Filtered by vendor Google
Subscriptions
Total
13557 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-3070 | 1 Google | 1 Chrome | 2025-04-07 | 6.5 Medium |
| Insufficient validation of untrusted input in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2024-4766 | 2 Google, Mozilla | 2 Android, Firefox | 2025-04-04 | 4.3 Medium |
| Different techniques existed to obscure the fullscreen notification in Firefox for Android. These could have led to potential user confusion and spoofing attacks. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 126. | ||||
| CVE-2023-20908 | 1 Google | 1 Android | 2025-04-03 | 5.5 Medium |
| In several functions of SettingsState.java, there is a possible system crash loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-239415861 | ||||
| CVE-2023-20905 | 1 Google | 1 Android | 2025-04-03 | 7.8 High |
| In Mfc_Transceive of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-241387741 | ||||
| CVE-2023-20904 | 1 Google | 1 Android | 2025-04-03 | 7.8 High |
| In getTrampolineIntent of SettingsActivity.java, there is a possible launch of arbitrary activity due to an Intent mismatch in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12L Android-13Android ID: A-246300272 | ||||
| CVE-2022-20494 | 1 Google | 1 Android | 2025-04-03 | 5.5 Medium |
| In AutomaticZenRule of AutomaticZenRule.java, there is a possible persistent DoS due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-243794204 | ||||
| CVE-2022-20493 | 1 Google | 1 Android | 2025-04-03 | 7.8 High |
| In Condition of Condition.java, there is a possible way to grant notification access due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242846316 | ||||
| CVE-2022-20492 | 1 Google | 1 Android | 2025-04-03 | 7.8 High |
| In many functions of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242704043 | ||||
| CVE-2025-0246 | 2 Google, Mozilla | 2 Android, Firefox | 2025-04-03 | 6.5 Medium |
| When using an invalid protocol scheme, an attacker could spoof the address bar. *Note: This issue only affected Android operating systems. Other operating systems are unaffected.* *Note: This issue is a different issue from CVE-2025-0244. This vulnerability affects Firefox < 134. | ||||
| CVE-2018-9377 | 1 Google | 1 Android | 2025-04-03 | 8.4 High |
| In getIntentForIntentSender of ActivityManagerService.java, there is a possible way to access user metadata due to a pending intent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-25992 | 1 Google | 1 Android | 2025-04-03 | 7.8 High |
| In tmu_tz_control of tmu.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-25993 | 1 Google | 1 Android | 2025-04-03 | 8.4 High |
| In tmu_reset_tmu_trip_counter of , there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-27204 | 1 Google | 1 Android | 2025-04-03 | 8.4 High |
| In tmu_set_gov_active of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-27205 | 1 Google | 1 Android | 2025-04-03 | 8.4 High |
| there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-27206 | 1 Google | 1 Android | 2025-04-03 | 7.5 High |
| there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-27207 | 1 Google | 1 Android | 2025-04-03 | 9.1 Critical |
| Exported broadcast receivers allowing malicious apps to bypass broadcast protection. | ||||
| CVE-2024-27208 | 1 Google | 1 Android | 2025-04-03 | 8.4 High |
| there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-27209 | 1 Google | 1 Android | 2025-04-03 | 8.4 High |
| there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-27211 | 1 Google | 1 Android | 2025-04-03 | 7.7 High |
| In AtiHandleAPOMsgType of ati_Main.c, there is a possible OOB write due to a missing null check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-27212 | 1 Google | 1 Android | 2025-04-03 | 7.8 High |
| In init_data of , there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||