Vulnerabilities > Google > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-10 | CVE-2019-13738 | Improper Privilege Management vulnerability in multiple products Insufficient policy enforcement in navigation in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass site isolation via a crafted HTML page. | 6.5 |
| 2019-12-10 | CVE-2019-13737 | Information Exposure vulnerability in multiple products Insufficient policy enforcement in autocomplete in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | 6.5 |
| 2019-12-10 | CVE-2019-13672 | Unspecified vulnerability in Google Chrome Incorrect security UI in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page on iOS. | 6.5 |
| 2019-12-06 | CVE-2019-9464 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android 10.0 In various functions of RecentLocationApps.java, DevicePolicyManagerService.java, and RecognitionService.java, there is an incorrect warning indicating an app accessed the user's location. | 5.5 |
| 2019-12-06 | CVE-2019-2231 | Missing Encryption of Sensitive Data vulnerability in Google Android 10.0/9.0 In Blob::Blob of blob.cpp, there is a possible unencrypted master key due to improper input validation. | 4.4 |
| 2019-12-06 | CVE-2019-2229 | Missing Authorization vulnerability in Google Android In updateWidget of BaseWidgetProvider.java, there is a possible leak of user data due to a missing permission check. | 5.5 |
| 2019-12-06 | CVE-2019-2228 | Out-of-bounds Read vulnerability in Google Android In array_find of array.c, there is a possible out-of-bounds read due to an incorrect bounds check. | 5.5 |
| 2019-12-06 | CVE-2019-2227 | Out-of-bounds Read vulnerability in Google Android 10.0/9.0 In DeepCopy of btif_av.cc, there is a possible out of bounds read due to improper casting. | 6.5 |
| 2019-12-06 | CVE-2019-2226 | Out-of-bounds Read vulnerability in Google Android In device_class_to_int of device_class.cc, there is a possible out of bounds read due to improper casting. | 5.5 |
| 2019-12-06 | CVE-2019-2220 | Unspecified vulnerability in Google Android 10.0/9.0 In checkOperation of AppOpsService.java, there is a possible bypass of user interaction requirements due to mishandling application suspend. | 5.5 |