Google Software and search
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any Google product.
Products by Google Sorted by Most Security Vulnerabilities since 2018
Recent Google Security Advisories
Advisory | Title | Published |
---|---|---|
2025-01-01 | Android Security Bulletin January 2025 | January 1, 2025 |
Chrome Releases: Stable Channel Update for Desktop | December 12, 2024 | |
Pixel / Nexus Security Bulletin—June 2018 | Android Open Source Project | December 5, 2024 | |
Pixel / Nexus Security Bulletin—July 2018 | Android Open Source Project | December 5, 2024 | |
Pixel / Nexus Security Bulletin—August 2018 | Android Open Source Project | December 5, 2024 | |
Pixel / Nexus Security Bulletin—August 2018 | Android Open Source Project | December 3, 2024 | |
Pixel / Nexus Security Bulletin—July 2018 | Android Open Source Project | December 2, 2024 | |
2024-12-01 | Android Security Bulletin December 2024 | December 1, 2024 |
Pixel / Nexus Security Bulletin—June 2018 | Android Open Source Project | November 27, 2024 | |
Pixel / Nexus Security Bulletin—May 2018 | Android Open Source Project | November 27, 2024 |
Known Exploited Google Vulnerabilities
The following Google vulnerabilities have recently been marked by CISA as Known to be Exploited by threat actors.
Title | Description | Added |
---|---|---|
Google Chromium V8 Inappropriate Implementation Vulnerability |
Google Chromium V8 contains an inappropriate implementation vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. CVE-2024-7965 Exploit Probability: 12.8% |
August 28, 2024 |
Google Chromium V8 Type Confusion Vulnerability |
Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. CVE-2024-7971 Exploit Probability: 6.6% |
August 26, 2024 |
Google Chromium V8 Type Confusion Vulnerability |
Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. CVE-2024-5274 Exploit Probability: 0.8% |
May 28, 2024 |
Google Chromium V8 Type Confusion Vulnerability |
Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted HTML page. CVE-2024-4947 Exploit Probability: 0.5% |
May 20, 2024 |
Google Chromium V8 Out-of-Bounds Memory Write Vulnerability |
Google Chromium V8 Engine contains an unspecified out-of-bounds memory write vulnerability via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. CVE-2024-4761 Exploit Probability: 0.3% |
May 16, 2024 |
Google Chromium Visuals Use-After-Free Vulnerability |
Google Chromium Visuals contains a use-after-free vulnerability that allows a remote attacker to exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. CVE-2024-4671 Exploit Probability: 0.2% |
May 13, 2024 |
Google Chromium V8 Type Confusion Vulnerability |
Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted HTML page. CVE-2023-4762 Exploit Probability: 72.1% |
February 6, 2024 |
Google Chromium V8 Out-of-Bounds Memory Access Vulnerability |
Google Chromium V8 contains an out-of-bounds memory access vulnerability. Specific impacts from exploitation are not available at this time. CVE-2024-0519 Exploit Probability: 0.2% |
January 17, 2024 |
Google Skia Integer Overflow Vulnerability |
Google Skia contains an integer overflow vulnerability affecting Google Chrome and ChromeOS, Android, Flutter, and possibly other products. CVE-2023-6345 Exploit Probability: 15.3% |
November 30, 2023 |
Google Chrome libvpx Heap Buffer Overflow Vulnerability |
Google Chrome libvpx contains a heap buffer overflow vulnerability in vp8 encoding that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2023-5217 Exploit Probability: 74.3% |
October 2, 2023 |
Google Chromium Heap-Based Buffer Overflow Vulnerability |
Google Chromium contains a heap-based buffer overflow vulnerability in WebP that allows a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. CVE-2023-4863 Exploit Probability: 54.0% |
September 13, 2023 |
Google Chromium V8 Type Confusion Vulnerability |
Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2023-3079 Exploit Probability: 34.8% |
June 7, 2023 |
Google Chrome Skia Integer Overflow Vulnerability |
Google Chrome Skia contains an integer overflow vulnerability. Specific impacts from exploitation are not available at this time. This vulnerability resides in Skia which serves as the graphics engine for Google Chrome and ChromeOS, Android, Flutter, and other products. CVE-2023-2136 Exploit Probability: 0.9% |
April 21, 2023 |
Google Chromium V8 Engine Type Confusion Vulnerability |
Google Chromium V8 contains a type confusion vulnerability. Specific impacts from exploitation are not available at this time. CVE-2023-2033 Exploit Probability: 2.8% |
April 17, 2023 |
Google Chrome Use-After-Free Vulnerability |
Google Chrome contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption. CVE-2022-3038 Exploit Probability: 26.0% |
March 30, 2023 |
Google Chromium V8 Type Confusion Vulnerability |
Google Chromium V8 contains a type confusion vulnerability. Specific impacts from exploitation are not available at this time. CVE-2022-4262 Exploit Probability: 0.5% |
December 5, 2022 |
Google Chrome Heap Buffer Overflow Vulnerability |
Google Chrome GPU contains a heap buffer overflow vulnerability that allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2022-4135 Exploit Probability: 15.1% |
November 28, 2022 |
Google Chromium V8 Type Confusion Vulnerability |
Google Chromium V8 contains a type confusion vulnerability. Specific impacts from exploitation are not available at this time. CVE-2022-3723 Exploit Probability: 1.6% |
October 28, 2022 |
Google Chromium Insufficient Data Validation Vulnerability |
Google Chromium Mojo contains an insufficient data validation vulnerability. Impacts from exploitation are not yet known. This vulnerability affects web browsers that utilize Chromium, including Google Chrome and Microsoft Edge. CVE-2022-3075 Exploit Probability: 1.4% |
September 8, 2022 |
Google Chrome Intents Insufficient Input Validation Vulnerability |
Google Chrome Intents allows for insufficient validation of untrusted input, causing unknown impacts. CISA will update this description if more information becomes available. CVE-2022-2856 Exploit Probability: 11.4% |
August 18, 2022 |
9 known exploited Google vulnerabilities are in the top 5% (95th percentile or greater) of the EPSS exploit probability rankings.
Top 10 Riskiest Google Vulnerabilities
Based on the current exploit probability, these Google vulnerabilities are on CISA's Known Exploited vulnerabilities list (KEV) and are ranked by the current EPSS exploit probability.
Rank | CVE | EPSS | Vulnerability |
---|---|---|---|
1 | CVE-2019-5786 | 96.9% | Google Chrome Use-After-Free Vulnerability |
2 | CVE-2019-13720 | 96.9% | Google Chrome Use-After-Free Vulnerability |
3 | CVE-2018-6065 | 96.6% | Google Chromium V8 Integer Overflow Vulnerability |
4 | CVE-2018-17463 | 96.5% | Google Chromium V8 Remote Code Execution Vulnerability |
5 | CVE-2020-6418 | 96.4% | Chromium V8 Type Confusion Vulnerability |
6 | CVE-2021-21220 | 95.6% | Chromium V8 Input Validation Vulnerability |
7 | CVE-2020-16009 | 94.4% | Chromium V8 Implementation Vulnerability |
8 | CVE-2018-17480 | 89.9% | Google Chromium V8 Out-of-Bounds Write Vulnerability |
9 | CVE-2019-5825 | 86.1% | Google Chromium V8 Out-of-Bounds Write Vulnerability |
10 | CVE-2017-5070 | 82.1% | Google Chromium V8 Type Confusion Vulnerability |
By the Year
In 2025 there have been 33 vulnerabilities in Google with an average score of 7.9 out of ten. Last year, in 2024 Google had 856 security vulnerabilities published. Right now, Google is on track to have less security vulnerabilities in 2025 than it did last year. However, the average CVE base score of the vulnerabilities in 2025 is greater by 0.57.
Year | Vulnerabilities | Average Score |
---|---|---|
2025 | 33 | 7.94 |
2024 | 856 | 7.37 |
2023 | 1074 | 6.90 |
2022 | 1387 | 6.89 |
2021 | 1124 | 7.02 |
2020 | 987 | 7.10 |
2019 | 809 | 7.11 |
2018 | 419 | 7.41 |
It may take a day or so for new Google vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Google Security Vulnerabilities
Inappropriate implementation in Compositing in Google Chrome prior to 132.0.6834.83
CVE-2025-0448
- January 15, 2025
Inappropriate implementation in Compositing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
Inappropriate implementation in Navigation in Google Chrome prior to 132.0.6834.83
CVE-2025-0447
- January 15, 2025
Inappropriate implementation in Navigation in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Low)
Inappropriate implementation in Extensions in Google Chrome prior to 132.0.6834.83
CVE-2025-0446
- January 15, 2025
Inappropriate implementation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)
Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83
CVE-2025-0443
- January 15, 2025
Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)
Inappropriate implementation in Payments in Google Chrome prior to 132.0.6834.83
CVE-2025-0442
- January 15, 2025
Inappropriate implementation in Payments in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
Inappropriate implementation in Fenced Frames in Google Chrome prior to 132.0.6834.83
CVE-2025-0441
- January 15, 2025
Inappropriate implementation in Fenced Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to obtain potentially sensitive information from the system via a crafted HTML page. (Chromium security severity: Medium)
Inappropriate implementation in Fullscreen in Google Chrome on Windows prior to 132.0.6834.83
CVE-2025-0440
- January 15, 2025
Inappropriate implementation in Fullscreen in Google Chrome on Windows prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
Race in Frames in Google Chrome prior to 132.0.6834.83
CVE-2025-0439
- January 15, 2025
Race in Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
Race Condition
Stack buffer overflow in Tracing in Google Chrome prior to 132.0.6834.83
CVE-2025-0438
- January 15, 2025
Stack buffer overflow in Tracing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: High)
Stack Overflow
Out of bounds read in Metrics in Google Chrome prior to 132.0.6834.83
CVE-2025-0437
8.8 - High
- January 15, 2025
Out of bounds read in Metrics in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Out-of-bounds Read
Integer overflow in Skia in Google Chrome prior to 132.0.6834.83
CVE-2025-0436
- January 15, 2025
Integer overflow in Skia in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Assumed-Immutable Parameter Tampering
Inappropriate implementation in Navigation in Google Chrome on Android prior to 132.0.6834.83
CVE-2025-0435
- January 15, 2025
Inappropriate implementation in Navigation in Google Chrome on Android prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: High)
Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.83
CVE-2025-0434
- January 15, 2025
Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Type Confusion in V8 in Google Chrome prior to 131.0.6778.264
CVE-2025-0291
- January 08, 2025
Type Confusion in V8 in Google Chrome prior to 131.0.6778.264 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Object Type Confusion
In DevmemIntMapPages of devicemem_server.c, there is a possible physical page uaf due to a logic error in the code
CVE-2023-35685
7.8 - High
- January 08, 2025
In DevmemIntMapPages of devicemem_server.c, there is a possible physical page uaf due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.
Memory corruption while processing IPA statistics
CVE-2024-21464
7.8 - High
- January 06, 2025
Memory corruption while processing IPA statistics, when there are no active clients registered.
Classic Buffer Overflow
Memory corruption can occur when process-specific maps are added to the global list
CVE-2024-45553
7.8 - High
- January 06, 2025
Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise.
Dangling pointer
Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length.
CVE-2024-45558
7.5 - High
- January 06, 2025
Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length.
Out-of-bounds Read
In Modem, there is a possible out of bounds write due to a missing bounds check
CVE-2024-20154
- January 06, 2025
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00720348; Issue ID: MSV-2392.
In wlan STA driver, there is a possible out of bounds write due to improper input validation
CVE-2024-20146
- January 06, 2025
In wlan STA driver, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389496 / ALPS09137491; Issue ID: MSV-1835.
In wlan STA FW, there is a possible out of bounds write due to improper input validation
CVE-2024-20148
- January 06, 2025
In wlan STA FW, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389045 / ALPS09136494; Issue ID: MSV-1796.
In m4u, there is a possible out of bounds write due to a missing bounds check
CVE-2024-20105
- January 06, 2025
In m4u, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09062027; Issue ID: MSV-1743.
In power, there is a possible out of bounds write due to a missing bounds check
CVE-2024-20140
- January 06, 2025
In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09270402; Issue ID: MSV-2020.
In V6 DA, there is a possible out of bounds write due to a missing bounds check
CVE-2024-20143
- January 06, 2025
In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09167056; Issue ID: MSV-2069.
