Filtered by vendor Google
Subscribe
Total
10294 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-5777 | 4 Debian, Fedoraproject, Google and 1 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2021-07-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. | |||||
| CVE-2019-5781 | 4 Debian, Fedoraproject, Google and 1 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2021-07-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. | |||||
| CVE-2019-5775 | 4 Debian, Fedoraproject, Google and 1 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2021-07-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. | |||||
| CVE-2019-5776 | 4 Debian, Fedoraproject, Google and 1 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2021-07-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. | |||||
| CVE-2019-20569 | 1 Google | 1 Android | 2021-07-21 | 2.1 LOW | 6.2 MEDIUM |
| An issue was discovered on Samsung mobile devices with P(9.0) software. Attackers can bypass Factory Reset Protection (FRP) via the status bar. The Samsung ID is SVE-2019-15089 (September 2019). | |||||
| CVE-2019-5782 | 4 Debian, Fedoraproject, Google and 1 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2021-07-21 | 6.8 MEDIUM | 8.8 HIGH |
| Incorrect optimization assumptions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | |||||
| CVE-2019-5773 | 4 Debian, Fedoraproject, Google and 1 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2021-07-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient origin validation in IndexedDB in Google Chrome prior to 72.0.3626.81 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. | |||||
| CVE-2019-9361 | 1 Google | 1 Android | 2021-07-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111762807 | |||||
| CVE-2019-20624 | 1 Google | 1 Android | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. S-Voice leaks keyboard learned words via the lock screen. The Samsung ID is SVE-2018-12981 (February 2019). | |||||
| CVE-2019-5774 | 5 Debian, Fedoraproject, Google and 2 more | 7 Debian Linux, Fedora, Chrome and 4 more | 2021-07-21 | 6.8 MEDIUM | 8.8 HIGH |
| Omission of the .desktop filetype from the Safe Browsing checklist in SafeBrowsing in Google Chrome on Linux prior to 72.0.3626.81 allowed an attacker who convinced a user to download a .desktop file to execute arbitrary code via a downloaded .desktop file. | |||||
| CVE-2020-6453 | 1 Google | 1 Chrome | 2021-07-21 | 6.8 MEDIUM | 8.8 HIGH |
| Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2019-9416 | 1 Google | 1 Android | 2021-07-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libstagefright there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111804142 | |||||
| CVE-2019-2029 | 1 Google | 1 Android | 2021-07-21 | 6.8 MEDIUM | 8.8 HIGH |
| In btm_proc_smp_cback of tm_ble.cc, there is a possible memory corruption due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-120612744. | |||||
| CVE-2020-0050 | 1 Google | 1 Android | 2021-07-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| In nfa_hciu_send_msg of nfa_hci_utils.cc, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege in the NFC server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-124521372 | |||||
| CVE-2020-10833 | 1 Google | 1 Android | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with Q(10.0) software. The DeX Lockscreen allows attackers to access the quick panel and notifications. The Samsung ID is SVE-2019-16532 (March 2020). | |||||
| CVE-2020-0051 | 1 Google | 1 Android | 2021-07-21 | 4.4 MEDIUM | 7.8 HIGH |
| In onCreate of SettingsHomepageActivity, there is a possible tapjacking attack. This could lead to local escalation of privilege in Settings with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-138442483 | |||||
| CVE-2020-0126 | 1 Google | 1 Android | 2021-07-21 | 6.9 MEDIUM | 6.4 MEDIUM |
| In multiple functions in DrmPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local code execution with System execution privileges required. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-137878930 | |||||
| CVE-2019-20772 | 1 Google | 1 Android | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. The Account subsystem allows authorization bypass. The LG ID is LVE-SMP-190007 (August 2019). | |||||
| CVE-2020-10832 | 1 Google | 1 Android | 2021-07-21 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered on Samsung mobile devices with P(9.0) (Exynos chipsets) software. Kernel Wi-Fi drivers allow out-of-bounds Read or Write operations (e.g., a buffer overflow). The Samsung IDs are SVE-2019-16125, SVE-2019-16134, SVE-2019-16158, SVE-2019-16159, SVE-2019-16319, SVE-2019-16320, SVE-2019-16337, SVE-2019-16464, SVE-2019-16465, SVE-2019-16467 (March 2020). | |||||
| CVE-2020-0366 | 1 Google | 1 Android | 2021-07-21 | 6.8 MEDIUM | 7.8 HIGH |
| In PackageInstaller, there is a possible permissions bypass due to a tapjacking vulnerability. This could lead to local escalation of privilege using an app set as the default Assist app with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-138443815 | |||||