Vulnerabilities > Google > High

DATE CVE VULNERABILITY TITLE RISK
2023-03-07 CVE-2023-1222 Out-of-bounds Write vulnerability in Google Chrome
Heap buffer overflow in Web Audio API in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-787
8.8
8.8
2023-03-07 CVE-2023-1227 Use After Free vulnerability in Google Chrome
Use after free in Core in Google Chrome on Lacros prior to 111.0.5563.64 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction.
network
low complexity
google CWE-416
8.8
8.8
2023-03-01 CVE-2023-0460 Unsafe Reflection vulnerability in Google Youtube Android Player API 1.2/1.2.2
The YouTube Embedded 1.2 SDK binds to a service within the YouTube Main App.
local
low complexity
google CWE-470
7.3
7.3
2023-02-28 CVE-2023-20933 Use After Free vulnerability in Google Android
In several functions of MediaCodec.cpp, there is a possible way to corrupt memory due to a use after free.
local
low complexity
google CWE-416
7.8
7.8
2023-02-28 CVE-2023-20934 Unspecified vulnerability in Google Android 12.0/12.1/13.0
In resolveAttributionSource of ServiceUtilities.cpp, there is a possible way to disable the microphone privacy indicator due to a permissions bypass.
local
low complexity
google
7.8
7.8
2023-02-28 CVE-2023-20937 Use After Free vulnerability in Google Android
In several functions of the Android Linux kernel, there is a possible way to corrupt memory due to a use after free.
local
low complexity
google CWE-416
7.8
7.8
2023-02-28 CVE-2023-20938 Use After Free vulnerability in Google Android
In binder_transaction_buffer_release of binder.c, there is a possible use after free due to improper input validation.
local
low complexity
google CWE-416
7.8
7.8
2023-02-28 CVE-2023-20939 Improper Locking vulnerability in Google Android 12.0/12.1/13.0
In multiple functions of looper_backed_event_loop.cpp, there is a possible way to corrupt memory due to improper locking.
local
low complexity
google CWE-667
7.8
7.8
2023-02-28 CVE-2023-20940 Improper Verification of Cryptographic Signature vulnerability in Google Android 13.0
In the Android operating system, there is a possible way to replace a boot partition due to improperly used crypto.
local
low complexity
google CWE-347
7.8
7.8
2023-02-28 CVE-2023-20943 Path Traversal vulnerability in Google Android
In clearApplicationUserData of ActivityManagerService.java, there is a possible way to remove system files due to a path traversal error.
local
low complexity
google CWE-22
7.8
7.8