In V6 DA, there is a possible out of bounds write due to a missing bounds check
CVE-2024-20144
- January 06, 2025
In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09167056; Issue ID: MSV-2041.
In V6 DA, there is a possible out of bounds write due to a missing bounds check
CVE-2024-20145
- January 06, 2025
In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09290940; Issue ID: MSV-2040.
In multiple locations, there is a possible way to avoid unbinding of a service from the system due to a logic error in the code
CVE-2024-43762
- January 03, 2025
In multiple locations, there is a possible way to avoid unbinding of a service from the system due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
In onPrimaryClipChanged of ClipboardListener.java, there is a possible way to partially bypass lock screen
CVE-2024-43764
- January 03, 2025
In onPrimaryClipChanged of ClipboardListener.java, there is a possible way to partially bypass lock screen. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
In isPackageDeviceAdmin of PackageManagerService.java, there is a possible edge case
CVE-2024-43769
- January 03, 2025
In isPackageDeviceAdmin of PackageManagerService.java, there is a possible edge case which could prevent the uninstallation of CloudDpc due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
In prepare_to_draw_into_mask of SkBlurMaskFilterImpl.cpp, there is a possible heap overflow due to improper input validation
CVE-2024-43767
- January 03, 2025
In prepare_to_draw_into_mask of SkBlurMaskFilterImpl.cpp, there is a possible heap overflow due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
In resizeToAtLeast of SkRegion.cpp, there is a possible out of bounds write due to an integer overflow
CVE-2024-43097
- January 03, 2025
In resizeToAtLeast of SkRegion.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
In skia_alloc_func of SkDeflate.cpp, there is a possible out of bounds write due to an integer overflow
CVE-2024-43768
- January 03, 2025
In skia_alloc_func of SkDeflate.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
In DevmemValidateFlags of devicemem_server.c , there is a possible out of bounds write due to memory corruption
CVE-2024-43077
- January 03, 2025
In DevmemValidateFlags of devicemem_server.c , there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Google Chrome V8 Engine Out-of-Bounds Write Vulnerability
CVE-2024-12695
- December 18, 2024
Out of bounds write in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Google Chrome Compositing Use After Free Vulnerability
CVE-2024-12694
- December 18, 2024
Use after free in Compositing in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Google Chrome V8 Engine Out-of-Bounds Memory Access Vulnerability
CVE-2024-12693
- December 18, 2024
Out of bounds memory access in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Google Chrome V8 Engine Type Confusion Vulnerability
CVE-2024-12692
- December 18, 2024
Type Confusion in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Use after free in Translate in Google Chrome prior to 131.0.6778.139
CVE-2024-12382
8.8 - High
- December 12, 2024
Use after free in Translate in Google Chrome prior to 131.0.6778.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Dangling pointer
Type Confusion in V8 in Google Chrome prior to 131.0.6778.139
CVE-2024-12381
8.8 - High
- December 12, 2024
Type Confusion in V8 in Google Chrome prior to 131.0.6778.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Object Type Confusion
In procfile_write of gl_proc.c, there is a possible out of bounds read of a
function pointer due to an incorrect bounds check
CVE-2018-9390
6.7 - Medium
- December 05, 2024
In procfile_write of gl_proc.c, there is a possible out of bounds read of a function pointer due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Out-of-bounds Read
In store_upgrade and store_cmd of drivers/input/touchscreen/stm/ftm4_pdc.c
CVE-2018-9388
9.8 - Critical
- December 05, 2024
In store_upgrade and store_cmd of drivers/input/touchscreen/stm/ftm4_pdc.c, there are out of bound writes due to missing bounds checks or integer underflows. These could lead to escalation of privilege.
