Vulnerabilities (CVE)

Vendor filter

Google Subscribe

Filter

4189 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-10237 2 Google, Redhat 6 Guava, Jboss Enterprise Application Platform, Openstack and 3 more 2019-06-12 4.3
Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the...
CVE-2019-2102 1 Google 1 Android 2019-06-11 8.3
In the Bluetooth Low Energy (BLE) specification, there is a provided example Long Term Key (LTK). If a BLE device were to use this as a hardcoded LTK, it is theoretically possible for a proximate attacker to remotely inject keystrokes on a paired...
CVE-2019-2093 1 Google 1 Android 2019-06-11 9.3
In huff_dec_1D of nlc_dec.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product:...
CVE-2019-2095 1 Google 1 Android 2019-06-11 7.6
In callGenIDChangeListeners and related functions of SkPixelRef.cpp, there is a possible use after free due to a race condition. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed...
CVE-2019-2091 1 Google 1 Android 2019-06-11 7.2
In GetPermittedAccessibilityServicesForUser of DevicePolicyManagerService.java, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege, with no additional permissions required....
CVE-2019-2092 1 Google 1 Android 2019-06-11 7.2
In isSeparateProfileChallengeAllowed of DevicePolicyManagerService.java, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege, with no additional permissions required. User...
CVE-2019-2094 1 Google 1 Android 2019-06-11 9.3
In parseMPEGCCData of NuPlayerCCDecoder.cpp, there is a possible out of bounds write due to missing bounds checks. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for...
CVE-2019-2099 1 Google 1 Android 2019-06-11 9.3
In nfa_rw_store_ndef_rx_buf of nfa_rw_act.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...
CVE-2019-2096 1 Google 1 Android 2019-06-11 7.2
In EffectRelease of EffectBundle.cpp, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege in the audio server with no additional execution privileges needed. User interaction is not needed...
CVE-2019-2098 1 Google 1 Android 2019-06-11 7.2
In areNotificationsEnabledForPackage of NotificationManagerService.java, there is a possible permissions bypass due to a missing permissions check. This could lead to local escalation of privilege, with no additional privileges needed. User...
CVE-2019-2097 1 Google 1 Android 2019-06-11 10.0
In HAliasAnalyzer.Query of hydrogen-alias-analysis.h, there is possible memory corruption due to type confusion. This could lead to remote code execution from a malicious proxy configuration, with no additional execution privileges needed. User...
CVE-2019-2101 1 Google 1 Android 2019-06-11 4.9
In uvc_parse_standard_control of uvc_driver.c, there is a possible out-of-bound read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed...
CVE-2019-2090 1 Google 1 Android 2019-06-10 4.6
In isPackageDeviceAdminOnAnyUser of PackageManagerService.java, there is a possible permissions bypass due to a missing permissions check. This could lead to local escalation of privilege, with no additional permissions required. User interaction...
CVE-2019-12762 6 Fujitsu, Google, Samsung and 3 more 8 Arrows Nx F005-f Firmware, Nexus 7 Firmware, Nexus 9 Firmware and 5 more 2019-06-10 1.9
Xiaomi Mi 5s Plus devices allow attackers to trigger touchscreen anomalies via a radio signal between 198 kHz and 203 kHz, as demonstrated by a transmitter and antenna hidden just beneath the surface of a coffee-shop table, aka Ghost Touch.
CVE-2019-5798 2 Google, Debian 2 Chrome, Debian Linux 2019-06-10 4.3
Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2018-18356 5 Google, Debian, Redhat and 2 more 10 Chrome, Debian Linux, Enterprise Linux Desktop and 7 more 2019-06-03 6.8
An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5736 10 Docker, Google, Linuxcontainers and 7 more 12 Docker, Kubernetes Engine, Lxc and 9 more 2019-06-03 9.3
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these...
CVE-2017-0509 1 Google 1 Android 2019-05-30 9.3
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local...
CVE-2017-0400 1 Google 1 Android 2019-05-30 4.3
An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it...
CVE-2016-6710 1 Google 1 Android 2019-05-30 4.3
An information disclosure vulnerability in the download manager in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to bypass operating system protections...