Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-13 | CVE-2024-43085 | Unspecified vulnerability in Google Android In handleMessage of UsbDeviceManager.java, there is a possible method to access device contents over USB without unlocking the device due to a logic error in the code. | 7.8 |
| 2024-11-13 | CVE-2024-43087 | Unspecified vulnerability in Google Android In getInstalledAccessibilityPreferences of AccessibilitySettings.java, there is a possible way to hide an enabled accessibility service in the accessibility service settings due to a logic error in the code. | 7.8 |
| 2024-11-13 | CVE-2024-43088 | Missing Authorization vulnerability in Google Android In multiple functions in AppInfoBase.java, there is a possible way to manipulate app permission settings belonging to another user on the device due to a missing permission check. | 7.8 |
| 2024-11-13 | CVE-2024-43089 | Missing Authorization vulnerability in Google Android In updateInternal of MediaProvider.java , there is a possible access of another app's files due to a missing permission check. | 7.8 |
| 2024-11-13 | CVE-2024-43093 | Unspecified vulnerability in Google Android In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. | 7.8 |
| 2024-11-12 | CVE-2024-11112 | Use After Free vulnerability in Google Chrome Use after free in Media in Google Chrome on Windows prior to 131.0.6778.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2024-11-12 | CVE-2024-11113 | Use After Free vulnerability in Google Chrome Use after free in Accessibility in Google Chrome prior to 131.0.6778.69 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2024-11-12 | CVE-2024-11114 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Views in Google Chrome on Windows prior to 131.0.6778.69 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 8.3 |
| 2024-11-12 | CVE-2024-11115 | Unspecified vulnerability in Google Chrome Insufficient policy enforcement in Navigation in Google Chrome on iOS prior to 131.0.6778.69 allowed a remote attacker to perform privilege escalation via a series of UI gestures. | 8.8 |
| 2024-11-06 | CVE-2024-10826 | Use After Free vulnerability in Google Chrome Use after free in Family Experiences in Google Chrome on Android prior to 130.0.6723.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |