Vulnerabilities > Google > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-08-19 | CVE-2024-32928 | The libcurl CURLOPT_SSL_VERIFYPEER option was disabled on a subset of requests made by Nest production devices which enabled a potential man-in-the-middle attack on requests to Google cloud services by any host the traffic was routed through. | 5.9 |
2024-08-15 | CVE-2024-34742 | Unspecified vulnerability in Google Android 14.0 In shouldWrite of OwnersData.java, there is a possible edge case that prevents MDM policies from being persisted due to a logic error in the code. | 5.5 |
2024-08-06 | CVE-2024-6995 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Fullscreen in Google Chrome on Android prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 4.7 |
2024-08-06 | CVE-2024-6999 | Unspecified vulnerability in Google Chrome Inappropriate implementation in FedCM in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. | 4.3 |
2024-08-06 | CVE-2024-7001 | Unspecified vulnerability in Google Chrome Inappropriate implementation in HTML in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. | 4.3 |
2024-08-06 | CVE-2024-7003 | Unspecified vulnerability in Google Chrome Inappropriate implementation in FedCM in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. | 4.3 |
2024-08-06 | CVE-2024-7004 | Unspecified vulnerability in Google Chrome Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a malicious file. | 4.3 |
2024-08-06 | CVE-2024-7005 | Unspecified vulnerability in Google Chrome Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a malicious file. | 4.3 |
2024-07-16 | CVE-2020-36765 | Unspecified vulnerability in Google Chrome Insufficient policy enforcement in Navigation in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
2024-07-16 | CVE-2023-7013 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Chrome Inappropriate implementation in Compositing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. | 4.7 |