Vulnerabilities > Google > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-19 | CVE-2019-5754 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products Implementation error in QUIC Networking in Google Chrome prior to 72.0.3626.81 allowed an attacker running or able to cause use of a proxy server to obtain cleartext of transport encryption via malicious network proxy. | 6.5 |
| 2019-02-11 | CVE-2018-9594 | Integer Overflow or Wraparound vulnerability in Google Android In llcp_link_proc_agf_pdu of llcp_link.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to an integer overflow. | 6.5 |
| 2019-02-11 | CVE-2018-9593 | Out-of-bounds Read vulnerability in Google Android In llcp_dlc_proc_i_pdu of llcp_dlc.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to an incorrect bounds check. | 6.5 |
| 2019-02-11 | CVE-2018-9589 | Out-of-bounds Read vulnerability in Google Android In ieee802_11_rx_wnmsleep_req of wnm_ap.c in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to a missing bounds check. | 5.5 |
| 2019-02-11 | CVE-2018-9588 | Out-of-bounds Read vulnerability in Google Android In avdt_scb_hdl_report of avdt_scb_act.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to a missing bounds check. | 6.5 |
| 2019-02-11 | CVE-2018-12011 | Use of Uninitialized Resource vulnerability in Google Android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Uninitialized data for socket address leads to information exposure. | 5.5 |
| 2019-02-11 | CVE-2018-12006 | Information Exposure vulnerability in Google Android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Users with no extra privileges can potentially access leaked data due to uninitialized padding present in display function. | 5.5 |
| 2019-01-09 | CVE-2018-6179 | Information Exposure vulnerability in multiple products Insufficient enforcement of file access permission in the activeTab case in Extensions in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system via a crafted Chrome Extension. | 6.5 |
| 2019-01-09 | CVE-2018-6178 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products Eliding from the wrong side in an infobar in DevTools in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to Hide Chrome Security UI via a crafted Chrome Extension. | 4.3 |
| 2019-01-09 | CVE-2018-6175 | Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. | 6.5 |