Google Google Software and search

  1. Vendors
  2. Google
Do you want an email whenever new security vulnerabilities are reported in any Google product?

Products by Google Sorted by Most Security Vulnerabilities since 2018

Google Android3658 vulnerabilities
Mobile operating system

Google Chrome1820 vulnerabilities
Web browser

Google Tensorflow428 vulnerabilities
Open source machine learning / AI library

Google Chrome Os25 vulnerabilities

Google Asylo14 vulnerabilities

Google Fuchsia4 vulnerabilities

Google Fscrypt4 vulnerabilities

Google Protobuf Java4 vulnerabilities

Google Gvisor3 vulnerabilities

Google Gerrit3 vulnerabilities

Google Protobuf Javalite3 vulnerabilities

Google Guava3 vulnerabilities

Google Guest Oslogin3 vulnerabilities

Google Web Toolkit3 vulnerabilities

Google Linux And Chrome Os3 vulnerabilities

Google Monorail3 vulnerabilities

Google Protobuf2 vulnerabilities

Google Oauth Client Library For Java2 vulnerabilities

Google Web Stories2 vulnerabilities

Google Bazel2 vulnerabilities

Google Protobuf Kotlin2 vulnerabilities

Google Play Services Software Development Kit2 vulnerabilities

Google Kubernetes Engine2 vulnerabilities

Google Protobuf2 vulnerabilities

Google Earth2 vulnerabilities

Google V82 vulnerabilities

Google Lacros2 vulnerabilities

Google Protobuf Cpp1 vulnerability

Google Perfetto1 vulnerability

Google Puppeteer1 vulnerability

Google Openthread1 vulnerability

Google Protobuf Kotlin Lite1 vulnerability

Google Protobuf Python1 vulnerability

Google Gson1 vulnerability

Google Sa360 Webquery To Bigquery Exporter1 vulnerability

Google Santa1 vulnerability

Google Secret Manager Provider Secret Store Csi Driver1 vulnerability

Google Site Kit1 vulnerability

Google Skia1 vulnerability

Google Slashify1 vulnerability

Google Slo Generator1 vulnerability

Google Snappy1 vulnerability

Google Tink1 vulnerability

Google Titan Security Key1 vulnerability

Google Toolbar1 vulnerability

Google Voice Builder1 vulnerability

Google Youtube Android Player Api1 vulnerability

Google Custom Search Engine1 vulnerability

Google Android Api1 vulnerability

Google Angle1 vulnerability

Google Api C Client1 vulnerability

Google Bindiff1 vulnerability

Google BoringSSL1 vulnerability
BoringSSL is a fork of OpenSSL that is designed to meet Google's needs.

Google Brotli1 vulnerability

Google Cardboard1 vulnerability

Google Chrome Launcher1 vulnerability

Google Closure Library1 vulnerability

Google Cloud Firestore1 vulnerability

Google Cloud Iot Device Sdk Embedded C1 vulnerability

Google Cloud Messaging Notification1 vulnerability

Google Critters1 vulnerability

Google Kctf1 vulnerability

Google Data Transfer Project1 vulnerability

Google Espv21 vulnerability

Google Exposure Notification Verification Server1 vulnerability

Google Exposure Notifications1 vulnerability

Google Exposure Notifications Verification Server1 vulnerability

Google Extensible Service Proxy1 vulnerability

Google Firebase Php Jwt1 vulnerability

Google Firebaseutil1 vulnerability

Google Go Attestation1 vulnerability

Google Cloud Platform Service Broker1 vulnerability

Google Search1 vulnerability

Googleapple Exposure Notifications1 vulnerability

Recent Google Security Advisories

Advisory Title Published
Chrome Releases: Stable Channel Update for Desktop April 17, 2024
Pixel Update Bulletin—April 2024 | Android Open Source Project April 5, 2024
Chrome Releases: Stable Channel Update for Desktop March 20, 2024
Pixel Update Bulletin—February 2024 | Android Open Source Project February 7, 2024
Chrome Releases: Stable Channel Update for Desktop February 7, 2024
Chrome Releases: Stable Channel Update for Desktop January 30, 2024
Chrome Releases: Stable Channel Update for Desktop January 24, 2024
Chrome Releases: Stable Channel Update for Desktop January 4, 2024
Chrome Releases: Stable Channel Update for Desktop December 21, 2023
Chrome Releases: Stable Channel Update for Desktop December 14, 2023

Known Exploited Google Vulnerabilities

The following Google vulnerabilities have recently been marked by CISA as Known to be Exploited by threat actors.

