Vulnerabilities > Google > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-12-08 CVE-2023-48408 Out-of-bounds Read vulnerability in Google Android
In ProtocolNetSimFileInfoAdapter() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check.
local
low complexity
google CWE-125
5.5
2023-12-08 CVE-2023-48411 Out-of-bounds Read vulnerability in Google Android
In SignalStrengthAdapter::FillGsmSignalStrength() of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check.
local
low complexity
google CWE-125
5.5
2023-12-08 CVE-2023-48412 Unspecified vulnerability in Google Android
In private_handle_t of mali_gralloc_buffer.h, there is a possible information leak due to a logic error in the code.
local
low complexity
google
5.5
2023-12-08 CVE-2023-48413 Out-of-bounds Read vulnerability in Google Android
In Init of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check.
network
low complexity
google CWE-125
4.9
2023-12-08 CVE-2023-48414 Use After Free vulnerability in Google Android
In the Pixel Camera Driver, there is a possible use after free due to a logic error in the code.
local
low complexity
google CWE-416
6.7
2023-12-08 CVE-2023-48415 Out-of-bounds Read vulnerability in Google Android
In Init of protocolembmsadapter.cpp, there is a possible out of bounds read due to a missing bounds check.
local
low complexity
google CWE-125
5.5
2023-12-08 CVE-2023-48420 Race Condition vulnerability in Google Android
there is a possible use after free due to a race condition.
local
high complexity
google CWE-362
6.4
2023-12-08 CVE-2023-48422 Out-of-bounds Read vulnerability in Google Android
In Init of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check.
local
low complexity
google CWE-125
5.5
2023-12-08 CVE-2023-45866 Improper Authentication vulnerability in multiple products
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access.
6.3
2023-12-06 CVE-2023-6511 Inappropriate implementation in Autofill in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page.
network
low complexity
debian fedoraproject google
4.3