Memory Corruption
In reboot_block_command of htc reboot_block driver, there is a possible
stack buffer overflow due to a missing bounds check
CVE-2018-9386
6.7 - Medium
- December 05, 2024
In reboot_block_command of htc reboot_block driver, there is a possible stack buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
In update_gps_sv and output_vzw_debug of
vendor/mediatek/proprietary/hardware/connectivity/gps/gps_hal/src/gpshal_wor
ker.c
CVE-2018-9391
6.7 - Medium
- December 05, 2024
In update_gps_sv and output_vzw_debug of vendor/mediatek/proprietary/hardware/connectivity/gps/gps_hal/src/gpshal_wor ker.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
MTK Thermal Sensor Driver Buffer Overflow Vulnerability
CVE-2017-13308
6.7 - Medium
- December 05, 2024
In tscpu_write_GPIO_out and mtkts_Abts_write of mtk_ts_Abts.c, there is a possible buffer overflow in an sscanf due to improper input validation. This could lead to a local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Classic Buffer Overflow
Documenso User Interface Misrepresentation of Critical Information Vulnerability
CVE-2024-52271
- December 05, 2024
User Interface (UI) Misrepresentation of Critical Information vulnerability in Documenso allows Content Spoofing.Displayed version does not show the layer flattened version, once download, If printed (e.g. via Google Chrome -> Examine the print preview): Will render the vulnerability only, not all layers are flattened. This issue affects Documenso: through 1.8.0, >1.8.0 and Documenso SaaS (Hosted) as of 2024-12-05.
DropBox Sign(HelloSign) User Interface Misrepresentation of Critical Information Vulnerability
CVE-2024-52270
- December 05, 2024
User Interface (UI) Misrepresentation of Critical Information vulnerability in DropBox Sign(HelloSign) allows Content Spoofing. Displayed version does not show the layer flattened version, once download, If printed (e.g. via Google Chrome -> Examine the print preview): Will render the vulnerability only, not all layers are flattened. This issue affects DropBox Sign(HelloSign): through 2024-12-04.
Android RIL Component Integer Overflow Leading to Local Privilege Escalation
CVE-2018-9404
6.7 - Medium
- December 05, 2024
In oemCallback of ril.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Integer Overflow or Wraparound
Linux Kernel: Use-After-Free in af_packet.c
CVE-2018-9439
6.7 - Medium
- December 05, 2024
In __unregister_prot_hook and packet_release of af_packet.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.
Dangling pointer
Linux Kernel SCSI Generic Driver Memory Corruption Vulnerability
CVE-2018-9416
6.7 - Medium
- December 05, 2024
In sg_remove_scat of scsi/sg.c, there is a possible memory corruption due to an unusual root cause. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
Out-of-Bounds Read Vulnerability in m3326 GPS Driver
CVE-2018-9408
4.4 - Medium
- December 05, 2024
In m3326_gps_write and m3326_gps_read of gps.s, there is a possible Out Of Bounds Read due to a missing bounds check. This could lead to a local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
Out-of-bounds Read
Android Kernel emmc_rpmb Information Disclosure Vulnerability
CVE-2018-9407
5.5 - Medium
- December 05, 2024
In emmc_rpmb_ioctl of emmc_rpmb.c, there is an Information Disclosure due to a Missing Bounds Check. This could lead to Information Disclosure of kernel data.
MTK_FLP_MSG_HAL_DIAG_REPORT_DATA_NTF Handler Stack Buffer Overflow Vulnerability
CVE-2018-9403
6.7 - Medium
- December 05, 2024
In the MTK_FLP_MSG_HAL_DIAG_REPORT_DATA_NTF handler of flp2hal_- interface.c, there is a possible stack buffer overflow due to a missing bounds check. This could lead to local escalation of privilege in a privileged process with System execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
Linux Kernel: Buffer Overwrite in gl_proc.c Functions
CVE-2018-9402
7.8 - High
- December 05, 2024
In multiple functions of gl_proc.c, there is a buffer overwrite due to a missing bounds check. This could lead to escalation of privileges in the kernel.
