Filtered by vendor Google
Subscribe
Total
11915 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-0158 | 1 Google | 1 Android | 2020-06-11 | 2.1 LOW | 4.4 MEDIUM |
| In nfc_ncif_proc_t3t_polling_ntf of nfc_ncif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141547128 | |||||
| CVE-2020-0159 | 1 Google | 1 Android | 2020-06-11 | 3.5 LOW | 5.5 MEDIUM |
| In rw_mfc_writeBlock of rw_mfc.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-140768035 | |||||
| CVE-2020-0162 | 1 Google | 1 Android | 2020-06-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| In parseSampleAuxiliaryInformationOffsets of MPEG4Extractor.cpp, there is possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-124526959 | |||||
| CVE-2020-0163 | 1 Google | 1 Android | 2020-06-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| In parseSampleAuxiliaryInformationSizes of MPEG4Extractor.cpp, there is possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-124525515 | |||||
| CVE-2020-0164 | 1 Google | 1 Android | 2020-06-11 | 2.1 LOW | 4.4 MEDIUM |
| In phNxpNciHal_NfcDep_cmd_ext of phNxpNciHal_NfcDepSWPrio.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-139736125 | |||||
| CVE-2020-13840 | 2 Google, Lg | 35 Android, Cv1, Cv1s and 32 more | 2020-06-11 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 (MTK chipsets). Code execution can occur via an MTK AT command handler buffer overflow. The LG ID is LVE-SMP-200008 (June 2020). | |||||
| CVE-2020-13839 | 2 Google, Lg | 35 Android, Cv1, Cv1s and 32 more | 2020-06-11 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 (MTK chipsets). Code execution can occur via a custom AT command handler buffer overflow. The LG ID is LVE-SMP-200007 (June 2020). | |||||
| CVE-2020-13831 | 2 Google, Samsung | 2 Android, Exynos 7570 | 2020-06-08 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (Exynos 7570 chipsets) software. The Trustonic Kinibi component allows arbitrary memory mapping. The Samsung ID is SVE-2019-16665 (June 2020). | |||||
| CVE-2020-13829 | 1 Google | 1 Android | 2020-06-07 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Attackers can disable the SEAndroid protection mechanism in the RKP. The Samsung ID is SVE-2019-15998 (June 2020). | |||||
| CVE-2020-13833 | 1 Google | 1 Android | 2020-06-07 | 6.4 MEDIUM | 9.1 CRITICAL |
| An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. The system area allows arbitrary file overwrites via a symlink attack. The Samsung ID is SVE-2020-17183 (June 2020). | |||||
| CVE-2020-13834 | 1 Google | 1 Android | 2020-06-07 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (with TEEGRIS) software. Secure Folder does not properly restrict use of Android Debug Bridge (adb) for arbitrary installations. The Samsung ID is SVE-2020-17369 (June 2020). | |||||
| CVE-2020-13836 | 1 Google | 1 Android | 2020-06-07 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. HWRResProvider allows path traversal for data exposure. The Samsung ID is SVE-2020-16954 (June 2020). | |||||
| CVE-2011-0784 | 1 Google | 1 Chrome | 2020-06-05 | 6.8 MEDIUM | N/A |
| Race condition in Google Chrome before 9.0.597.84 allows remote attackers to execute arbitrary code via vectors related to audio. | |||||
| CVE-2011-0783 | 2 Debian, Google | 2 Debian Linux, Chrome | 2020-06-04 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Google Chrome before 9.0.597.84 allows user-assisted remote attackers to cause a denial of service (application crash) via vectors involving a "bad volume setting." | |||||
| CVE-2011-0781 | 1 Google | 1 Chrome | 2020-06-04 | 7.5 HIGH | N/A |
| Google Chrome before 9.0.597.84 does not properly handle autofill profile merging, which has unspecified impact and remote attack vectors. | |||||
| CVE-2011-0780 | 1 Google | 1 Chrome | 2020-06-04 | 6.8 MEDIUM | N/A |
| The PDF event handler in Google Chrome before 9.0.597.84 does not properly interact with print operations, which allows user-assisted remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2011-0779 | 2 Debian, Google | 2 Debian Linux, Chrome | 2020-06-04 | 5.0 MEDIUM | N/A |
| Google Chrome before 9.0.597.84 does not properly handle a missing key in an extension, which allows remote attackers to cause a denial of service (application crash) via a crafted extension. | |||||
| CVE-2011-0777 | 1 Google | 1 Chrome | 2020-06-04 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 9.0.597.84 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to image loading. | |||||
| CVE-2010-4008 | 9 Apache, Apple, Canonical and 6 more | 15 Openoffice, Iphone Os, Itunes and 12 more | 2020-06-04 | 4.3 MEDIUM | N/A |
| libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document. | |||||
| CVE-2011-0983 | 3 Apple, Debian, Google | 5 Iphone Os, Itunes, Safari and 2 more | 2020-06-04 | 7.5 HIGH | N/A |
| Google Chrome before 9.0.597.94 does not properly handle anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | |||||