Title Description Added
Google Chromium V8 Type Confusion Vulnerability Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted HTML page. CVE-2023-4762 February 6, 2024
Google Chromium V8 Out-of-Bounds Memory Access Vulnerability Google Chromium V8 contains an out-of-bounds memory access vulnerability. Specific impacts from exploitation are not available at this time. CVE-2024-0519 January 17, 2024
Google Skia Integer Overflow Vulnerability Google Skia contains an integer overflow vulnerability affecting Google Chrome and ChromeOS, Android, Flutter, and possibly other products. CVE-2023-6345 November 30, 2023
Google Chrome libvpx Heap Buffer Overflow Vulnerability Google Chrome libvpx contains a heap buffer overflow vulnerability in vp8 encoding that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2023-5217 October 2, 2023
Google Chromium Heap-Based Buffer Overflow Vulnerability Google Chromium contains a heap-based buffer overflow vulnerability in WebP that allows a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. CVE-2023-4863 September 13, 2023
Google Chromium V8 Type Confusion Vulnerability Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2023-3079 June 7, 2023
Google Chrome Skia Integer Overflow Vulnerability Google Chrome Skia contains an integer overflow vulnerability. Specific impacts from exploitation are not available at this time. This vulnerability resides in Skia which serves as the graphics engine for Google Chrome and ChromeOS, Android, Flutter, and other products. CVE-2023-2136 April 21, 2023
Google Chromium V8 Engine Type Confusion Vulnerability Google Chromium V8 contains a type confusion vulnerability. Specific impacts from exploitation are not available at this time. CVE-2023-2033 April 17, 2023
Google Chrome Use-After-Free Vulnerability Google Chrome contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption. CVE-2022-3038 March 30, 2023
Google Chromium V8 Type Confusion Vulnerability Google Chromium V8 contains a type confusion vulnerability. Specific impacts from exploitation are not available at this time. CVE-2022-4262 December 5, 2022
Google Chrome Heap Buffer Overflow Vulnerability Google Chrome GPU contains a heap buffer overflow vulnerability that allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2022-4135 November 28, 2022
Google Chromium V8 Type Confusion Vulnerability Google Chromium V8 contains a type confusion vulnerability. Specific impacts from exploitation are not available at this time. CVE-2022-3723 October 28, 2022
Google Chromium Insufficient Data Validation Vulnerability Google Chromium Mojo contains an insufficient data validation vulnerability. Impacts from exploitation are not yet known. This vulnerability affects web browsers that utilize Chromium, including Google Chrome and Microsoft Edge. CVE-2022-3075 September 8, 2022
Google Chrome Intents Insufficient Input Validation Vulnerability Google Chrome Intents allows for insufficient validation of untrusted input, causing unknown impacts. CISA will update this description if more information becomes available. CVE-2022-2856 August 18, 2022
Google Chromium Security Bypass Vulnerability Insufficient policy enforcement in the PopupBlocker for Chromium allows an attacker to remotely bypass security mechanisms. This vulnerability impacts web browsers using Chromium such as Chrome and Edge. CVE-2021-30533 June 27, 2022
Google Chromium V8 Out-of-Bounds Write Vulnerability Google Chromium V8 contains an out-of-bounds write vulnerability which allows a remote attacker to potentially exploit heap corruption. CVE-2019-5825 June 8, 2022
Google Chromium V8 Out-of-Bounds Memory Vulnerability Google Chromium V8 Engine contains an out-of-bounds memory vulnerability. CVE-2016-5198 June 8, 2022
Google Chromium V8 Out-of-Bounds Write Vulnerability Google Chromium V8 contains an out-of-bounds write vulnerability which allows a remote attacker to execute code inside a sandbox. CVE-2018-17480 June 8, 2022
Google Chromium V8 Integer Overflow Vulnerability Google Chromium V8 Engine contains an integer overflow vulnerability which allows a remote attacker to potentially exploit heap corruption. CVE-2018-6065 June 8, 2022
Google Chromium V8 Out-of-Bounds Read Vulnerability Google Chromium V8 contains an out-of-bounds read vulnerability. CVE-2016-1646 June 8, 2022

By the Year

In 2024 there have been 37 vulnerabilities in Google with an average score of 7.4 out of ten. Last year Google had 936 security vulnerabilities published. Right now, Google is on track to have less security vulnerabilities in 2024 than it did last year. However, the average CVE base score of the vulnerabilities in 2024 is greater by 0.50.

Year Vulnerabilities Average Score
2024 37 7.45
2023 936 6.94
2022 1385 6.89
2021 1123 7.02
2020 987 7.10
2019 809 7.11
2018 419 7.41

It may take a day or so for new Google vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Google Security Vulnerabilities

Use after free in Downloads in Google Chrome prior to 124.0.6367.60

CVE-2024-3834 8.8 - High - April 17, 2024

Use after free in Downloads in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Dangling pointer

Use after free in QUIC in Google Chrome prior to 124.0.6367.60

CVE-2024-3837 8.8 - High - April 17, 2024

Use after free in QUIC in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Dangling pointer

Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60

CVE-2024-3838 5.5 - Medium - April 17, 2024

Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed an attacker who convinced a user to install a malicious app to perform UI spoofing via a crafted app. (Chromium security severity: Medium)

Out of bounds read in Fonts in Google Chrome prior to 124.0.6367.60

CVE-2024-3839 6.5 - Medium - April 17, 2024

Out of bounds read in Fonts in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)

Out-of-bounds Read

there is a possible Information Disclosure due to uninitialized data

CVE-2024-29745 5.5 - Medium - April 05, 2024

there is a possible Information Disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Use of Uninitialized Resource

Object lifecycle issue in V8 in Google Chrome prior to 123.0.6312.58

CVE-2024-2625 8.8 - High - March 20, 2024

Object lifecycle issue in V8 in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

Out of bounds read in Swiftshader in Google Chrome prior to 123.0.6312.58

CVE-2024-2626 6.5 - Medium - March 20, 2024

Out of bounds read in Swiftshader in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)

Out-of-bounds Read

Use after free in Canvas in Google Chrome prior to 123.0.6312.58

CVE-2024-2627 8.8 - High - March 20, 2024

Use after free in Canvas in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Dangling pointer

Inappropriate implementation in Downloads in Google Chrome prior to 123.0.6312.58

CVE-2024-2628 4.3 - Medium - March 20, 2024

Inappropriate implementation in Downloads in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted URL. (Chromium security severity: Medium)

Incorrect security UI in iOS in Google Chrome prior to 123.0.6312.58

CVE-2024-2629 4.3 - Medium - March 20, 2024

Incorrect security UI in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58

CVE-2024-2630 6.5 - Medium - March 20, 2024

Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58

CVE-2024-2631 4.3 - Medium - March 20, 2024

Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

there is a possible out of bounds write due to a missing bounds check

CVE-2024-22012 7.8 - High - February 07, 2024

there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Memory Corruption

Heap buffer overflow in Skia in Google Chrome prior to 121.0.6167.160

CVE-2024-1283 9.8 - Critical - February 07, 2024

Heap buffer overflow in Skia in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Memory Corruption

Use after free in Mojo in Google Chrome prior to 121.0.6167.160

CVE-2024-1284 9.8 - Critical - February 07, 2024

Use after free in Mojo in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Dangling pointer

Use after free in Peer Connection in Google Chrome prior to 121.0.6167.139

CVE-2024-1059 8.8 - High - January 30, 2024

Use after free in Peer Connection in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: High)

Dangling pointer

Use after free in Canvas in Google Chrome prior to 121.0.6167.139

CVE-2024-1060 8.8 - High - January 30, 2024

Use after free in Canvas in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Dangling pointer

Use after free in Network in Google Chrome prior to 121.0.6167.139

CVE-2024-1077 8.8 - High - January 30, 2024

Use after free in Network in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a malicious file. (Chromium security severity: High)

Dangling pointer

Inappropriate implementation in Autofill in Google Chrome prior to 121.0.6167.85

CVE-2024-0809 4.3 - Medium - January 24, 2024

Inappropriate implementation in Autofill in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low)

Insufficient policy enforcement in iOS Security UI in Google Chrome prior to 121.0.6167.85

CVE-2024-0804 7.5 - High - January 24, 2024

Insufficient policy enforcement in iOS Security UI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

Inappropriate implementation in Downloads in Google Chrome prior to 121.0.6167.85

CVE-2024-0805 4.3 - Medium - January 24, 2024

Inappropriate implementation in Downloads in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium)

Use after free in Passwords in Google Chrome prior to 121.0.6167.85

CVE-2024-0806 8.8 - High - January 24, 2024

Use after free in Passwords in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium)

Dangling pointer

Use after free in Web Audio in Google Chrome prior to 121.0.6167.85

CVE-2024-0807 8.8 - High - January 24, 2024

Use after free in Web Audio in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Dangling pointer

Integer underflow in WebUI in Google Chrome prior to 121.0.6167.85

CVE-2024-0808 9.8 - Critical - January 24, 2024

Integer underflow in WebUI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via a malicious file. (Chromium security severity: High)

Integer underflow

Insufficient policy enforcement in DevTools in Google Chrome prior to 121.0.6167.85

CVE-2024-0810 4.3 - Medium - January 24, 2024

Insufficient policy enforcement in DevTools in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. (Chromium security severity: Medium)

Inappropriate implementation in Extensions API in Google Chrome prior to 121.0.6167.85

CVE-2024-0811 4.3 - Medium - January 24, 2024

Inappropriate implementation in Extensions API in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. (Chromium security severity: Low)

Inappropriate implementation in Accessibility in Google Chrome prior to 121.0.6167.85

CVE-2024-0812 8.8 - High - January 24, 2024

Inappropriate implementation in Accessibility in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

Use after free in Reading Mode in Google Chrome prior to 121.0.6167.85

CVE-2024-0813 8.8 - High - January 24, 2024

Use after free in Reading Mode in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium)

Dangling pointer

Incorrect security UI in Payments in Google Chrome prior to 121.0.6167.85

CVE-2024-0814 6.5 - Medium - January 24, 2024

Incorrect security UI in Payments in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. (Chromium security severity: Medium)

Origin Validation Error

Out of bounds write in V8 in Google Chrome prior to 120.0.6099.224

CVE-2024-0517 8.8 - High - January 16, 2024

Out of bounds write in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Memory Corruption

Type confusion in V8 in Google Chrome prior to 120.0.6099.224

CVE-2024-0518 8.8 - High - January 16, 2024

Type confusion in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Object Type Confusion

Out of bounds memory access in V8 in Google Chrome prior to 120.0.6099.224

CVE-2024-0519 8.8 - High - January 16, 2024

Out of bounds memory access in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Memory Corruption

Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.216

CVE-2024-0333 5.3 - Medium - January 10, 2024

Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.216 allowed an attacker in a privileged network position to install a malicious extension via a crafted HTML page. (Chromium security severity: High)

Use after free in WebGPU in Google Chrome prior to 120.0.6099.199

CVE-2024-0225 8.8 - High - January 04, 2024

Use after free in WebGPU in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Dangling pointer

Use after free in WebAudio in Google Chrome prior to 120.0.6099.199

CVE-2024-0224 8.8 - High - January 04, 2024

Use after free in WebAudio in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Dangling pointer

