Vulnerabilities > Google > High

DATE CVE VULNERABILITY TITLE RISK
2023-10-27 CVE-2023-40128 Out-of-bounds Write vulnerability in Google Android
In several functions of xmlregexp.c, there is a possible out of bounds write due to a heap buffer overflow.
local
low complexity
google CWE-787
7.8
7.8
2023-10-27 CVE-2023-40129 Out-of-bounds Write vulnerability in Google Android 12.0/12.1/13.0
In build_read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to a heap buffer overflow.
low complexity
google CWE-787
8.8
8.8
2023-10-27 CVE-2023-40130 Unspecified vulnerability in Google Android
In onBindingDied of CallRedirectionProcessor.java, there is a possible permission bypass due to a logic error in the code.
local
low complexity
google
7.8
7.8
2023-10-27 CVE-2023-40131 Use After Free vulnerability in Google Android
In GpuService of GpuService.cpp, there is a possible use after free due to a race condition.
local
high complexity
google CWE-416
7.0
7.0
2023-10-27 CVE-2023-40140 Use After Free vulnerability in Google Android
In android_view_InputDevice_create of android_view_InputDevice.cpp, there is a possible way to execute arbitrary code due to a use after free.
local
low complexity
google CWE-416
7.8
7.8
2023-10-25 CVE-2023-5472 Use After Free vulnerability in multiple products
Use after free in Profiles in Google Chrome prior to 118.0.5993.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-416
8.8
8.8
2023-10-18 CVE-2023-35656 Out-of-bounds Read vulnerability in Google Android
In multiple functions of protocolembmsadapter.cpp, there is a possible out of bounds read due to a missing bounds check.
network
low complexity
google CWE-125
7.5
7.5
2023-10-18 CVE-2023-35663 Out-of-bounds Read vulnerability in Google Android
In Init of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check.
network
low complexity
google CWE-125
7.5
7.5
2023-10-11 CVE-2023-5218 Use After Free vulnerability in multiple products
Use after free in Site Isolation in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-416
8.8
8.8
2023-10-11 CVE-2023-5474 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in PDF in Google Chrome prior to 118.0.5993.70 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted PDF file.
network
low complexity
google debian CWE-787
8.8
8.8