VYPR

Vendor CVEs

Google

All CVEs

11,367 total · sorted by risk
  • CVE-2025-0443Jan 15, 2025
    risk 0.00cvss epss 0.00

    Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2025-0442Jan 15, 2025
    risk 0.00cvss epss 0.00

    Inappropriate implementation in Payments in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2025-0441Jan 15, 2025
    risk 0.00cvss epss 0.00

    Inappropriate implementation in Fenced Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to obtain potentially sensitive information from the system via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2025-0440Jan 15, 2025
    risk 0.00cvss epss 0.00

    Inappropriate implementation in Fullscreen in Google Chrome on Windows prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2025-0439Jan 15, 2025
    risk 0.00cvss epss 0.00

    Race in Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2025-0438Jan 15, 2025
    risk 0.00cvss epss 0.00

    Stack buffer overflow in Tracing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2025-0437Jan 15, 2025
    risk 0.00cvss epss 0.00

    Out of bounds read in Metrics in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2025-0436Jan 15, 2025
    risk 0.00cvss epss 0.00

    Integer overflow in Skia in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2025-0435Jan 15, 2025
    risk 0.00cvss epss 0.00

    Inappropriate implementation in Navigation in Google Chrome on Android prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-35685Jan 8, 2025
    risk 0.00cvss epss 0.00

    In DevmemIntMapPages of devicemem_server.c, there is a possible physical page uaf due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-53842Jan 3, 2025
    risk 0.00cvss epss 0.00

    In cc_SendCcImsInfoIndMsg of cc_MmConManagement.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-53841Jan 3, 2025
    risk 0.00cvss epss 0.00

    In startListeningForDeviceStateChanges, there is a possible Permission Bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-53840Jan 3, 2025
    risk 0.00cvss epss 0.00

    there is a possible biometric bypass due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-53839Jan 3, 2025
    risk 0.00cvss epss 0.00

    In GetCellInfoList() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User Interaction is not needed for exploitation.

  • CVE-2024-53838Jan 3, 2025
    risk 0.00cvss epss 0.00

    In Exynos_parsing_user_data_registered_itu_t_t35 of VendorVideoAPI.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2024-53837Jan 3, 2025
    risk 0.00cvss epss 0.00

    In prepare_response of lwis_periodic_io.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-53836Jan 3, 2025
    risk 0.00cvss epss 0.00

    In wbrc_bt_dev_write of wb_regon_coordinator.c, there is a possible out of bounds write due to a buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-53835Jan 3, 2025
    risk 0.00cvss epss 0.00

    there is a possible biometric bypass due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-53834Jan 3, 2025
    risk 0.00cvss epss 0.00

    In sms_DisplayHexDumpOfPrivacyBuffer of sms_Utilities.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-53833Jan 3, 2025
    risk 0.00cvss epss 0.00

    In prepare_response_locked of lwis_transaction.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-47032Jan 3, 2025
    risk 0.00cvss epss 0.00

    In construct_transaction_from_cmd of lwis_ioctl.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-11624Jan 3, 2025
    risk 0.00cvss epss 0.00

    there is a possible to add apps to bypass VPN due to Undeclared Permission . This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-43769Jan 2, 2025
    risk 0.00cvss epss 0.00

    In isPackageDeviceAdmin of PackageManagerService.java, there is a possible edge case which could prevent the uninstallation of CloudDpc due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User…

  • CVE-2024-43768Jan 2, 2025
    risk 0.00cvss epss 0.00

    In skia_alloc_func of SkDeflate.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-43767Jan 2, 2025
    risk 0.00cvss epss 0.00

    In prepare_to_draw_into_mask of SkBlurMaskFilterImpl.cpp, there is a possible heap overflow due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-43764Jan 2, 2025
    risk 0.00cvss epss 0.00

    In onPrimaryClipChanged of ClipboardListener.java, there is a possible way to partially bypass lock screen. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-43762Jan 2, 2025
    risk 0.00cvss epss 0.00

    In multiple locations, there is a possible way to avoid unbinding of a service from the system due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-43097Jan 2, 2025
    risk 0.00cvss epss 0.00

    In resizeToAtLeast of SkRegion.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-43077Jan 2, 2025
    risk 0.00cvss epss 0.00

