Vulnerabilities (CVE)

Vendor filter

Google Subscribe

Product filter

Chrome Subscribe

Filter

4159 total CVE
CVE Vendors Products Updated CVSS
CVE-2017-7376 3 Xmlsoft, Debian, Google 3 Libxml2, Debian Linux, Android 2019-05-17 10.0
Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects.
CVE-2018-10237 2 Google, Redhat 6 Guava, Jboss Enterprise Application Platform, Openstack and 3 more 2019-05-16 4.3
Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the...
CVE-2019-1999 1 Google 1 Android 2019-05-14 7.2
In binder_alloc_free_page of binder_alloc.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed...
CVE-2017-13215 1 Google 1 Android 2019-05-14 7.2
A elevation of privilege vulnerability in the Upstream kernel skcipher. Product: Android. Versions: Android kernel. Android ID: A-64386293. References: Upstream kernel.
CVE-2019-5736 10 Docker, Google, Linuxcontainers and 7 more 12 Docker, Kubernetes Engine, Lxc and 9 more 2019-05-13 9.3
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these...
CVE-2018-6065 4 Google, Debian, Redhat and 1 more 6 Chrome, Debian Linux, Enterprise Linux Desktop and 3 more 2019-05-13 6.8
Integer overflow in computing the required allocation size when instantiating a new javascript object in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2018-6243 1 Google 1 Android 2019-05-10 7.2
NVIDIA Tegra TLK Widevine Trust Application contains a vulnerability in which missing the input parameter checking of video metadata count may lead to Arbitrary Code Execution, Denial of Service or Escalation of Privileges. Android ID:...
CVE-2019-2049 1 Google 1 Android 2019-05-09 7.2
In SendMediaUpdate and SendFolderUpdate of avrcp_service.cc, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege in the Bluetooth service with no additional execution privileges needed....
CVE-2019-2050 1 Google 1 Android 2019-05-09 7.2
In tearDownClientInterface of WificondControl.java, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2019-2051 1 Google 1 Android 2019-05-09 7.8
In heap of spaces.h, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure when processing a proxy auto config file with no additional execution privileges needed. User...
CVE-2017-3544 4 Oracle, Redhat, Debian and 1 more 13 Jrockit, Jre, Jdk and 10 more 2019-05-09 4.3
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to...
CVE-2019-2054 1 Google 1 Android 2019-05-09 4.6
In the seccomp implementation prior to kernel version 4.8, there is a possible seccomp bypass due to seccomp policies that allow the use of ptrace. This could lead to local escalation of privilege with no additional execution privileges needed....
CVE-2019-2045 1 Google 1 Android 2019-05-09 10.0
In JSCallTyper of typer.cc, there is an out of bounds write due to an incorrect bounds check. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for...
CVE-2019-2044 1 Google 1 Android 2019-05-09 9.3
In MakeMP>G4VideoCodecSpecificData of APacketSource.cpp, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote code execution in the media server with no additional execution privileges needed. User...
CVE-2019-2046 1 Google 1 Android 2019-05-09 10.0
In CalculateInstanceSizeForDerivedClass of objects.cc, there is possible memory corruption due to an integer overflow. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User...
CVE-2019-2047 1 Google 1 Android 2019-05-09 10.0
In UpdateLoadElement of ic.cc, there is a possible out-of-bounds write due to type confusion. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for...
CVE-2019-2043 1 Google 1 Android 2019-05-09 6.9
In SmsDefaultDialog.onStart of SmsDefaultDialog.java, there is a possible escalation of privilege due to an overlay attack. This could lead to local escalation of privilege, granting privileges to a local app without the user's informed consent,...
CVE-2019-2052 1 Google 1 Android 2019-05-08 7.8
In VisitPointers of heap.cc, there is a possible out-of-bounds read due to type confusion. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product:...
CVE-2019-2053 1 Google 1 Android 2019-05-08 4.9
In wnm_parse_neighbor_report_elem of wnm_sta.c, there is a possible out-of-bounds read due to missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
CVE-2017-13194 2 Google, Debian 2 Android, Debian Linux 2019-05-06 7.8
A vulnerability in the Android media framework (libvpx) related to odd frame width. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-64710201.