Filtered by vendor Google
Subscribe
Total
10294 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-37978 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2022-02-18 | 6.8 MEDIUM | 8.8 HIGH |
| Heap buffer overflow in Blink in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-37977 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2022-02-18 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-37984 | 2 Debian, Google | 2 Debian Linux, Chrome | 2022-02-18 | 6.8 MEDIUM | 8.8 HIGH |
| Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-38014 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2022-02-18 | 6.8 MEDIUM | 8.8 HIGH |
| Out of bounds write in Swiftshader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-38003 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2022-02-18 | 6.8 MEDIUM | 8.8 HIGH |
| Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-23425 | 2 Google, Samsung | 2 Android, Exynos | 2022-02-18 | 7.5 HIGH | 9.8 CRITICAL |
| Improper input validation in Exynos baseband prior to SMR Feb-2022 Release 1 allows attackers to send arbitrary NAS signaling messages with fake base station. | |||||
| CVE-2022-22292 | 1 Google | 1 Android | 2022-02-18 | 4.6 MEDIUM | 7.8 HIGH |
| Unprotected dynamic receiver in Telecom prior to SMR Feb-2022 Release 1 allows untrusted applications to launch arbitrary activity. | |||||
| CVE-2022-22291 | 1 Google | 1 Android | 2022-02-18 | 2.1 LOW | 5.5 MEDIUM |
| Logging of excessive data vulnerability in telephony prior to SMR Feb-2022 Release 1 allows privileged attackers to get Cell Location Information through log of user device. | |||||
| CVE-2022-23428 | 2 Google, Samsung | 2 Android, Exynos | 2022-02-18 | 7.2 HIGH | 7.8 HIGH |
| An improper boundary check in eden_runtime hal service prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2022-23427 | 1 Google | 1 Android | 2022-02-18 | 3.6 LOW | 7.1 HIGH |
| PendingIntent hijacking vulnerability in KnoxPrivacyNoticeReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission via implicit Intent. | |||||
| CVE-2022-23426 | 1 Google | 1 Android | 2022-02-18 | 3.6 LOW | 6.0 MEDIUM |
| A vulnerability using PendingIntent in DeX Home and DeX for PC prior to SMR Feb-2022 Release 1 allows attackers to access files with system privilege. | |||||
| CVE-2022-23432 | 2 Google, Samsung | 2 Android, Exynos | 2022-02-18 | 4.6 MEDIUM | 6.7 MEDIUM |
| An improper input validation in SMC_SRPMB_WSM handler of RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2022-23431 | 2 Google, Samsung | 2 Android, Exynos | 2022-02-18 | 4.6 MEDIUM | 6.7 MEDIUM |
| An improper boundary check in RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2022-23434 | 2 Google, Samsung | 2 Android, Bixby | 2022-02-18 | 2.1 LOW | 3.3 LOW |
| A vulnerability using PendingIntent in Bixby Vision prior to versions 3.7.60.8 in Android S(12), 3.7.50.6 in Andorid R(11) and below allows attackers to execute privileged action by hijacking and modifying the intent. | |||||
| CVE-2022-23429 | 1 Google | 1 Android | 2022-02-18 | 3.6 LOW | 4.4 MEDIUM |
| An improper boundary check in audio hal service prior to SMR Feb-2022 Release 1 allows attackers to read invalid memory and it leads to application crash. | |||||
| CVE-2022-23433 | 2 Google, Samsung | 2 Android, Reminder | 2022-02-18 | 5.0 MEDIUM | 5.3 MEDIUM |
| Improper access control vulnerability in Reminder prior to versions 12.3.01.3000 in Android S(12), 12.2.05.6000 in Android R(11) and 11.6.08.6000 in Andoid Q(10) allows attackers to register reminders or execute exporeted activities remotely. | |||||
| CVE-2021-39665 | 1 Google | 1 Android | 2022-02-18 | 4.3 MEDIUM | 6.5 MEDIUM |
| In checkSpsUpdated of AAVCAssembler.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-204077881 | |||||
| CVE-2021-39687 | 1 Google | 1 Android | 2022-02-18 | 2.1 LOW | 5.5 MEDIUM |
| In HandleTransactionIoEvent of actuator_driver.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-204421047References: N/A | |||||
| CVE-2021-4100 | 1 Google | 1 Chrome | 2022-02-18 | 6.8 MEDIUM | 8.8 HIGH |
| Object lifecycle issue in ANGLE in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-4099 | 1 Google | 1 Chrome | 2022-02-18 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||