Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-25 | CVE-2018-6043 | Improper Input Validation vulnerability in multiple products Insufficient data validation in External Protocol Handler in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially execute arbitrary programs on user machine via a crafted HTML page. | 8.8 |
| 2018-09-25 | CVE-2018-6035 | Information Exposure vulnerability in multiple products Insufficient policy enforcement in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user local file data via a crafted Chrome Extension. | 8.8 |
| 2018-09-25 | CVE-2018-6034 | Out-of-bounds Read vulnerability in multiple products Insufficient data validation in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | 8.1 |
| 2018-09-25 | CVE-2018-6033 | Improper Input Validation vulnerability in multiple products Insufficient data validation in Downloads in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary code outside sandbox via a crafted Chrome Extension. | 8.8 |
| 2018-09-25 | CVE-2018-6031 | Use After Free vulnerability in multiple products Use after free in PDFium in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | 8.8 |
| 2018-09-19 | CVE-2018-5905 | Race Condition vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a race condition while accessing num of clients in DIAG services can lead to out of boundary access. | 7.0 |
| 2018-09-19 | CVE-2018-3573 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while relocating kernel images with a specially crafted boot image, an out of bounds access can occur. | 7.8 |
| 2018-09-19 | CVE-2018-11904 | NULL Pointer Dereference vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, asynchronous callbacks received a pointer to a callers local variable. | 7.8 |
| 2018-09-19 | CVE-2018-11903 | Improper Validation of Array Index vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from caller function used as an array index for WMA interfaces can lead to OOB write in WLAN HOST. | 7.8 |
| 2018-09-19 | CVE-2018-11902 | Improper Validation of Array Index vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from firmware can lead to OOB access in WLAN HOST. | 7.8 |