Vulnerabilities > Google > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-10-07 CVE-2024-20102 Out-of-bounds Read vulnerability in Google Android 13.0/14.0
In wlan driver, there is a possible out of bounds read due to improper input validation.
network
low complexity
google CWE-125
4.9
4.9
2024-09-27 CVE-2024-39431 Out-of-bounds Write vulnerability in Google Android 12.0/13.0/14.0
In UMTS RLC driver, there is a possible out of bounds write due to a missing bounds check.
low complexity
google CWE-787
4.5
4.5
2024-09-27 CVE-2024-39432 Out-of-bounds Write vulnerability in Google Android 12.0/13.0/14.0
In UMTS RLC driver, there is a possible out of bounds read due to a missing bounds check.
low complexity
google CWE-787
4.5
4.5
2024-09-27 CVE-2024-39433 Out-of-bounds Write vulnerability in Google Android 13.0/14.0
In drm service, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
google CWE-787
4.4
4.4
2024-09-27 CVE-2024-39434 Out-of-bounds Read vulnerability in Google Android 13.0/14.0
In drm service, there is a possible out of bounds read due to a missing bounds check.
local
low complexity
google CWE-125
4.4
4.4
2024-09-23 CVE-2023-7281 Unspecified vulnerability in Google Chrome
Inappropriate implementation in Compositing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform UI spoofing via a crafted HTML page.
network
low complexity
google
4.3
4.3
2024-09-23 CVE-2023-7282 Unspecified vulnerability in Google Chrome
Inappropriate implementation in Navigation in Google Chrome prior to 113.0.5672.63 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page.
network
low complexity
google
4.3
4.3
2024-09-23 CVE-2024-7019 Unspecified vulnerability in Google Chrome
Inappropriate implementation in UI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page.
network
low complexity
google
4.3
4.3
2024-09-23 CVE-2024-7020 Unspecified vulnerability in Google Chrome
Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page.
network
low complexity
google
4.3
4.3
2024-09-23 CVE-2024-7022 Use of Uninitialized Resource vulnerability in Google Chrome
Uninitialized Use in V8 in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.
network
low complexity
google CWE-908
4.3
4.3