Vulnerabilities > Google > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-08 | CVE-2023-45866 | Improper Authentication vulnerability in multiple products Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. | 6.3 |
| 2023-12-06 | CVE-2023-6511 | Inappropriate implementation in Autofill in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. | 4.3 |
| 2023-12-06 | CVE-2023-6512 | Inappropriate implementation in Web Browser UI in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to potentially spoof the contents of an iframe dialog context menu via a crafted HTML page. | 6.5 |
| 2023-12-04 | CVE-2023-35668 | Unspecified vulnerability in Google Android In visitUris of Notification.java, there is a possible way to display images from another user due to a confused deputy. | 5.5 |
| 2023-12-04 | CVE-2023-40073 | Unspecified vulnerability in Google Android In visitUris of Notification.java, there is a possible cross-user media read due to Confused Deputy. | 5.5 |
| 2023-12-04 | CVE-2023-40074 | Unspecified vulnerability in Google Android In saveToXml of PersistableBundle.java, invalid data could lead to local persistent denial of service with no additional execution privileges needed. | 5.5 |
| 2023-12-04 | CVE-2023-40075 | Unspecified vulnerability in Google Android In forceReplaceShortcutInner of ShortcutPackage.java, there is a possible way to register unlimited packages due to a missing bounds check. | 5.5 |
| 2023-12-04 | CVE-2023-40076 | Unspecified vulnerability in Google Android 14.0 In createPendingIntent of CredentialManagerUi.java, there is a possible way to access credentials from other users due to a permissions bypass. | 5.5 |
| 2023-12-04 | CVE-2023-40081 | Unspecified vulnerability in Google Android In loadMediaDataInBgForResumption of MediaDataManager.kt, there is a possible way to view another user's images due to a confused deputy. | 5.5 |
| 2023-12-04 | CVE-2023-40083 | Out-of-bounds Read vulnerability in Google Android In parse_gap_data of utils.cc, there is a possible out of bounds read due to a missing bounds check. | 5.5 |