Memory Corruption
Mediatek GT1151 Touchscreen Driver Out-of-Bounds Write Vulnerability
CVE-2018-9400
6.7 - Medium
- December 05, 2024
In gt1x_debug_write_proc and gt1x_tool_write of drivers/input/touchscreen/mediatek/GT1151/gt1x_generic.c and gt1x_tools.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
Synaptics Touchscreen Driver Out-of-Bounds Write Vulnerability
CVE-2018-9463
6.7 - Medium
- December 05, 2024
In sw49408_irq_runtime_engine_debug of touch_sw49408.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
Qualcomm FTM4 PDC Out-of-Bounds Write Vulnerability
CVE-2018-9462
6.7 - Medium
- December 05, 2024
In store_cmd of ftm4_pdc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
Linux Kernel WMT Debug Driver Out-of-Bounds Write Privilege Escalation Vulnerability
CVE-2018-9399
6.7 - Medium
- December 05, 2024
In /proc/driver/wmt_dbg driver, there are several possible out of bounds writes. These could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
Mediatek FM Radio Driver Out-of-Bounds Write Vulnerability
CVE-2018-9398
6.7 - Medium
- December 05, 2024
In fm_set_stat of mediatek FM radio driver, there is a possible OOB write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
MTK WMT Device Driver Out-of-Bounds Write Vulnerability
CVE-2018-9397
6.7 - Medium
- December 05, 2024
In WMT_unlocked_ioctl of MTK WMT device driver, there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
Mediatek ECCCI RPC Handler Out-of-Bounds Write Vulnerability
CVE-2018-9396
6.7 - Medium
- December 04, 2024
In rpc_msg_handler and related handlers of drivers/misc/mediatek/eccci/port_rpc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
In mtk_cfg80211_vendor_packet_keep_alive_start and mtk_cfg80211_vendor_set_config of drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/gl_vendor.c
CVE-2018-9395
6.7 - Medium
- December 04, 2024
In mtk_cfg80211_vendor_packet_keep_alive_start and mtk_cfg80211_vendor_set_config of drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/gl_vendor.c, there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
In mtk_p2p_wext_set_key of drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/gl_p2p.c
CVE-2018-9394
6.7 - Medium
- December 04, 2024
In mtk_p2p_wext_set_key of drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/gl_p2p.c, there is a possible OOB write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
In procfile_write of drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/gl_proc.c
CVE-2018-9393
6.7 - Medium
- December 04, 2024
In procfile_write of drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/gl_proc.c, there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
In get_binary of vendor/mediatek/proprietary/hardware/connectivity/gps/gps_hal/src/data_coder.c
CVE-2018-9392
6.7 - Medium
- December 04, 2024
In get_binary of vendor/mediatek/proprietary/hardware/connectivity/gps/gps_hal/src/data_coder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
User Interface (UI) Misrepresentation of Critical Information vulnerability in DocuSign allows Content Spoofing
CVE-2024-52276
- December 04, 2024
User Interface (UI) Misrepresentation of Critical Information vulnerability in DocuSign allows Content Spoofing. 1. Displayed version does not show the layer flattened version, which is provided when the "Print" option is used. 2. Displayed version does not show the layer flattened version, which is provided when the combined download option is used. 3. Displayed version does not show the layer flattened version, which is also the provided version when downloading the result in the uncombined option. Once download, If printed (e.g. via Google Chrome -> Examine the print preview): Will render the vulnerability only, not all layers are flattened. This issue affects DocuSign: through 2024-12-04.
User Interface (UI) Misrepresentation of Critical Information vulnerability in DocuSeal
CVE-2024-52277
- December 04, 2024
User Interface (UI) Misrepresentation of Critical Information vulnerability in DocuSeal allows Content Spoofing.Displayed version does not show the layer flattened version, once download, If printed (e.g. via Google Chrome -> Examine the print preview): Will render the vulnerability only, not all layers are flattened. This issue affects DocuSeal: through 1.8.1, >1.8.1.