Heap buffer overflow in ANGLE in Google Chrome prior to 120.0.6099.199

CVE-2024-0223 8.8 - High - January 04, 2024

Heap buffer overflow in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Memory Corruption

Use after free in ANGLE in Google Chrome prior to 120.0.6099.199

CVE-2024-0222 8.8 - High - January 04, 2024

Use after free in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Dangling pointer

Heap buffer overflow in WebRTC in Google Chrome prior to 120.0.6099.129

CVE-2023-7024 8.8 - High - December 21, 2023

Heap buffer overflow in WebRTC in Google Chrome prior to 120.0.6099.129 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Memory Corruption

Type confusion in V8 in Google Chrome prior to 120.0.6099.109

CVE-2023-6702 8.8 - High - December 14, 2023

Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Object Type Confusion

Use after free in FedCM in Google Chrome prior to 120.0.6099.109

CVE-2023-6706 8.8 - High - December 14, 2023

Use after free in FedCM in Google Chrome prior to 120.0.6099.109 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Dangling pointer

Use after free in WebRTC in Google Chrome prior to 120.0.6099.109

CVE-2023-6705 8.8 - High - December 14, 2023

Use after free in WebRTC in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Dangling pointer

Use after free in CSS in Google Chrome prior to 120.0.6099.109

CVE-2023-6707 8.8 - High - December 14, 2023

Use after free in CSS in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Dangling pointer

Use after free in libavif in Google Chrome prior to 120.0.6099.109

CVE-2023-6704 8.8 - High - December 14, 2023

Use after free in libavif in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted image file. (Chromium security severity: High)

Dangling pointer

Use after free in Blink in Google Chrome prior to 120.0.6099.109

CVE-2023-6703 8.8 - High - December 14, 2023

Use after free in Blink in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Dangling pointer

there is a possible way for the secure world to write to NS memory due to a logic error in the code

CVE-2023-48405 6.7 - Medium - December 08, 2023

there is a possible way for the secure world to write to NS memory due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

there is a possible permanent DoS or way for the modem to boot unverified firmware due to a logic error in the code

CVE-2023-48406 6.7 - Medium - December 08, 2023

there is a possible permanent DoS or way for the modem to boot unverified firmware due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

there is a possible use after free due to a race condition

CVE-2023-48420 6.4 - Medium - December 08, 2023

there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Race Condition

In ProtocolMiscCarrierConfigSimInfoIndAdapter of protocolmiscadapter.cpp

CVE-2023-48404 7.5 - High - December 08, 2023

In ProtocolMiscCarrierConfigSimInfoIndAdapter of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Out-of-bounds Read

In ProtocolMiscATCommandAdapter::Init() of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check

CVE-2023-48399 5.5 - Medium - December 08, 2023

In ProtocolMiscATCommandAdapter::Init() of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation.

Out-of-bounds Read

In ProtocolNetAcBarringInfo::ProtocolNetAcBarringInfo() of protocolnetadapter.cpp

CVE-2023-48398 7.5 - High - December 08, 2023

In ProtocolNetAcBarringInfo::ProtocolNetAcBarringInfo() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation.

Out-of-bounds Read

In multiple locations, there is a possible null dereference due to a missing null check

CVE-2023-48416 7.5 - High - December 08, 2023

In multiple locations, there is a possible null dereference due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

NULL Pointer Dereference

In the Pixel Camera Driver, there is a possible use after free due to a logic error in the code

CVE-2023-48414 6.7 - Medium - December 08, 2023

In the Pixel Camera Driver, there is a possible use after free due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Dangling pointer

In Init of protocolembmsadapter.cpp, there is a possible out of bounds read due to a missing bounds check

CVE-2023-48415 5.5 - Medium - December 08, 2023

In Init of protocolembmsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Out-of-bounds Read

In gpu_pixel_handle_buffer_liveness_update_ioctl of private/google-modules/gpu/mali_kbase/platform/pixel/pixel_gpu_slc.c

CVE-2023-48421 7.8 - High - December 08, 2023

In gpu_pixel_handle_buffer_liveness_update_ioctl of private/google-modules/gpu/mali_kbase/platform/pixel/pixel_gpu_slc.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Memory Corruption

In Init of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check

CVE-2023-48422 5.5 - Medium - December 08, 2023

In Init of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Out-of-bounds Read

In dhcp4_SetPDNAddress of dhcp4_Main.c, there is a possible out of bounds write due to a missing bounds check

CVE-2023-48423 9.8 - Critical - December 08, 2023

In dhcp4_SetPDNAddress of dhcp4_Main.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

Memory Corruption

In Init of protocolcalladapter.cpp, there is a possible out of bounds read due to a missing bounds check

CVE-2023-48397 4.9 - Medium - December 08, 2023

In Init of protocolcalladapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

Out-of-bounds Read

In GetSizeOfEenlRecords of protocoladapter.cpp, there is a possible out of bounds read due to an incorrect bounds check

CVE-2023-48401 5.5 - Medium - December 08, 2023

In GetSizeOfEenlRecords of protocoladapter.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Out-of-bounds Read

In ppcfw_enable of ppcfw.c, there is a possible EoP due to a missing permission check

CVE-2023-48402 7.8 - High - December 08, 2023

In ppcfw_enable of ppcfw.c, there is a possible EoP due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

AuthZ

In ProtocolNetSimFileInfoAdapter() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check

CVE-2023-48408 5.5 - Medium - December 08, 2023

In ProtocolNetSimFileInfoAdapter() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation.

Out-of-bounds Read

In gpu_pixel_handle_buffer_liveness_update_ioctl of private/google-modules/gpu/mali_kbase/mali_kbase_core_linux.c

CVE-2023-48409 7.8 - High - December 08, 2023

In gpu_pixel_handle_buffer_liveness_update_ioctl of private/google-modules/gpu/mali_kbase/mali_kbase_core_linux.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Integer Overflow or Wraparound

In cd_ParseMsg of cd_codec.c, there is a possible out of bounds read due to a missing bounds check

CVE-2023-48410 7.5 - High - December 08, 2023

In cd_ParseMsg of cd_codec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Out-of-bounds Read

In SignalStrengthAdapter::FillGsmSignalStrength() of protocolmiscadapter.cpp

CVE-2023-48411 5.5 - Medium - December 08, 2023

In SignalStrengthAdapter::FillGsmSignalStrength() of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation.

Out-of-bounds Read

In private_handle_t of mali_gralloc_buffer.h, there is a possible information leak due to a logic error in the code

CVE-2023-48412 5.5 - Medium - December 08, 2023

In private_handle_t of mali_gralloc_buffer.h, there is a possible information leak due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

In Init of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check

CVE-2023-48413 4.9 - Medium - December 08, 2023

In Init of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

Out-of-bounds Read

In sms_DecodeCodedTpMsg of sms_PduCodec.c, there is a possible out of bounds read due to a heap buffer overflow

CVE-2023-48403 7.5 - High - December 08, 2023

In sms_DecodeCodedTpMsg of sms_PduCodec.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure if the attacker is able to observe the behavior of the subsequent switch conditional with no additional execution privileges needed. User interaction is not needed for exploitation.

Memory Corruption

there is a possible DCK won't be deleted after factory reset due to a logic error in the code

CVE-2023-48407 7.8 - High - December 08, 2023

there is a possible DCK won't be deleted after factory reset due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Use after free in Media Stream in Google Chrome prior to 120.0.6099.62

CVE-2023-6508 8.8 - High - December 06, 2023

Use after free in Media Stream in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Dangling pointer

Use after free in Side Panel Search in Google Chrome prior to 120.0.6099.62

CVE-2023-6509 8.8 - High - December 06, 2023

Use after free in Side Panel Search in Google Chrome prior to 120.0.6099.62 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: High)

Dangling pointer

Use after free in Media Capture in Google Chrome prior to 120.0.6099.62

CVE-2023-6510 8.8 - High - December 06, 2023

Use after free in Media Capture in Google Chrome prior to 120.0.6099.62 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium)