    In DevmemValidateFlags of devicemem_server.c , there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-12695Dec 18, 2024
    risk 0.00cvss epss 0.00

    Out of bounds write in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-12694Dec 18, 2024
    risk 0.00cvss epss 0.00

    Use after free in Compositing in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-12693Dec 18, 2024
    risk 0.00cvss epss 0.00

    Out of bounds memory access in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-12692Dec 18, 2024
    risk 0.00cvss epss 0.06

    Type Confusion in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-47040Dec 18, 2024
    risk 0.00cvss epss 0.00

    There is a possible UAF due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-47039Dec 18, 2024
    risk 0.00cvss epss 0.00

    In isSlotMarkedSuccessful of BootControl.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local  information disclosure with no additional execution privileges needed. User  interaction is not needed for exploitation.

  • CVE-2024-47038Dec 18, 2024
    risk 0.00cvss epss 0.00

    In dhd_prot_flowrings_pool_release of dhd_msgbuf.c, there is a possible outcof bounds write due to a missing bounds check. This could lead to localcescalation of privilege with no additional execution privileges needed. Usercinteraction is not needed for exploitation.

  • CVE-2024-12236Dec 10, 2024
    risk 0.00cvss epss 0.00

    A security issue exists in Vertex Gemini API for customers using VPC-SC. By utilizing a custom crafted file URI for image input, data exfiltration is possible due to requests being routed outside the VPC-SC security perimeter, circumventing the intended security restrictions of…

  • CVE-2018-9391Dec 5, 2024
    risk 0.00cvss epss 0.00

    In update_gps_sv and output_vzw_debug of vendor/mediatek/proprietary/hardware/connectivity/gps/gps_hal/src/gpshal_wor ker.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System …

  • CVE-2018-9390Dec 5, 2024
    risk 0.00cvss epss 0.00

    In procfile_write of gl_proc.c, there is a possible out of bounds read of a function pointer due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2018-9388Dec 5, 2024
    risk 0.00cvss epss 0.00

    In store_upgrade and store_cmd of drivers/input/touchscreen/stm/ftm4_pdc.c, there are out of bound writes due to missing bounds checks or integer underflows. These could lead to escalation of privilege.

  • CVE-2018-9386Dec 5, 2024
    risk 0.00cvss epss 0.00

    In reboot_block_command of htc reboot_block driver, there is a possible stack buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2017-13308Dec 5, 2024
    risk 0.00cvss epss 0.00

    In tscpu_write_GPIO_out and mtkts_Abts_write of mtk_ts_Abts.c, there is a possible buffer overflow in an sscanf due to improper input validation. This could lead to a local escalation of privilege with System execution privileges needed. User interaction is not needed for…

  • CVE-2018-9463Dec 4, 2024
    risk 0.00cvss epss 0.00

    In sw49408_irq_runtime_engine_debug of touch_sw49408.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2018-9462Dec 4, 2024
    risk 0.00cvss epss 0.00

    In store_cmd of ftm4_pdc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2018-9439Dec 4, 2024
    risk 0.00cvss epss 0.00

    In __unregister_prot_hook and packet_release of af_packet.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for…

  • CVE-2018-9416Dec 4, 2024
    risk 0.00cvss epss 0.00

    In sg_remove_scat of scsi/sg.c, there is a possible memory corruption due to an unusual root cause. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2018-9408Dec 4, 2024
    risk 0.00cvss epss 0.00

    In m3326_gps_write and m3326_gps_read of gps.s, there is a possible Out Of Bounds Read due to a missing bounds check. This could lead to a local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2018-9407Dec 4, 2024
    risk 0.00cvss epss 0.00

    In emmc_rpmb_ioctl of emmc_rpmb.c, there is an Information Disclosure due to a Missing Bounds Check. This could lead to Information Disclosure of kernel data.

  • CVE-2018-9404Dec 4, 2024
    risk 0.00cvss epss 0.00

    In oemCallback of ril.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2018-9403Dec 4, 2024
    risk 0.00cvss epss 0.00

    In the MTK_FLP_MSG_HAL_DIAG_REPORT_DATA_NTF handler of flp2hal_- interface.c, there is a possible stack buffer overflow due to a missing bounds check. This could lead to local escalation of privilege in a privileged process with System execution privileges needed.…

Page 187 of 228