Google Chrome V8 Engine Type Confusion Vulnerability
CVE-2024-12053
8.8 - High
- December 03, 2024
Type Confusion in V8 in Google Chrome prior to 131.0.6778.108 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)
Object Type Confusion
Android Bluetooth SDP Discovery Out-of-Bounds Read Vulnerability
CVE-2018-9449
5.5 - Medium
- December 03, 2024
In process_service_search_attr_rsp of sdp_discovery.cc, there is a possible out of bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Out-of-bounds Read
Android Bluetooth SDP Discovery Out-of-Bounds Read Vulnerability
CVE-2018-9441
5.5 - Medium
- December 03, 2024
In sdp_copy_raw_data of sdp_discovery.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
Out-of-bounds Read
Android Bluetooth GATT Client Out-of-Bounds Read Vulnerability
CVE-2018-9435
5.5 - Medium
- December 02, 2024
In gatt_process_error_rsp of gatt_cl.cc, there is a possible out of bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Out-of-bounds Read
Android OSUInfo Privilege Escalation Vulnerability
CVE-2018-9431
7.8 - High
- December 02, 2024
In OSUInfo of OSUInfo.java, there is a possible escalation of privilege due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Android Bluetooth Stack Out-of-Bounds Write Vulnerability in btif_storage.cc
CVE-2018-9430
9.8 - Critical
- December 02, 2024
In prop2cfg of btif_storage.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
Android System UI Out-of-Bounds Read Vulnerability in ItemTable
CVE-2018-9429
6.5 - Medium
- December 02, 2024
In buildImageItemsIfPossible of ItemTable.cpp there is a possible out of bound read due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
Out-of-bounds Read
Android RSA Key Pair Generation Weakness in RSAKeyPairGenerator
CVE-2018-9426
7.5 - High
- December 02, 2024
In RsaKeyPairGenerator::getNumberOfIterations of RSAKeyPairGenerator.java, an incorrect implementation could cause weak RSA key pairs being generated. This could lead to crypto vulnerability with no additional execution privileges needed. User interaction is not needed for exploitation. Bulletin Fix: The fix is designed to correctly implement the key generation according to FIPS standard.
Insufficient Entropy
Android Bluetooth Stack Buffer Overflow Vulnerability in dtif_rc.cc
CVE-2018-9418
9.8 - Critical
- December 02, 2024
In handle_app_cur_val_response of dtif_rc.cc, there is a possible stack buffer overflow due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
Out-of-Bounds Read Vulnerability in ihevcd_parse_slice_header Component of ExoPlayer
CVE-2018-9423
6.5 - Medium
- December 02, 2024
In ihevcd_parse_slice_header of ihevcd_parse_slice_header.c there is a possible out of bound read due to missing bounds check. This could lead to denial of service with no additional execution privileges needed. User interaction is needed for exploitation.
Out-of-bounds Read
Android Bluetooth GATT Server Out-of-Bounds Write Vulnerability
CVE-2018-9414
7.8 - High
- December 02, 2024
In gattServerSendResponseNative of com_android_bluetooth_gatt.cpp, there is a possible out of bounds stack write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
Bluetooth Stack Remote Code Execution Vulnerability in Android
CVE-2018-9413
8.8 - High
- December 02, 2024
In handle_notification_response of btif_rc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.
Memory Corruption
Mediatek ECCCI RPC Handler Out-of-Bounds Write Vulnerability
CVE-2018-9376
6.7 - Medium
- December 02, 2024
In rpc_msg_handler and related handlers of drivers/misc/mediatek/eccci/port_rpc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
Android Bluetooth Stack Out-of-Bounds Write Vulnerability in l2c_lcc_proc_pdu
CVE-2018-9380
8.8 - High
- December 02, 2024
In l2c_lcc_proc_pdu of l2c_fcr.cc, there is a possible out of bounds write due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
Memory Corruption
Bluetooth Stack Information Disclosure Vulnerability in Android
CVE-2018-9381
7.5 - High
- December 02, 2024
In gatts_process_read_by_type_req of gatt_sr.c, there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Use of Uninitialized Resource
Transient DOS while parsing the ML IE when a beacon with common info length of the ML IE greater than the ML IE inside
CVE-2024-33063
7.5 - High
- December 02, 2024
Transient DOS while parsing the ML IE when a beacon with common info length of the ML IE greater than the ML IE inside which this element is present.
Integer Overflow or Wraparound
Memory corruption while Configuring the SMR/S2CR register in Bypass mode.
CVE-2024-33044
7.8 - High
- December 02, 2024
Memory corruption while Configuring the SMR/S2CR register in Bypass mode.
out-of-bounds array index
Memory corruption when allocating and accessing an entry in an SMEM partition continuously.
CVE-2024-33056
7.8 - High
- December 02, 2024
Memory corruption when allocating and accessing an entry in an SMEM partition continuously.
Out-of-bounds Read
Memory corruption when invalid input is passed to invoke GPU Headroom API call.
CVE-2024-43048
7.8 - High
- December 02, 2024
Memory corruption when invalid input is passed to invoke GPU Headroom API call.
Memory Corruption
Memory corruption while processing API calls to NPU with invalid input.
CVE-2024-43052
7.8 - High
- December 02, 2024
Memory corruption while processing API calls to NPU with invalid input.
Improper Input Validation
MediaTek vdec Out-of-Bounds Write Vulnerability
CVE-2024-20125
- December 02, 2024
In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained System privileges. User interaction is not needed for exploitation. Patch ID: ALPS09046782; Issue ID: MSV-1728.
RIL Out-of-Bounds Write Vulnerability in Android
CVE-2024-20134
- December 02, 2024
In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09154589; Issue ID: MSV-1866.
Android SoundTrigger Out-of-Bounds Write Vulnerability
CVE-2024-20135
- December 02, 2024
In soundtrigger, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09142526; Issue ID: MSV-1841.
In BnAudioPolicyService::onTransact of IAudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data
CVE-2018-9377
5.5 - Medium
- November 28, 2024
In BnAudioPolicyService::onTransact of IAudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Use of Uninitialized Resource
Android PackageManagerService Local Privilege Escalation Vulnerability
CVE-2018-9374
7.8 - High
- November 28, 2024
In installPackageLI of PackageManagerService.java, there is a possible permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.
Android ih264e_fmt_conv_420p_to_420sp Out-of-Bounds Read Vulnerability
CVE-2018-9351
6.5 - Medium
- November 27, 2024
In ih264e_fmt_conv_420p_to_420sp of ih264e_fmt_conv.c there is a possible out of bound read due to missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.
Out-of-bounds Read
Divide by Zero Vulnerability in VideoFrameScheduler of Android
CVE-2018-9354
6.5 - Medium
- November 27, 2024
In VideoFrameScheduler.cpp of VideoFrameScheduler::PLL::fit, there is a possible remote denial of service due to divide by 0. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.
Divide By Zero
Exynos Video Codec: Heap Buffer Overflow in ihevcd_parse_slice_data
CVE-2018-9353
6.5 - Medium
- November 27, 2024
In ihevcd_parse_slice_data of ihevcd_parse_slice.c there is a possible heap buffer out of bound read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.
Out-of-bounds Read
Exynos Video Codec Integer Overflow Vulnerability
CVE-2018-9352
6.5 - Medium
- November 27, 2024
In ihevcd_allocate_dynamic_bufs of ihevcd_api.c there is a possible resource exhaustion due to integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.
Integer Overflow or Wraparound
In ih264d_assign_pic_num of ih264d_utils.c there is a possible out of bound read due to missing bounds check
CVE-2018-9350
6.5 - Medium
- November 27, 2024
In ih264d_assign_pic_num of ih264d_utils.c there is a possible out of bound read due to missing bounds check. This could lead to a denial of service with no additional execution privileges needed. User interaction is needed for exploitation.
Out-of-bounds Read
In mv_err_cost of mcomp.c there is a possible out of bounds read due to missing bounds check
CVE-2018-9349
6.5 - Medium
- November 27, 2024
In mv_err_cost of mcomp.c there is a possible out of bounds read due to missing bounds check. This could lead to denial of service with no additional execution privileges needed. User interaction is needed for exploitation.
Out-of-bounds Read
In String16 of String16.cpp, there is a possible out of bounds write due to an integer overflow
CVE-2017-13323
7.8 - High
- November 27, 2024
In String16 of String16.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.
Integer Overflow or Wraparound
In SensorService::isDataInjectionEnabled of frameworks/native/services/sensorservice/SensorService.cpp
CVE-2017-13321
5.5 - Medium
- November 27, 2024
In SensorService::isDataInjectionEnabled of frameworks/native/services/sensorservice/SensorService.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Out-of-bounds Read
In impeg2d_bit_stream_flush() of libmpeg2dec there is a possible OOB read due to a missing bounds check
CVE-2017-13320
6.5 - Medium
- November 27, 2024
In impeg2d_bit_stream_flush() of libmpeg2dec there is a possible OOB read due to a missing bounds check. This could lead to Remote DoS with no additional execution privileges needed. User interaction is needed for exploitation.
Out-of-bounds Read