Vulnerabilities > Google > High

DATE CVE VULNERABILITY TITLE RISK
2019-11-13 CVE-2019-2206 Out-of-bounds Write vulnerability in Google Android
In rw_i93_sm_set_read_only of rw_i93.cc, there is a possible out of bounds write due to a missing bounds check.
network
low complexity
google CWE-787
8.8
8.8
2019-11-13 CVE-2019-2203 Out-of-bounds Write vulnerability in Google Android
In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a heap buffer overflow.
local
low complexity
google CWE-787
7.8
7.8
2019-11-13 CVE-2019-2202 Out-of-bounds Write vulnerability in Google Android 10.0/9.0
In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a heap buffer overflow.
local
low complexity
google CWE-787
7.8
7.8
2019-11-13 CVE-2019-2201 Out-of-bounds Write vulnerability in multiple products
In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
google canonical CWE-787
7.8
7.8
2019-11-13 CVE-2019-2195 SQL Injection vulnerability in Google Android
In tokenize of sqlite3_android.cpp, there is a possible attacker controlled INSERT statement due to improper input validation.
local
low complexity
google CWE-89
7.8
7.8
2019-11-13 CVE-2019-2193 Improper Privilege Management vulnerability in Google Android
In WelcomeActivity.java and related files, there is a possible permissions bypass due to a partially provisioned Device Policy Client.
local
low complexity
google CWE-269
7.8
7.8
2019-11-13 CVE-2019-2192 Improper Input Validation vulnerability in Google Android 10.0/9.0
In call of SliceProvider.java, there is a possible permissions bypass due to improper input validation.
local
low complexity
google CWE-20
7.8
7.8
2019-11-12 CVE-2011-2335 Double Free vulnerability in Google Blink M11
A double-free vulnerability exists in WebKit in Google Chrome before Blink M12 in the WebCore::CSSSelector function.
network
low complexity
google CWE-415
7.5
7.5
2019-11-06 CVE-2011-1298 Integer Overflow or Wraparound vulnerability in Google Blink
An Integer Overflow exists in WebKit in Google Chrome before Blink M11 in the macOS WebCore::GraphicsContext::fillRect function.
network
low complexity
google CWE-190
7.5
7.5
2019-10-31 CVE-2019-5043 Allocation of Resources Without Limits or Throttling vulnerability in Google Nest CAM IQ Indoor Firmware 4620002
An exploitable denial-of-service vulnerability exists in the Weave daemon of the Nest Cam IQ Indoor, version 4620002.
network
low complexity
google CWE-770
7.5
7.5