Vulnerabilities > Google > High

DATE CVE VULNERABILITY TITLE RISK
2020-01-10 CVE-2020-6377 Use After Free vulnerability in multiple products
Use after free in audio in Google Chrome prior to 79.0.3945.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 		8.8
8.8
2020-01-10 CVE-2019-13767 Use After Free vulnerability in multiple products
Use after free in media picker in Google Chrome prior to 79.0.3945.88 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject opensuse CWE-416
8.8
8.8
2020-01-08 CVE-2020-0002 Use After Free vulnerability in Google Android
In ih264d_init_decoder of ih264d_api.c, there is a possible out of bounds write due to a use after free.
network
low complexity
google CWE-416
8.8
8.8
2020-01-08 CVE-2020-0001 Unspecified vulnerability in Google Android
In getProcessRecordLocked of ActivityManagerService.java isolated apps are not handled correctly.
local
low complexity
google
7.8
7.8
2020-01-06 CVE-2019-9469 Out-of-bounds Write vulnerability in Google Android
In km_compute_shared_hmac of km4.c, there is a possible out of bounds write due to improper input validation.
local
low complexity
google CWE-787
7.8
7.8
2020-01-06 CVE-2019-9468 Double Free vulnerability in Google Android
In export_key_der of export_key.cpp, there is possible memory corruption due to a double free.
local
low complexity
google CWE-415
7.8
7.8
2019-12-10 CVE-2019-13764 Type Confusion vulnerability in multiple products
Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 		8.8
8.8
2019-12-10 CVE-2019-13747 Use of Uninitialized Resource vulnerability in multiple products
Uninitialized data in rendering in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject redhat CWE-908
8.8
8.8
2019-12-10 CVE-2019-13741 Cross-site Scripting vulnerability in multiple products
Insufficient validation of untrusted input in Blink in Google Chrome prior to 79.0.3945.79 allowed a local attacker to bypass same origin policy via crafted clipboard content.
network
low complexity
google debian fedoraproject redhat CWE-79
8.8
8.8
2019-12-10 CVE-2019-13736 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in PDFium in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
network
low complexity
google debian fedoraproject redhat CWE-190
8.8
8.8