 In updatePermissions of PermissionManagerService.java, it may be possible for a malicious app to obtain a custom permission from another app due to a permission bypass. | 7.3 |
| 2020-02-12 | CVE-2011-3901 | Information Exposure vulnerability in Google Android 2.3.7 Android SQLite Journal before 4.0.1 has an information disclosure vulnerability. | 7.5 |
| 2020-02-12 | CVE-2009-5139 | Use of Password Hash With Insufficient Computational Effort vulnerability in Google Gizmo5 The SIP implementation on the Gizmo5 software phone provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue. | 7.5 |
| 2020-02-11 | CVE-2020-6417 | Unspecified vulnerability in Google Chrome Inappropriate implementation in installer in Google Chrome prior to 80.0.3987.87 allowed a local attacker to execute arbitrary code via a crafted registry entry. | 7.8 |
| 2020-02-11 | CVE-2020-6416 | Improper Input Validation vulnerability in multiple products Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2020-02-11 | CVE-2020-6415 | Out-of-bounds Write vulnerability in multiple products Inappropriate implementation in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |