Google Software and search
Products by Google Sorted by Most Security Vulnerabilities since 2018
Google BoringSSL1 vulnerability
BoringSSL is a fork of OpenSSL that is designed to meet Google's needs.
Recent Google Security Advisories
Known Exploited Google Vulnerabilities
The following Google vulnerabilities have recently been marked by CISA as Known to be Exploited by threat actors.
Title | Description | Added |
---|---|---|
Google Skia Integer Overflow Vulnerability | Google Skia contains an integer overflow vulnerability affecting Google Chrome and ChromeOS, Android, Flutter, and possibly other products. CVE-2023-6345 | November 30, 2023 |
Google Chrome libvpx Heap Buffer Overflow Vulnerability | Google Chrome libvpx contains a heap buffer overflow vulnerability in vp8 encoding that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2023-5217 | October 2, 2023 |
Google Chromium Heap-Based Buffer Overflow Vulnerability | Google Chromium contains a heap-based buffer overflow vulnerability in WebP that allows a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. CVE-2023-4863 | September 13, 2023 |
Google Chromium V8 Type Confusion Vulnerability | Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2023-3079 | June 7, 2023 |
Google Chrome Skia Integer Overflow Vulnerability | Google Chrome Skia contains an integer overflow vulnerability. Specific impacts from exploitation are not available at this time. This vulnerability resides in Skia which serves as the graphics engine for Google Chrome and ChromeOS, Android, Flutter, and other products. CVE-2023-2136 | April 21, 2023 |
Google Chromium V8 Engine Type Confusion Vulnerability | Google Chromium V8 contains a type confusion vulnerability. Specific impacts from exploitation are not available at this time. CVE-2023-2033 | April 17, 2023 |
Google Chrome Use-After-Free Vulnerability | Google Chrome contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption. CVE-2022-3038 | March 30, 2023 |
Google Chromium V8 Type Confusion Vulnerability | Google Chromium V8 contains a type confusion vulnerability. Specific impacts from exploitation are not available at this time. CVE-2022-4262 | December 5, 2022 |
Google Chrome Heap Buffer Overflow Vulnerability | Google Chrome GPU contains a heap buffer overflow vulnerability that allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2022-4135 | November 28, 2022 |
Google Chromium V8 Type Confusion Vulnerability | Google Chromium V8 contains a type confusion vulnerability. Specific impacts from exploitation are not available at this time. CVE-2022-3723 | October 28, 2022 |
Google Chromium Insufficient Data Validation Vulnerability | Google Chromium Mojo contains an insufficient data validation vulnerability. Impacts from exploitation are not yet known. This vulnerability affects web browsers that utilize Chromium, including Google Chrome and Microsoft Edge. CVE-2022-3075 | September 8, 2022 |
Google Chrome Intents Insufficient Input Validation Vulnerability | Google Chrome Intents allows for insufficient validation of untrusted input, causing unknown impacts. CISA will update this description if more information becomes available. CVE-2022-2856 | August 18, 2022 |
Google Chromium Security Bypass Vulnerability | Insufficient policy enforcement in the PopupBlocker for Chromium allows an attacker to remotely bypass security mechanisms. This vulnerability impacts web browsers using Chromium such as Chrome and Edge. CVE-2021-30533 | June 27, 2022 |
Google Chromium V8 Out-of-Bounds Memory Vulnerability | Google Chromium V8 Engine contains an out-of-bounds memory vulnerability. CVE-2016-5198 | June 8, 2022 |
Google Chromium V8 Out-of-Bounds Write Vulnerability | Google Chromium V8 contains an out-of-bounds write vulnerability which allows a remote attacker to potentially exploit heap corruption. CVE-2019-5825 | June 8, 2022 |
Google Chromium V8 Out-of-Bounds Read Vulnerability | Google Chromium V8 contains an out-of-bounds read vulnerability. CVE-2016-1646 | June 8, 2022 |
Google Chromium V8 Type Confusion Vulnerability | Google Chromium V8 Engine contains a type confusion vulnerability which allows a remote attacker to execute code inside a sandbox. CVE-2017-5070 | June 8, 2022 |
Google Chromium V8 Out-of-Bounds Write Vulnerability | Google Chromium V8 contains an out-of-bounds write vulnerability which allows a remote attacker to execute code inside a sandbox. CVE-2018-17480 | June 8, 2022 |
Google Chromium V8 Integer Overflow Vulnerability | Google Chromium V8 Engine contains an integer overflow vulnerability which allows a remote attacker to potentially exploit heap corruption. CVE-2018-6065 | June 8, 2022 |
Google Chromium V8 Memory Corruption Vulnerability | Google Chromium V8 Engine contains a memory corruption vulnerability which allows a remote attacker to execute code. CVE-2017-5030 | June 8, 2022 |
By the Year
In 2023 there have been 901 vulnerabilities in Google with an average score of 6.9 out of ten. Last year Google had 1385 security vulnerabilities published. Right now, Google is on track to have less security vulnerabilities in 2023 than it did last year. However, the average CVE base score of the vulnerabilities in 2023 is greater by 0.04.
Year | Vulnerabilities | Average Score |
---|---|---|
2023 | 901 | 6.93 |
2022 | 1385 | 6.89 |
2021 | 1123 | 7.02 |
2020 | 987 | 7.10 |
2019 | 808 | 7.11 |
2018 | 419 | 7.41 |
It may take a day or so for new Google vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Google Security Vulnerabilities
In visitUris of Notification.java, there is a possible way to display images from another user due to a confused deputy
CVE-2023-35668
5.5 - Medium
- December 04, 2023
In visitUris of Notification.java, there is a possible way to display images from another user due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
In visitUris of Notification.java, there is a possible cross-user media read due to Confused Deputy
CVE-2023-40073
5.5 - Medium
- December 04, 2023
In visitUris of Notification.java, there is a possible cross-user media read due to Confused Deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
In saveToXml of PersistableBundle.java
CVE-2023-40074
5.5 - Medium
- December 04, 2023
In saveToXml of PersistableBundle.java, invalid data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
In forceReplaceShortcutInner of ShortcutPackage.java, there is a possible way to register unlimited packages due to a missing bounds check
CVE-2023-40075
5.5 - Medium
- December 04, 2023
In forceReplaceShortcutInner of ShortcutPackage.java, there is a possible way to register unlimited packages due to a missing bounds check. This could lead to local denial of service which results in a boot loop with no additional execution privileges needed. User interaction is not needed for exploitation.
In createPendingIntent of CredentialManagerUi.java, there is a possible way to access credentials
CVE-2023-40076
5.5 - Medium
- December 04, 2023
In createPendingIntent of CredentialManagerUi.java, there is a possible way to access credentials from other users due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
In multiple functions of MetaDataBase.cpp, there is a possible UAF write due to a race condition
CVE-2023-40077
8.1 - High
- December 04, 2023
In multiple functions of MetaDataBase.cpp, there is a possible UAF write due to a race condition. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Race Condition
In a2dp_vendor_opus_decoder_decode_packet of a2dp_vendor_opus_decoder.cc
CVE-2023-40078
9.8 - Critical
- December 04, 2023
In a2dp_vendor_opus_decoder_decode_packet of a2dp_vendor_opus_decoder.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
In injectSendIntentSender of ShortcutService.java, there is a possible background activity launch due to a permissions bypass
CVE-2023-40079
7.8 - High
- December 04, 2023
In injectSendIntentSender of ShortcutService.java, there is a possible background activity launch due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
In multiple functions of btm_ble_gap.cc, there is a possible out of bounds write due to a logic error in the code
CVE-2023-40080
7.8 - High
- December 04, 2023
In multiple functions of btm_ble_gap.cc, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
In loadMediaDataInBgForResumption of MediaDataManager.kt, there is a possible way to view another user's images due to a confused deputy
CVE-2023-40081
5.5 - Medium
- December 04, 2023
In loadMediaDataInBgForResumption of MediaDataManager.kt, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
In modify_for_next_stage of fdt.rs, there is a possible way to render KASLR ineffective due to improperly used crypto
CVE-2023-40082
9.8 - Critical
- December 04, 2023
In modify_for_next_stage of fdt.rs, there is a possible way to render KASLR ineffective due to improperly used crypto. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
In parse_gap_data of utils.cc, there is a possible out of bounds read due to a missing bounds check
CVE-2023-40083
5.5 - Medium
- December 04, 2023
In parse_gap_data of utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.
