Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-14 | CVE-2018-17469 | Out-of-bounds Read vulnerability in multiple products Incorrect handling of PDF filter chains in PDFium in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. | 8.8 |
| 2018-11-14 | CVE-2018-17466 | Out-of-bounds Read vulnerability in multiple products Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | 8.8 |
| 2018-11-14 | CVE-2018-17465 | Use After Free vulnerability in multiple products Incorrect implementation of object trimming in V8 in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. | 8.8 |
| 2018-11-14 | CVE-2018-17463 | Incorrect side effect annotation in V8 in Google Chrome prior to 70.0.3538.64 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | 8.8 |
| 2018-11-06 | CVE-2018-9516 | Out-of-bounds Write vulnerability in multiple products In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. | 7.8 |
| 2018-11-06 | CVE-2018-9489 | Information Exposure vulnerability in Google Android When wifi is switched, function sendNetworkStateChangeBroadcast of WifiStateMachine.java broadcasts an intent including detailed wifi network information. | 7.5 |
| 2018-11-06 | CVE-2018-9488 | Incorrect Authorization vulnerability in Google Android 8.0/8.1/9.0 In the SELinux permissions of crash_dump.te, there is a permissions bypass due to a missing restriction. | 7.8 |
| 2018-11-06 | CVE-2018-9465 | Use After Free vulnerability in Google Android In task_get_unused_fd_flags of binder.c, there is a possible memory corruption due to a use after free. | 7.8 |
| 2018-11-06 | CVE-2018-9459 | Path Traversal vulnerability in Google Android In Attachment of Attachment.java and getFilePath of EmlAttachmentProvider.java, there is a possible Elevation of Privilege due to a path traversal error. | 8.8 |
| 2018-11-06 | CVE-2018-9458 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 8.0/8.1 In computeFocusedWindow of RootWindowContainer.java, and related functions, there is possible interception of keypresses due to focus being on the wrong window. | 7.8 |