Vulnerabilities > Google > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-23 | CVE-2024-7019 | Unspecified vulnerability in Google Chrome Inappropriate implementation in UI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. | 4.3 |
| 2024-09-23 | CVE-2024-7020 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page. | 4.3 |
| 2024-09-23 | CVE-2024-7022 | Use of Uninitialized Resource vulnerability in Google Chrome Uninitialized Use in V8 in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. | 4.3 |
| 2024-09-17 | CVE-2024-8906 | Unspecified vulnerability in Google Chrome Incorrect security UI in Downloads in Google Chrome prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. | 4.3 |
| 2024-09-17 | CVE-2024-8907 | Cross-site Scripting vulnerability in Google Chrome Insufficient data validation in Omnibox in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML (XSS) via a crafted set of UI gestures. | 6.1 |
| 2024-09-17 | CVE-2024-8908 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Autofill in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. | 4.3 |
| 2024-09-17 | CVE-2024-8909 | Unspecified vulnerability in Google Chrome Inappropriate implementation in UI in Google Chrome on iOS prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. | 4.3 |
| 2024-09-13 | CVE-2024-44096 | Insecure Default Initialization of Resource vulnerability in Google Android there is a possible arbitrary read due to an insecure default value. | 4.4 |
| 2024-09-11 | CVE-2024-40656 | Unspecified vulnerability in Google Android In handleCreateConferenceComplete of ConnectionServiceWrapper.java, there is a possible way to reveal images across users due to a confused deputy. | 5.5 |
| 2024-09-11 | CVE-2024-40659 | Unspecified vulnerability in Google Android 14.0 In getRegistration of RemoteProvisioningService.java, there is a possible way to permanently disable the AndroidKeyStore key generation feature by updating the attestation keys of all installed apps due to improper input validation. | 5.5 |