Vulnerabilities > Google > High

DATE CVE VULNERABILITY TITLE RISK
2024-01-02 CVE-2023-32889 Out-of-bounds Write vulnerability in Google Android 11.0/12.0/13.0
In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check.
network
low complexity
google CWE-787
7.5
7.5
2023-12-21 CVE-2023-7024 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in WebRTC in Google Chrome prior to 120.0.6099.129 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-787
8.8
8.8
2023-12-14 CVE-2023-6702 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject microsoft CWE-843
8.8
8.8
2023-12-14 CVE-2023-6703 Use After Free vulnerability in Google Chrome
Use after free in Blink in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-416
8.8
8.8
2023-12-14 CVE-2023-6704 Use After Free vulnerability in Google Chrome
Use after free in libavif in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted image file.
network
low complexity
google CWE-416
8.8
8.8
2023-12-14 CVE-2023-6705 Use After Free vulnerability in Google Chrome
Use after free in WebRTC in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-416
8.8
8.8
2023-12-14 CVE-2023-6706 Use After Free vulnerability in Google Chrome
Use after free in FedCM in Google Chrome prior to 120.0.6099.109 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-416
8.8
8.8
2023-12-14 CVE-2023-6707 Use After Free vulnerability in Google Chrome
Use after free in CSS in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-416
8.8
8.8
2023-12-08 CVE-2023-48398 Out-of-bounds Read vulnerability in Google Android
In ProtocolNetAcBarringInfo::ProtocolNetAcBarringInfo() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check.
network
low complexity
google CWE-125
7.5
7.5
2023-12-08 CVE-2023-48402 Missing Authorization vulnerability in Google Android
In ppcfw_enable of ppcfw.c, there is a possible EoP due to a missing permission check.
local
low complexity
google CWE-862
7.8
7.8