Out-of-bounds Read
In run of MDnsSdListener.cpp, there is a possible memory corruption due to a use after free
CVE-2023-40084
7.8 - High
- December 04, 2023
In run of MDnsSdListener.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Dangling pointer
In transcodeQ*ToFloat of btif_avrcp_audio_track.cc, there is a possible out of bounds write due to a missing bounds check
CVE-2023-40087
8.8 - High
- December 04, 2023
In transcodeQ*ToFloat of btif_avrcp_audio_track.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
In callback_thread_event of com_android_bluetooth_btservice_AdapterService.cpp
CVE-2023-40088
8.8 - High
- December 04, 2023
In callback_thread_event of com_android_bluetooth_btservice_AdapterService.cpp, there is a possible memory corruption due to a use after free. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Dangling pointer
In getCredentialManagerPolicy of DevicePolicyManagerService.java
CVE-2023-40089
7.8 - High
- December 04, 2023
In getCredentialManagerPolicy of DevicePolicyManagerService.java, there is a possible method for users to select credential managers without permission due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
AuthZ
In BTM_BleVerifySignature of btm_ble.cc, there is a possible way to bypass signature validation due to side channel information disclosure
CVE-2023-40090
6.5 - Medium
- December 04, 2023
In BTM_BleVerifySignature of btm_ble.cc, there is a possible way to bypass signature validation due to side channel information disclosure. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Side Channel Attack
In onTransact of IncidentService.cpp, there is a possible out of bounds write due to memory corruption
CVE-2023-40091
7.8 - High
- December 04, 2023
In onTransact of IncidentService.cpp, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
In verifyShortcutInfoPackage of ShortcutService.java, there is a possible way to see another user's image due to a confused deputy
CVE-2023-40092
5.5 - Medium
- December 04, 2023
In verifyShortcutInfoPackage of ShortcutService.java, there is a possible way to see another user's image due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
In keyguardGoingAway of ActivityTaskManagerService.java, there is a possible lock screen bypass due to a missing permission check
CVE-2023-40094
7.8 - High
- December 04, 2023
In keyguardGoingAway of ActivityTaskManagerService.java, there is a possible lock screen bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
AuthZ
In createDontSendToRestrictedAppsBundle of PendingIntentUtils.java, there is a possible background activity launch due to a missing check
CVE-2023-40095
7.8 - High
- December 04, 2023
In createDontSendToRestrictedAppsBundle of PendingIntentUtils.java, there is a possible background activity launch due to a missing check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
In OpRecordAudioMonitor::onFirstRef of AudioRecordClient.cpp, there is a possible way to record audio
CVE-2023-40096
7.8 - High
- December 04, 2023
In OpRecordAudioMonitor::onFirstRef of AudioRecordClient.cpp, there is a possible way to record audio from the background due to a missing flag. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.
In hasPermissionForActivity of PackageManagerHelper.java, there is a possible URI grant due to improper input validation
CVE-2023-40097
7.8 - High
- December 04, 2023
In hasPermissionForActivity of PackageManagerHelper.java, there is a possible URI grant due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
Improper Input Validation
In mOnDone of NotificationConversationInfo.java
CVE-2023-40098
5.5 - Medium
- December 04, 2023
In mOnDone of NotificationConversationInfo.java, there is a possible way to access app notification data of another user due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
In multiple locations, there is a possible way to corrupt memory due to a double free
CVE-2023-40103
7.8 - High
- December 04, 2023
In multiple locations, there is a possible way to corrupt memory due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Double-free
In multiple functions of btm_ble_gap.cc, there is a possible out of bounds write due to a missing bounds check
CVE-2023-45773
7.8 - High
- December 04, 2023
In multiple functions of btm_ble_gap.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
In fixUpIncomingShortcutInfo of ShortcutService.java, there is a possible way to view another user's image due to a confused deputy
CVE-2023-45774
7.8 - High
- December 04, 2023
In fixUpIncomingShortcutInfo of ShortcutService.java, there is a possible way to view another user's image due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
In CreateAudioBroadcast of broadcaster.cc, there is a possible out of bounds write due to a missing bounds check
CVE-2023-45775
7.8 - High
- December 04, 2023
In CreateAudioBroadcast of broadcaster.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
In CreateAudioBroadcast of broadcaster.cc, there is a possible out of bounds write due to a missing bounds check
CVE-2023-45776
7.8 - High
- December 04, 2023
In CreateAudioBroadcast of broadcaster.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
In checkKeyIntentParceledCorrectly of AccountManagerService.java
CVE-2023-45777
7.8 - High
- December 04, 2023
In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to launch arbitrary activities using system privileges due to Parcel Mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
In TBD of TBD, there is a possible malicious update to platform components due to improperly used crypto
CVE-2023-45779
7.8 - High
- December 04, 2023
In TBD of TBD, there is a possible malicious update to platform components due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
In parse_gap_data of utils.cc, there is a possible out of bounds read due to a missing bounds check
CVE-2023-45781
5.5 - Medium
- December 04, 2023
In parse_gap_data of utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.
