Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-18 | CVE-2016-5184 | Use After Free vulnerability in Google Chrome PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly handled object lifecycles in CFFL_FormFillter::KillFocusForAnnot, which allowed a remote attacker to potentially exploit heap corruption via crafted PDF files. | 8.8 |
| 2016-12-18 | CVE-2016-5183 | Use After Free vulnerability in Google Chrome A heap use after free in PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android allows a remote attacker to potentially exploit heap corruption via crafted PDF files. | 8.8 |
| 2016-12-18 | CVE-2016-5182 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Chrome Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation in bitmap handling, which allowed a remote attacker to potentially exploit heap corruption via crafted HTML pages. | 8.8 |
| 2016-12-13 | CVE-2016-6706 | Permissions, Privileges, and Access Controls vulnerability in Google Android An elevation of privilege vulnerability in libstagefright in Mediaserver in Android 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged process. | 7.8 |
| 2016-12-13 | CVE-2016-6699 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android A remote code execution vulnerability in libstagefright in Mediaserver in Android 7.0 before 2016-11-01 could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. | 7.8 |
| 2016-12-08 | CVE-2015-8967 | Permissions, Privileges, and Access Controls vulnerability in multiple products arch/arm64/kernel/sys.c in the Linux kernel before 4.0 allows local users to bypass the "strict page permissions" protection mechanism and modify the system-call table, and consequently gain privileges, by leveraging write access. | 7.8 |
| 2016-11-25 | CVE-2016-6754 | Injection vulnerability in Google Android A remote code execution vulnerability in Webview in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-05 could enable a remote attacker to execute arbitrary code when the user is navigating to a website. | 8.8 |
| 2016-11-25 | CVE-2016-6745 | Permissions, Privileges, and Access Controls vulnerability in Google Android An elevation of privilege vulnerability in the Synaptics touchscreen driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.8 |
| 2016-11-25 | CVE-2016-6744 | Permissions, Privileges, and Access Controls vulnerability in Google Android An elevation of privilege vulnerability in the Synaptics touchscreen driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.8 |
| 2016-11-25 | CVE-2016-6743 | Permissions, Privileges, and Access Controls vulnerability in Google Android An elevation of privilege vulnerability in the Synaptics touchscreen driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.8 |