Vulnerabilities > Google > High

DATE CVE VULNERABILITY TITLE RISK
2023-12-08 CVE-2023-48409 Integer Overflow or Wraparound vulnerability in Google Android
In gpu_pixel_handle_buffer_liveness_update_ioctl of private/google-modules/gpu/mali_kbase/mali_kbase_core_linux.c, there is a possible out of bounds write due to an integer overflow.
local
low complexity
google CWE-190
7.8
2023-12-08 CVE-2023-48410 Out-of-bounds Read vulnerability in Google Android
In cd_ParseMsg of cd_codec.c, there is a possible out of bounds read due to a missing bounds check.
network
low complexity
google CWE-125
7.5
2023-12-08 CVE-2023-48416 NULL Pointer Dereference vulnerability in Google Android
In multiple locations, there is a possible null dereference due to a missing null check.
network
low complexity
google CWE-476
7.5
2023-12-08 CVE-2023-48421 Out-of-bounds Write vulnerability in Google Android
In gpu_pixel_handle_buffer_liveness_update_ioctl of private/google-modules/gpu/mali_kbase/platform/pixel/pixel_gpu_slc.c, there is a possible out of bounds write due to improper input validation.
local
low complexity
google CWE-787
7.8
2023-12-06 CVE-2023-6508 Use After Free vulnerability in multiple products
Use after free in Media Stream in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-416
8.8
2023-12-06 CVE-2023-6509 Use After Free vulnerability in multiple products
Use after free in Side Panel Search in Google Chrome prior to 120.0.6099.62 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific UI interaction.
network
low complexity
debian fedoraproject google CWE-416
8.8
2023-12-06 CVE-2023-6510 Use After Free vulnerability in multiple products
Use after free in Media Capture in Google Chrome prior to 120.0.6099.62 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific UI interaction.
network
low complexity
debian fedoraproject google CWE-416
8.8
2023-12-04 CVE-2023-21227 Unspecified vulnerability in Google Android
In HTBLogKM of htbserver.c, there is a possible information disclosure due to log information disclosure.
network
low complexity
google
7.5
2023-12-04 CVE-2023-40077 Race Condition vulnerability in Google Android
In multiple functions of MetaDataBase.cpp, there is a possible UAF write due to a race condition.
network
high complexity
google CWE-362
8.1
2023-12-04 CVE-2023-40079 Unspecified vulnerability in Google Android 14.0
In injectSendIntentSender of ShortcutService.java, there is a possible background activity launch due to a permissions bypass.
local
low complexity
google
7.8