Out-of-bounds Read
There is information disclosure.
CVE-2023-21227
7.5 - High
- December 04, 2023
There is information disclosure.
There is elevation of privilege.
CVE-2023-21228
9.8 - Critical
- December 04, 2023
There is elevation of privilege.
There is elevation of privilege.
CVE-2023-21263
9.8 - Critical
- December 04, 2023
There is elevation of privilege.
There is elevation of privilege.
CVE-2023-21401
9.8 - Critical
- December 04, 2023
There is elevation of privilege.
There is elevation of privilege.
CVE-2023-21402
9.8 - Critical
- December 04, 2023
There is elevation of privilege.
There is elevation of privilege.
CVE-2023-21403
9.8 - Critical
- December 04, 2023
There is elevation of privilege.
There is elevation of privilege.
CVE-2023-35690
9.8 - Critical
- December 04, 2023
There is elevation of privilege.
There is elevation of privilege.
CVE-2023-21162
9.8 - Critical
- December 04, 2023
There is elevation of privilege.
There is elevation of privilege.
CVE-2023-21163
9.8 - Critical
- December 04, 2023
There is elevation of privilege.
There is elevation of privilege.
CVE-2023-21164
9.8 - Critical
- December 04, 2023
There is elevation of privilege.
There is elevation of privilege.
CVE-2023-21166
9.8 - Critical
- December 04, 2023
There is elevation of privilege.
There is elevation of privilege.
CVE-2023-21215
9.8 - Critical
- December 04, 2023
There is elevation of privilege.
There is elevation of privilege.
CVE-2023-21216
9.8 - Critical
- December 04, 2023
There is elevation of privilege.
There is elevation of privilege.
CVE-2023-21217
9.8 - Critical
- December 04, 2023
There is elevation of privilege.
There is elevation of privilege.
CVE-2023-21218
9.8 - Critical
- December 04, 2023
There is elevation of privilege.
A potential logging of the firestore key via logging within nodejs-firestore exists - Developers who were logging objects through this
CVE-2023-6460
5.5 - Medium
- December 04, 2023
A potential logging of the firestore key via logging within nodejs-firestore exists - Developers who were logging objects through this._settings would be logging the firestore key as well potentially exposing it to anyone with logs read access. We recommend upgrading to version 6.1.0 to avoid this issue
Insertion of Sensitive Information into Log File
Type Confusion in Spellcheck in Google Chrome prior to 119.0.6045.199
CVE-2023-6348
8.8 - High
- November 29, 2023
Type Confusion in Spellcheck in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Object Type Confusion
Use after free in libavif in Google Chrome prior to 119.0.6045.199
CVE-2023-6351
8.8 - High
- November 29, 2023
Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file. (Chromium security severity: High)
Dangling pointer
Integer overflow in Skia in Google Chrome prior to 119.0.6045.199
CVE-2023-6345
9.6 - Critical
- November 29, 2023
Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High)
Integer Overflow or Wraparound
Use after free in WebAudio in Google Chrome prior to 119.0.6045.199
CVE-2023-6346
8.8 - High
- November 29, 2023
Use after free in WebAudio in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Dangling pointer
Use after free in Mojo in Google Chrome prior to 119.0.6045.199
CVE-2023-6347
8.8 - High
- November 29, 2023
Use after free in Mojo in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Dangling pointer
Use after free in libavif in Google Chrome prior to 119.0.6045.199
CVE-2023-6350
8.8 - High
- November 29, 2023
Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file. (Chromium security severity: High)
Dangling pointer
Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159
CVE-2023-5997
8.8 - High
- November 15, 2023
Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Dangling pointer
