Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-16 | CVE-2022-42534 | Improper Input Validation vulnerability in Google Android In trusty_ffa_mem_reclaim of shared-mem-smcall.c, there is a possible privilege escalation due to improper input validation. | 7.8 |
| 2022-12-16 | CVE-2022-42544 | Injection vulnerability in Google Android 13.0 In getView of AddAppNetworksFragment.java, there is a possible way to mislead the user about network add requests due to improper input validation. | 7.8 |
| 2022-12-14 | CVE-2022-4436 | Use After Free vulnerability in Google Chrome Use after free in Blink Media in Google Chrome prior to 108.0.5359.124 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-12-14 | CVE-2022-4437 | Use After Free vulnerability in Google Chrome Use after free in Mojo IPC in Google Chrome prior to 108.0.5359.124 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-12-14 | CVE-2022-4438 | Use After Free vulnerability in Google Chrome Use after free in Blink Frames in Google Chrome prior to 108.0.5359.124 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-12-14 | CVE-2022-4439 | Use After Free vulnerability in Google Chrome Use after free in Aura in Google Chrome on Windows prior to 108.0.5359.124 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions. | 8.8 |
| 2022-12-14 | CVE-2022-4440 | Use After Free vulnerability in Google Chrome Use after free in Profiles in Google Chrome prior to 108.0.5359.124 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-12-13 | CVE-2021-39660 | Race Condition vulnerability in Google Android In TBD of TBD, there is a possible way to archive arbitrary code execution in kernel due to a race condition. | 7.0 |
| 2022-12-13 | CVE-2022-20411 | Out-of-bounds Write vulnerability in Google Android In avdt_msg_asmbl of avdt_msg.cc, there is a possible out of bounds write due to a missing bounds check. | 8.8 |
| 2022-12-13 | CVE-2022-20442 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/11.0/12.0 In onCreate of ReviewPermissionsActivity.java, there is a possible way to grant permissions for a separate app with API level < 23 due to a tapjacking/overlay attack. | 7.3 |