High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-08	CVE-2020-0001	Unspecified vulnerability in Google Android In getProcessRecordLocked of ActivityManagerService.java isolated apps are not handled correctly. local low complexity google	7.8
2020-01-06	CVE-2019-9469	Out-of-bounds Write vulnerability in Google Android In km_compute_shared_hmac of km4.c, there is a possible out of bounds write due to improper input validation. local low complexity google CWE-787	7.8
2020-01-06	CVE-2019-9468	Double Free vulnerability in Google Android In export_key_der of export_key.cpp, there is possible memory corruption due to a double free. local low complexity google CWE-415	7.8
2019-12-10	CVE-2019-13764	Type Confusion vulnerability in multiple products Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject suse opensuse redhat CWE-843	8.8
2019-12-10	CVE-2019-13747	Use of Uninitialized Resource vulnerability in multiple products Uninitialized data in rendering in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject redhat CWE-908	8.8
2019-12-10	CVE-2019-13741	Cross-site Scripting vulnerability in multiple products Insufficient validation of untrusted input in Blink in Google Chrome prior to 79.0.3945.79 allowed a local attacker to bypass same origin policy via crafted clipboard content. network low complexity google debian fedoraproject redhat CWE-79	8.8
2019-12-10	CVE-2019-13736	Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in PDFium in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. network low complexity google debian fedoraproject redhat CWE-190	8.8
2019-12-10	CVE-2019-13735	Out-of-bounds Write vulnerability in multiple products Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. network low complexity google debian fedoraproject redhat CWE-787	8.8
2019-12-10	CVE-2019-13734	Out-of-bounds Write vulnerability in multiple products Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject redhat canonical suse opensuse debian oracle CWE-787	8.8
2019-12-10	CVE-2019-13732	Use After Free vulnerability in multiple products Use-after-free in WebAudio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject redhat CWE-416	8.8