Vulnerabilities > Google > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-06-13 CVE-2024-32912 Unspecified vulnerability in Google Android
there is a possible persistent Denial of Service due to test/debugging code left in a production build.
local
low complexity
google
5.5
2024-06-13 CVE-2024-32918 Improper Privilege Management vulnerability in Google Android
Permission Bypass allowing attackers to disable HDCP 2.2 encryption by not completing the HDCP Key Exchange initialization steps
low complexity
google CWE-269
6.1
2024-06-11 CVE-2024-5839 Inappropriate Implementation in Memory Allocator in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject
6.5
2024-06-11 CVE-2024-5840 Policy bypass in CORS in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to bypass discretionary access control via a crafted HTML page.
network
low complexity
google fedoraproject
6.5
2024-06-11 CVE-2024-5843 Inappropriate implementation in Downloads in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to obfuscate security UI via a malicious file.
network
low complexity
google fedoraproject
6.5
2024-05-15 CVE-2024-4948 Use After Free vulnerability in multiple products
Use after free in Dawn in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
6.5
2024-05-15 CVE-2024-4949 Use After Free vulnerability in multiple products
Use after free in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
6.5
2024-05-15 CVE-2024-4950 Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products
Inappropriate implementation in Downloads in Google Chrome prior to 125.0.6422.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page.
network
low complexity
google fedoraproject CWE-1021
6.5
2024-05-07 CVE-2024-0022 Unspecified vulnerability in Google Android 13.0/14.0
In multiple functions of CompanionDeviceManagerService.java, there is a possible launch NotificationAccessConfirmationActivity of another user profile due to improper input validation.
local
low complexity
google
5.5
2024-05-07 CVE-2024-0026 Allocation of Resources Without Limits or Throttling vulnerability in Google Android
In multiple functions of SnoozeHelper.java, there is a possible persistent denial of service due to resource exhaustion.
local
low complexity
google CWE-770
5.5