Vulnerabilities > Google > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-06-13 CVE-2024-32898 Out-of-bounds Read vulnerability in Google Android
In ProtocolCellIdentityParserV4::Parse() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check.
local
high complexity
google CWE-125
4.7
2024-06-13 CVE-2024-32904 Out-of-bounds Read vulnerability in Google Android
In ProtocolVsimOperationAdapter() of protocolvsimadapter.cpp, there is a possible out of bounds read due to a missing bounds check.
local
high complexity
google CWE-125
4.7
2024-06-13 CVE-2024-32910 Use of Uninitialized Resource vulnerability in Google Android
In handle_msg_shm_map_req of trusty/user/base/lib/spi/srv/tipc/tipc.c, there is a possible stack data disclosure due to uninitialized data.
local
low complexity
google CWE-908
5.5
2024-06-13 CVE-2024-32912 Unspecified vulnerability in Google Android
there is a possible persistent Denial of Service due to test/debugging code left in a production build.
local
low complexity
google
5.5
2024-06-13 CVE-2024-32918 Improper Privilege Management vulnerability in Google Android
Permission Bypass allowing attackers to disable HDCP 2.2 encryption by not completing the HDCP Key Exchange initialization steps
low complexity
google CWE-269
6.1
2024-06-11 CVE-2024-5839 Inappropriate Implementation in Memory Allocator in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject
6.5
2024-06-11 CVE-2024-5840 Policy bypass in CORS in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to bypass discretionary access control via a crafted HTML page.
network
low complexity
google fedoraproject
6.5
2024-06-11 CVE-2024-5843 Inappropriate implementation in Downloads in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to obfuscate security UI via a malicious file.
network
low complexity
google fedoraproject
6.5
2024-04-17 CVE-2024-3838 Unspecified vulnerability in Google Chrome
Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed an attacker who convinced a user to install a malicious app to perform UI spoofing via a crafted app.
local
low complexity
google
5.5
2024-04-17 CVE-2024-3839 Out-of-bounds Read vulnerability in Google Chrome
Out of bounds read in Fonts in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
network
low complexity
google CWE-125
6.5