Use after free in Navigation in Google Chrome prior to 119.0.6045.159
CVE-2023-6112
8.8 - High
- November 15, 2023
Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Dangling pointer
Use after free in WebAudio in Google Chrome prior to 119.0.6045.123
CVE-2023-5996
8.8 - High
- November 08, 2023
Use after free in WebAudio in Google Chrome prior to 119.0.6045.123 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Dangling pointer
Integer overflow in USB in Google Chrome prior to 119.0.6045.105
CVE-2023-5849
8.8 - High
- November 01, 2023
Integer overflow in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Integer Overflow or Wraparound
Incorrect security UI in Picture In Picture in Google Chrome prior to 119.0.6045.105
CVE-2023-5859
4.3 - Medium
- November 01, 2023
Incorrect security UI in Picture In Picture in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted local HTML page. (Chromium security severity: Low)
Origin Validation Error
Inappropriate implementation in WebApp Provider in Google Chrome prior to 119.0.6045.105
CVE-2023-5858
4.3 - Medium
- November 01, 2023
Inappropriate implementation in WebApp Provider in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low)
Origin Validation Error
Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105
CVE-2023-5857
8.8 - High
- November 01, 2023
Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially execute arbitrary code via a malicious file. (Chromium security severity: Medium)
Use after free in Side Panel in Google Chrome prior to 119.0.6045.105
CVE-2023-5856
8.8 - High
- November 01, 2023
Use after free in Side Panel in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
Dangling pointer
Use after free in Reading Mode in Google Chrome prior to 119.0.6045.105
CVE-2023-5855
8.8 - High
- November 01, 2023
Use after free in Reading Mode in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)
Dangling pointer
Use after free in Profiles in Google Chrome prior to 119.0.6045.105
CVE-2023-5854
8.8 - High
- November 01, 2023
Use after free in Profiles in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)
Dangling pointer
Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105
CVE-2023-5853
4.3 - Medium
- November 01, 2023
Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)
Origin Validation Error
Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105
CVE-2023-5851
4.3 - Medium
- November 01, 2023
Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)
Origin Validation Error
Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105
CVE-2023-5850
4.3 - Medium
- November 01, 2023
Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium)
Insufficient data validation in USB in Google Chrome prior to 119.0.6045.105
CVE-2023-5482
8.8 - High
- November 01, 2023
Insufficient data validation in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
Insufficient Verification of Data Authenticity
Inappropriate implementation in Payments in Google Chrome prior to 119.0.6045.105
CVE-2023-5480
6.1 - Medium
- November 01, 2023
Inappropriate implementation in Payments in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to bypass XSS preventions via a malicious file. (Chromium security severity: High)
XSS
Use after free in Printing in Google Chrome prior to 119.0.6045.105
CVE-2023-5852
8.8 - High
- November 01, 2023
Use after free in Printing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)
Dangling pointer
In Bluetooth, there is a possible way to corrupt memory due to a use after free
CVE-2023-21392
8.8 - High
- October 30, 2023
In Bluetooth, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege when connecting to a Bluetooth device with no additional execution privileges needed. User interaction is not needed for exploitation.
