Filtered by vendor Google
Subscribe
Total
11915 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-27576 | 1 Google | 1 Android | 2022-04-18 | 4.3 MEDIUM | 3.3 LOW |
| Information exposure vulnerability in Samsung DeX Home prior to SMR April-2022 Release 1 allows to access currently launched foreground app information without permission | |||||
| CVE-2022-27574 | 1 Google | 1 Android | 2022-04-18 | 7.5 HIGH | 7.2 HIGH |
| Improper input validation vulnerability in parser_iloc and sheifd_find_itemIndexin fuctions of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by privileged attacker. | |||||
| CVE-2022-27573 | 1 Google | 1 Android | 2022-04-18 | 6.5 MEDIUM | 7.2 HIGH |
| Improper input validation vulnerability in parser_infe and sheifd_find_itemIndexin fuctions of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by privileged attackers. | |||||
| CVE-2022-27572 | 1 Google | 1 Android | 2022-04-18 | 10.0 HIGH | 9.8 CRITICAL |
| Heap-based buffer overflow vulnerability in parser_ipma function of libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attackers. | |||||
| CVE-2022-27571 | 1 Google | 1 Android | 2022-04-18 | 10.0 HIGH | 9.8 CRITICAL |
| Heap-based buffer overflow vulnerability in sheifd_get_info_image function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker. | |||||
| CVE-2022-27570 | 1 Google | 1 Android | 2022-04-18 | 10.0 HIGH | 9.8 CRITICAL |
| Heap-based buffer overflow vulnerability in parser_single_iref function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker. | |||||
| CVE-2022-27569 | 1 Google | 1 Android | 2022-04-18 | 10.0 HIGH | 9.8 CRITICAL |
| Heap-based buffer overflow vulnerability in parser_infe function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker. | |||||
| CVE-2022-27568 | 1 Google | 1 Android | 2022-04-18 | 10.0 HIGH | 9.8 CRITICAL |
| Heap-based buffer overflow vulnerability in parser_iloc function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker. | |||||
| CVE-2022-27567 | 1 Google | 1 Android | 2022-04-18 | 7.5 HIGH | 9.8 CRITICAL |
| Null pointer dereference vulnerability in parser_hvcC function of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attackers. | |||||
| CVE-2022-26099 | 1 Google | 1 Android | 2022-04-18 | 6.4 MEDIUM | 9.1 CRITICAL |
| Null pointer dereference vulnerability in parser_infe function of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds read by remote attackers. | |||||
| CVE-2018-4878 | 6 Adobe, Apple, Google and 3 more | 10 Flash Player, Macos, Chrome Os and 7 more | 2022-04-18 | 7.5 HIGH | 9.8 CRITICAL |
| A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack can lead to arbitrary code execution. This was exploited in the wild in January and February 2018. | |||||
| CVE-2022-20081 | 2 Google, Mediatek | 27 Android, Mt6580, Mt6735 and 24 more | 2022-04-18 | 4.3 MEDIUM | 5.9 MEDIUM |
| In A-GPS, there is a possible man in the middle attack due to improper certificate validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06461919; Issue ID: ALPS06461919. | |||||
| CVE-2022-20080 | 2 Google, Mediatek | 34 Android, Mt6580, Mt6735 and 31 more | 2022-04-18 | 6.9 MEDIUM | 6.4 MEDIUM |
| In SUB2AF, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05881290; Issue ID: ALPS05881290. | |||||
| CVE-2022-20077 | 2 Google, Mediatek | 17 Android, Mt6781, Mt6785 and 14 more | 2022-04-18 | 6.9 MEDIUM | 6.4 MEDIUM |
| In vow, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05837742; Issue ID: ALPS05852812. | |||||
| CVE-2022-20076 | 2 Google, Mediatek | 63 Android, Mt6580, Mt6731 and 60 more | 2022-04-18 | 2.1 LOW | 4.4 MEDIUM |
| In ged, there is a possible memory corruption due to an incorrect error handling. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05838808; Issue ID: ALPS05839556. | |||||
| CVE-2022-20075 | 2 Google, Mediatek | 63 Android, Mt6580, Mt6731 and 60 more | 2022-04-18 | 7.2 HIGH | 6.7 MEDIUM |
| In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05838808; Issue ID: ALPS05838808. | |||||
| CVE-2022-20063 | 2 Google, Mediatek | 8 Android, Mt6765, Mt8385 and 5 more | 2022-04-15 | 6.9 MEDIUM | 6.5 MEDIUM |
| In atf (spm), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06171715; Issue ID: ALPS06171715. | |||||
| CVE-2022-20062 | 2 Google, Mediatek | 37 Android, Mt6765, Mt6785 and 34 more | 2022-04-15 | 7.2 HIGH | 6.7 MEDIUM |
| In mdp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05836418; Issue ID: ALPS05836418. | |||||
| CVE-2022-20052 | 2 Google, Mediatek | 46 Android, Mt6580, Mt6735 and 43 more | 2022-04-15 | 6.9 MEDIUM | 6.5 MEDIUM |
| In mdp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS05836642; Issue ID: ALPS05836642. | |||||
| CVE-2022-0466 | 1 Google | 1 Chrome | 2022-04-13 | 6.8 MEDIUM | 9.6 CRITICAL |
| Inappropriate implementation in Extensions Platform in Google Chrome prior to 98.0.4758.80 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page. | |||||