Vulnerabilities > Google > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-08-01 CVE-2022-26430 Type Confusion vulnerability in multiple products
In mailbox, there is a possible out of bounds write due to type confusion.
local
low complexity
google yoctoproject CWE-843
6.7
6.7
2022-08-01 CVE-2022-26431 Out-of-bounds Write vulnerability in multiple products
In mailbox, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
google yoctoproject CWE-787
6.7
6.7
2022-08-01 CVE-2022-26432 Out-of-bounds Write vulnerability in multiple products
In mailbox, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
google yoctoproject CWE-787
6.7
6.7
2022-08-01 CVE-2022-26433 Type Confusion vulnerability in multiple products
In mailbox, there is a possible out of bounds write due to type confusion.
local
low complexity
google yoctoproject CWE-843
6.7
6.7
2022-08-01 CVE-2022-26434 Out-of-bounds Write vulnerability in multiple products
In mailbox, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
google yoctoproject CWE-787
6.7
6.7
2022-08-01 CVE-2022-26435 Type Confusion vulnerability in multiple products
In mailbox, there is a possible out of bounds write due to type confusion.
local
low complexity
google yoctoproject CWE-843
6.7
6.7
2022-08-01 CVE-2022-26436 Out-of-bounds Read vulnerability in Google Android 12.0
In emi mpu, there is a possible out of bounds read due to a missing bounds check.
local
low complexity
google CWE-125
4.4
4.4
2022-07-28 CVE-2022-2479 Improper Input Validation vulnerability in Google Chrome
Insufficient validation of untrusted input in File in Google Chrome on Android prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious app to obtain potentially sensitive information from internal file directories via a crafted HTML page.
network
low complexity
google CWE-20
4.3
4.3
2022-07-28 CVE-2022-2160 Race Condition vulnerability in multiple products
Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from a user's local files via a crafted HTML page.
network
low complexity
google fedoraproject CWE-362
6.5
6.5
2022-07-28 CVE-2022-2164 Inappropriate implementation in Extensions API in Google Chrome prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted HTML page.
network
low complexity
google fedoraproject
6.3
6.3