Dangling pointer
In Telephony, there is a possible way for a guest user to change the preferred SIM due to a missing permission check
CVE-2023-21373
7.8 - High
- October 30, 2023
In Telephony, there is a possible way for a guest user to change the preferred SIM due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
AuthZ
In System UI, there is a possible factory reset protection bypass due to a logic error in the code
CVE-2023-21374
7.8 - High
- October 30, 2023
In System UI, there is a possible factory reset protection bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
In libdexfile, there is a possible out of bounds read due to a missing bounds check
CVE-2023-21372
7.8 - High
- October 30, 2023
In libdexfile, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Out-of-bounds Read
In Sysproxy, there is a possible out of bounds write due to an integer underflow
CVE-2023-21375
7.8 - High
- October 30, 2023
In Sysproxy, there is a possible out of bounds write due to an integer underflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Integer Overflow or Wraparound
In Telephony, there is a possible way to retrieve the ICCID due to a logic error in the code
CVE-2023-21376
5.5 - Medium
- October 30, 2023
In Telephony, there is a possible way to retrieve the ICCID due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
In SELinux Policy, there is a possible restriction bypass due to a permissions bypass
CVE-2023-21377
5.5 - Medium
- October 30, 2023
In SELinux Policy, there is a possible restriction bypass due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
In Print Service, there is a possible background activity launch due to a logic error in the code
CVE-2023-45780
7.3 - High
- October 30, 2023
In Print Service, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
In collapse of canonicalize_md.c, there is a possible out of bounds read due to a missing bounds check
CVE-2023-40101
5.5 - Medium
- October 30, 2023
In collapse of canonicalize_md.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Out-of-bounds Read
In sdksandbox, there is a possible strandhogg style overlay attack due to a logic error in the code
CVE-2023-21398
7.8 - High
- October 30, 2023
In sdksandbox, there is a possible strandhogg style overlay attack due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
In Setup Wizard, there is a possible way to save a WiFi network due to an insecure default value
CVE-2023-21397
7.8 - High
- October 30, 2023
In Setup Wizard, there is a possible way to save a WiFi network due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
In Activity Manager, there is a possible background activity launch due to a logic error in the code
CVE-2023-21396
7.8 - High
- October 30, 2023
In Activity Manager, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.
In Settings, there is a possible way for the user to change SIM due to a missing permission check
CVE-2023-21393
7.8 - High
- October 30, 2023
In Settings, there is a possible way for the user to change SIM due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
AuthZ
In Messaging, there is a possible way to disable the messaging application due to improper input validation
CVE-2023-21391
7.5 - High
- October 30, 2023
In Messaging, there is a possible way to disable the messaging application due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
Improper Input Validation
In Sim, there is a possible way to evade mobile preference restrictions due to a permission bypass
CVE-2023-21390
7.8 - High
- October 30, 2023
In Sim, there is a possible way to evade mobile preference restrictions due to a permission bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
AuthZ
In Settings, there is a possible bypass of profile owner restrictions due to a missing permission check
CVE-2023-21389
7.8 - High
- October 30, 2023
In Settings, there is a possible bypass of profile owner restrictions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
AuthZ
In Settings, there is a possible restriction bypass due to a missing permission check
CVE-2023-21388
7.8 - High
- October 30, 2023
In Settings, there is a possible restriction bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
AuthZ
In User Backup Manager, there is a possible way to leak a token to bypass user confirmation for backup due to log information disclosure
CVE-2023-21387
4.4 - Medium
- October 30, 2023
In User Backup Manager, there is a possible way to leak a token to bypass user confirmation for backup due to log information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
Insertion of Sensitive Information into Log File
In Telecomm, there is a possible way to silence the ring for calls of secondary users due to a missing permission check
CVE-2023-21378
7.8 - High
- October 30, 2023
In Telecomm, there is a possible way to silence the ring for calls of secondary users due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
AuthZ
In Bluetooth, there is a possible out of bounds read due to a missing bounds check
CVE-2023-21379
4.4 - Medium
- October 30, 2023
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.
Out-of-bounds Read
In Bluetooth, there is a possible out of bounds read due to a use after free
CVE-2023-21395
6.5 - Medium
- October 30, 2023
In Bluetooth, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.
Dangling pointer
In Whitechapel, there is a possible out of bounds read due to memory corruption
CVE-2023-21385
5.5 - Medium
- October 30, 2023
In Whitechapel, there is a possible out of bounds read due to memory corruption. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
In Bluetooth, there is a possible out of bounds write due to a heap buffer overflow
CVE-2023-21380
6.7 - Medium
- October 30, 2023
In Bluetooth, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
In Media Resource Manager, there is a possible local arbitrary code execution due to use after free
CVE-2023-21381
7.8 - High
- October 30, 2023
In Media Resource Manager, there is a possible local arbitrary code execution due to use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Dangling pointer