Dangling pointer

Inappropriate implementation in Autofill in Google Chrome prior to 120.0.6099.62

CVE-2023-6511 4.3 - Medium - December 06, 2023

Inappropriate implementation in Autofill in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low)

Inappropriate implementation in Web Browser UI in Google Chrome prior to 120.0.6099.62

CVE-2023-6512 6.5 - Medium - December 06, 2023

Inappropriate implementation in Web Browser UI in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to potentially spoof the contents of an iframe dialog context menu via a crafted HTML page. (Chromium security severity: Low)

In visitUris of Notification.java, there is a possible way to display images from another user due to a confused deputy

CVE-2023-35668 5.5 - Medium - December 04, 2023

In visitUris of Notification.java, there is a possible way to display images from another user due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

In visitUris of Notification.java, there is a possible cross-user media read due to Confused Deputy

CVE-2023-40073 5.5 - Medium - December 04, 2023

In visitUris of Notification.java, there is a possible cross-user media read due to Confused Deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

In saveToXml of PersistableBundle.java

CVE-2023-40074 5.5 - Medium - December 04, 2023

In saveToXml of PersistableBundle.java, invalid data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

In forceReplaceShortcutInner of ShortcutPackage.java, there is a possible way to register unlimited packages due to a missing bounds check

CVE-2023-40075 5.5 - Medium - December 04, 2023

In forceReplaceShortcutInner of ShortcutPackage.java, there is a possible way to register unlimited packages due to a missing bounds check. This could lead to local denial of service which results in a boot loop with no additional execution privileges needed. User interaction is not needed for exploitation.

In createPendingIntent of CredentialManagerUi.java, there is a possible way to access credentials

CVE-2023-40076 5.5 - Medium - December 04, 2023

In createPendingIntent of CredentialManagerUi.java, there is a possible way to access credentials from other users due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

In multiple functions of MetaDataBase.cpp, there is a possible UAF write due to a race condition

CVE-2023-40077 8.1 - High - December 04, 2023

In multiple functions of MetaDataBase.cpp, there is a possible UAF write due to a race condition. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Race Condition

In a2dp_vendor_opus_decoder_decode_packet of a2dp_vendor_opus_decoder.cc

CVE-2023-40078 9.8 - Critical - December 04, 2023

In a2dp_vendor_opus_decoder_decode_packet of a2dp_vendor_opus_decoder.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Memory Corruption

In injectSendIntentSender of ShortcutService.java, there is a possible background activity launch due to a permissions bypass

CVE-2023-40079 7.8 - High - December 04, 2023

In injectSendIntentSender of ShortcutService.java, there is a possible background activity launch due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

In multiple functions of btm_ble_gap.cc, there is a possible out of bounds write due to a logic error in the code

CVE-2023-40080 7.8 - High - December 04, 2023

In multiple functions of btm_ble_gap.cc, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Memory Corruption

In loadMediaDataInBgForResumption of MediaDataManager.kt, there is a possible way to view another user's images due to a confused deputy

CVE-2023-40081 5.5 - Medium - December 04, 2023

In loadMediaDataInBgForResumption of MediaDataManager.kt, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

In modify_for_next_stage of fdt.rs, there is a possible way to render KASLR ineffective due to improperly used crypto

CVE-2023-40082 9.8 - Critical - December 04, 2023

In modify_for_next_stage of fdt.rs, there is a possible way to render KASLR ineffective due to improperly used crypto. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

In parse_gap_data of utils.cc, there is a possible out of bounds read due to a missing bounds check

CVE-2023-40083 5.5 - Medium - December 04, 2023

In parse_gap_data of utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.

