Vulnerabilities > Google > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-08 | CVE-2021-37976 | Missing Authorization vulnerability in multiple products Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | 6.5 |
| 2021-10-08 | CVE-2021-30630 | Origin Validation Error vulnerability in multiple products Inappropriate implementation in Blink in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. | 4.3 |
| 2021-10-07 | CVE-2021-41130 | Authentication Bypass by Spoofing vulnerability in Google Extensible Service Proxy Extensible Service Proxy, a.k.a. | 5.4 |
| 2021-10-06 | CVE-2021-25467 | Classic Buffer Overflow vulnerability in Google Android 11.0 Assuming system privilege is gained, possible buffer overflow vulnerabilities in the Vision DSP kernel driver prior to SMR Oct-2021 Release 1 allows privilege escalation to Root by hijacking loaded library. | 6.7 |
| 2021-10-06 | CVE-2021-25468 | Unspecified vulnerability in Google Android 10.0/11.0 A possible guessing and confirming a byte memory vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows attackers to read arbitrary memory address. | 4.4 |
| 2021-10-06 | CVE-2021-25469 | Out-of-bounds Write vulnerability in Google Android 10.0/11.0 A possible stack-based buffer overflow vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows arbitrary code execution. | 6.7 |
| 2021-10-06 | CVE-2021-25473 | Improper Handling of Exceptional Conditions vulnerability in Google Android 11.0 Assuming a shell privilege is gained, an improper exception handling for multi_sim_bar_hide_by_meadia_full value in SystemUI prior to SMR Oct-2021 Release 1 allows an attacker to cause a permanent denial of service in user device before factory reset. | 4.4 |
| 2021-10-06 | CVE-2021-25474 | Improper Handling of Exceptional Conditions vulnerability in Google Android 10.0/11.0 Assuming a shell privilege is gained, an improper exception handling for multi_sim_bar_show_on_qspanel value in SystemUI prior to SMR Oct-2021 Release 1 allows an attacker to cause a permanent denial of service in user device before factory reset. | 4.4 |
| 2021-10-06 | CVE-2021-25475 | Out-of-bounds Write vulnerability in Google Android 10.0/11.0 A possible heap-based buffer overflow vulnerability in DSP kernel driver prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution. | 6.7 |
| 2021-10-06 | CVE-2021-25476 | Unspecified vulnerability in Google Android 10.0/11.0 An information disclosure vulnerability in Widevine TA log prior to SMR Oct-2021 Release 1 allows attackers to bypass the ASLR protection mechanism in TEE. | 4.4 |