Vulnerabilities (CVE)

Vendor filter

Google Subscribe

Product filter

Chrome Subscribe

Filter

4304 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-2101 1 Google 1 Android 2019-07-23 4.9
In uvc_parse_standard_control of uvc_driver.c, there is a possible out-of-bound read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed...
CVE-2017-5130 3 Google, Xmlsoft, Debian 3 Chrome, Libxml2, Debian Linux 2019-07-19 6.8
An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file.
CVE-2011-1300 2 Google, Mozilla 2 Firefox, Chrome 2019-07-18 10.0
The Program::getActiveUniformMaxLength function in libGLESv2/Program.cpp in libGLESv2.dll in the WebGLES library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox 4.x before 4.0.1 on Windows and in the GPU process in...
CVE-2014-0362 1 Google 3 Search Appliance Software, Mini Search Appliance, Search Appliance 2019-07-18 4.3
Cross-site scripting (XSS) vulnerability on Google Search Appliance (GSA) devices before 7.0.14.G.216 and 7.2 before 7.2.0.G.114, when dynamic navigation is configured, allows remote attackers to inject arbitrary web script or HTML via input...
CVE-2019-2107 1 Google 1 Android 2019-07-15 9.3
In ihevcd_parse_pps of ihevcd_parse_headers.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for...
CVE-2016-2460 1 Google 1 Android 2019-07-11 4.3
mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not initialize certain data structures, which allows attackers to obtain sensitive information via a crafted application, related to...
CVE-2019-2106 1 Google 1 Android 2019-07-09 9.3
In ihevcd_sao_shift_ctb of ihevcd_sao.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation....
CVE-2019-2104 1 Google 1 Android 2019-07-09 2.1
In HIDL, safe_union, and other C++ structs/unions being sent to application processes, there are uninitialized fields. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed...
CVE-2019-2109 1 Google 1 Android 2019-07-09 9.3
In MakeMPEG4VideoCodecSpecificData of AVIExtractor.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed...
CVE-2019-2111 1 Google 1 Android 2019-07-09 7.5
In loop of DnsTlsSocket.cpp, there is a possible heap memory corruption due to a use after free. This could lead to remote code execution in the netd server with no additional execution privileges needed. User interaction is not needed for...
CVE-2019-2112 1 Google 1 Android 2019-07-09 7.2
In several functions of alarm.cc, there is possible memory corruption due to a use after free. This could lead to local code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product:...
CVE-2019-2113 1 Google 1 Android 2019-07-09 2.1
In setup wizard there is a bypass of some checks when wifi connection is skipped. This could lead to factory reset protection bypass with no additional privileges needed. User interaction is not needed for exploitation. Product: Android....
CVE-2019-2116 1 Google 1 Android 2019-07-09 5.0
In save_attr_seq of sdp_discovery.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for...
CVE-2019-2117 1 Google 1 Android 2019-07-09 2.1
In checkQueryPermission of TelephonyProvider.java, there is a possible disclosure of secure data due to a missing permission check. This could lead to local information disclosure about carrier systems with no additional execution privileges...
CVE-2019-2118 1 Google 1 Android 2019-07-09 2.1
In various functions of Parcel.cpp, there are uninitialized or partially initialized stack variables. These could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
CVE-2019-2119 1 Google 1 Android 2019-07-09 2.1
In multiple functions of key_store_service.cpp, there is a possible Information Disclosure due to improper locking. This could lead to local information disclosure of protected data with no additional execution privileges needed. User interaction...
CVE-2019-2105 1 Google 1 Android 2019-07-09 6.8
In FileInputStream::Read of file_input_stream.cc, there is a possible memory corruption due to uninitialized data. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User...
CVE-2018-16077 1 Google 1 Chrome 2019-07-03 4.3
Object lifecycle issue in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass content security policy via a crafted HTML page.
CVE-2019-5819 3 Google, Fedoraproject, Opensuse 4 Chrome, Fedora, Backports and 1 more 2019-07-03 4.4
Insufficient data validation in developer tools in Google Chrome on OS X prior to 74.0.3729.108 allowed a local attacker to execute arbitrary code via a crafted string copied to clipboard.
CVE-2019-5823 2 Google, Opensuse 3 Chrome, Backports, Leap 2019-07-02 5.8
Insufficient policy enforcement in service workers in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.