Out-of-bounds Read

In run of MDnsSdListener.cpp, there is a possible memory corruption due to a use after free

CVE-2023-40084 7.8 - High - December 04, 2023

In run of MDnsSdListener.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Dangling pointer

In transcodeQ*ToFloat of btif_avrcp_audio_track.cc, there is a possible out of bounds write due to a missing bounds check

CVE-2023-40087 8.8 - High - December 04, 2023

In transcodeQ*ToFloat of btif_avrcp_audio_track.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Memory Corruption

In callback_thread_event of com_android_bluetooth_btservice_AdapterService.cpp

CVE-2023-40088 8.8 - High - December 04, 2023

In callback_thread_event of com_android_bluetooth_btservice_AdapterService.cpp, there is a possible memory corruption due to a use after free. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

Dangling pointer

In getCredentialManagerPolicy of DevicePolicyManagerService.java

CVE-2023-40089 7.8 - High - December 04, 2023

In getCredentialManagerPolicy of DevicePolicyManagerService.java, there is a possible method for users to select credential managers without permission due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

AuthZ

In BTM_BleVerifySignature of btm_ble.cc, there is a possible way to bypass signature validation due to side channel information disclosure

CVE-2023-40090 6.5 - Medium - December 04, 2023

In BTM_BleVerifySignature of btm_ble.cc, there is a possible way to bypass signature validation due to side channel information disclosure. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Side Channel Attack

In onTransact of IncidentService.cpp, there is a possible out of bounds write due to memory corruption

CVE-2023-40091 7.8 - High - December 04, 2023

In onTransact of IncidentService.cpp, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Memory Corruption

In verifyShortcutInfoPackage of ShortcutService.java, there is a possible way to see another user's image due to a confused deputy

CVE-2023-40092 5.5 - Medium - December 04, 2023

In verifyShortcutInfoPackage of ShortcutService.java, there is a possible way to see another user's image due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

In keyguardGoingAway of ActivityTaskManagerService.java, there is a possible lock screen bypass due to a missing permission check

CVE-2023-40094 7.8 - High - December 04, 2023

In keyguardGoingAway of ActivityTaskManagerService.java, there is a possible lock screen bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

AuthZ

In createDontSendToRestrictedAppsBundle of PendingIntentUtils.java, there is a possible background activity launch due to a missing check

CVE-2023-40095 7.8 - High - December 04, 2023

In createDontSendToRestrictedAppsBundle of PendingIntentUtils.java, there is a possible background activity launch due to a missing check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

In OpRecordAudioMonitor::onFirstRef of AudioRecordClient.cpp, there is a possible way to record audio

CVE-2023-40096 7.8 - High - December 04, 2023

In OpRecordAudioMonitor::onFirstRef of AudioRecordClient.cpp, there is a possible way to record audio from the background due to a missing flag. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.

In hasPermissionForActivity of PackageManagerHelper.java, there is a possible URI grant due to improper input validation

CVE-2023-40097 7.8 - High - December 04, 2023

In hasPermissionForActivity of PackageManagerHelper.java, there is a possible URI grant due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

Improper Input Validation

In mOnDone of NotificationConversationInfo.java

CVE-2023-40098 5.5 - Medium - December 04, 2023

In mOnDone of NotificationConversationInfo.java, there is a possible way to access app notification data of another user due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

In multiple locations, there is a possible way to corrupt memory due to a double free

CVE-2023-40103 7.8 - High - December 04, 2023

In multiple locations, there is a possible way to corrupt memory due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Double-free

In multiple functions of btm_ble_gap.cc, there is a possible out of bounds write due to a missing bounds check

CVE-2023-45773 7.8 - High - December 04, 2023

In multiple functions of btm_ble_gap.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.

Memory Corruption

In fixUpIncomingShortcutInfo of ShortcutService.java, there is a possible way to view another user's image due to a confused deputy

CVE-2023-45774 7.8 - High - December 04, 2023

In fixUpIncomingShortcutInfo of ShortcutService.java, there is a possible way to view another user's image due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

In CreateAudioBroadcast of broadcaster.cc, there is a possible out of bounds write due to a missing bounds check

CVE-2023-45775 7.8 - High - December 04, 2023

In CreateAudioBroadcast of broadcaster.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Memory Corruption

Built by Foundeo Inc., with data from the National Vulnerability Database (NVD), Icons by Icons8. Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.