Vulnerabilities > Google > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-09-27 | CVE-2024-39434 | Out-of-bounds Read vulnerability in Google Android 13.0/14.0 In drm service, there is a possible out of bounds read due to a missing bounds check. | 4.4 |
2024-09-17 | CVE-2024-8906 | Unspecified vulnerability in Google Chrome Incorrect security UI in Downloads in Google Chrome prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. | 4.3 |
2024-09-17 | CVE-2024-8907 | Cross-site Scripting vulnerability in Google Chrome Insufficient data validation in Omnibox in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML (XSS) via a crafted set of UI gestures. | 6.1 |
2024-09-17 | CVE-2024-8908 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Autofill in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. | 4.3 |
2024-09-17 | CVE-2024-8909 | Unspecified vulnerability in Google Chrome Inappropriate implementation in UI in Google Chrome on iOS prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. | 4.3 |
2024-09-13 | CVE-2024-44096 | Insecure Default Initialization of Resource vulnerability in Google Android there is a possible arbitrary read due to an insecure default value. | 4.4 |
2024-09-11 | CVE-2024-40656 | Unspecified vulnerability in Google Android In handleCreateConferenceComplete of ConnectionServiceWrapper.java, there is a possible way to reveal images across users due to a confused deputy. | 5.5 |
2024-09-11 | CVE-2024-40659 | Unspecified vulnerability in Google Android 14.0 In getRegistration of RemoteProvisioningService.java, there is a possible way to permanently disable the AndroidKeyStore key generation feature by updating the attestation keys of all installed apps due to improper input validation. | 5.5 |
2024-09-02 | CVE-2024-20084 | Out-of-bounds Read vulnerability in multiple products In power, there is a possible out of bounds read due to a missing bounds check. | 4.4 |
2024-09-02 | CVE-2024-20085 | Out-of-bounds Read vulnerability in multiple products In power, there is a possible out of bounds read due to a missing bounds check. | 4.4 |