Vulnerabilities > Google > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-06 | CVE-2023-6512 | Inappropriate implementation in Web Browser UI in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to potentially spoof the contents of an iframe dialog context menu via a crafted HTML page. | 6.5 |
| 2023-12-04 | CVE-2023-35668 | Unspecified vulnerability in Google Android In visitUris of Notification.java, there is a possible way to display images from another user due to a confused deputy. | 5.5 |
| 2023-12-04 | CVE-2023-40073 | Unspecified vulnerability in Google Android In visitUris of Notification.java, there is a possible cross-user media read due to Confused Deputy. | 5.5 |
| 2023-12-04 | CVE-2023-40074 | Unspecified vulnerability in Google Android In saveToXml of PersistableBundle.java, invalid data could lead to local persistent denial of service with no additional execution privileges needed. | 5.5 |
| 2023-12-04 | CVE-2023-40075 | Unspecified vulnerability in Google Android In forceReplaceShortcutInner of ShortcutPackage.java, there is a possible way to register unlimited packages due to a missing bounds check. | 5.5 |
| 2023-12-04 | CVE-2023-40076 | Unspecified vulnerability in Google Android 14.0 In createPendingIntent of CredentialManagerUi.java, there is a possible way to access credentials from other users due to a permissions bypass. | 5.5 |
| 2023-12-04 | CVE-2023-40081 | Unspecified vulnerability in Google Android In loadMediaDataInBgForResumption of MediaDataManager.kt, there is a possible way to view another user's images due to a confused deputy. | 5.5 |
| 2023-12-04 | CVE-2023-40083 | Out-of-bounds Read vulnerability in Google Android In parse_gap_data of utils.cc, there is a possible out of bounds read due to a missing bounds check. | 5.5 |
| 2023-12-04 | CVE-2023-40090 | Information Exposure Through Discrepancy vulnerability in Google Android In BTM_BleVerifySignature of btm_ble.cc, there is a possible way to bypass signature validation due to side channel information disclosure. | 6.5 |
| 2023-12-04 | CVE-2023-40092 | Unspecified vulnerability in Google Android In verifyShortcutInfoPackage of ShortcutService.java, there is a possible way to see another user's image due to a confused deputy. | 5.5 |