VYPR

Vendor CVEs

Google

All CVEs

11,338 total · sorted by risk
  • CVE-2024-29747Apr 5, 2024
    risk 0.00cvss epss 0.00

    In _dvfs_get_lv of dvfs.c, there is a possible out of bounds read due to a missing null check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-29746Apr 5, 2024
    risk 0.00cvss epss 0.00

    In lpm_req_handler of lpm.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-29744Apr 5, 2024
    risk 0.00cvss epss 0.00

    In tmu_get_gov_time_windows, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-29743Apr 5, 2024
    risk 0.00cvss epss 0.00

    In tmu_set_temp_lut of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-29742Apr 5, 2024
    risk 0.00cvss epss 0.00

    In apply_minlock_constraint of dvfs.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-29741Apr 5, 2024
    risk 0.00cvss epss 0.00

    In pblS2mpuResume of s2mpu.c, there is a possible mitigation bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-29740Apr 5, 2024
    risk 0.00cvss epss 0.00

    In tmu_set_table of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-29739Apr 5, 2024
    risk 0.00cvss epss 0.00

    In tmu_get_temp_lut of tmu.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-29738Apr 5, 2024
    risk 0.00cvss epss 0.00

    In gov_init, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-27232Apr 5, 2024
    risk 0.00cvss epss 0.00

    In asn1_ec_pkey_parse of asn1_common.c, there is a possible OOB read due to a missing null check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-27231Apr 5, 2024
    risk 0.00cvss epss 0.00

    In tmu_get_tr_stats of tmu.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-22004Apr 5, 2024
    risk 0.00cvss epss 0.00

    Due to length check, an attacker with privilege access on a Linux Nonsecure operating system can trigger a vulnerability and leak the secure memory from the Trusted Application

  • CVE-2023-48426Apr 5, 2024
    risk 0.00cvss epss 0.00

    u-boot bug that allows for u-boot shell and interrupt over UART

  • CVE-2024-2886Mar 26, 2024
    risk 0.00cvss epss 0.02

    Use after free in WebCodecs in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-2885Mar 26, 2024
    risk 0.00cvss epss 0.01

    Use after free in Dawn in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-2883Mar 26, 2024
    risk 0.00cvss epss 0.03

    Use after free in ANGLE in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

  • CVE-2024-2631Mar 20, 2024
    risk 0.00cvss epss 0.01

    Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2024-2630Mar 20, 2024
    risk 0.00cvss epss 0.01

    Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2024-2629Mar 20, 2024
    risk 0.00cvss epss 0.01

    Incorrect security UI in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2024-2628Mar 20, 2024
    risk 0.00cvss epss 0.01

    Inappropriate implementation in Downloads in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted URL. (Chromium security severity: Medium)

  • CVE-2024-2627Mar 20, 2024
    risk 0.00cvss epss 0.01

    Use after free in Canvas in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2024-2626Mar 20, 2024
    risk 0.00cvss epss 0.01

    Out of bounds read in Swiftshader in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2024-2625Mar 20, 2024
    risk 0.00cvss epss 0.01

    Object lifecycle issue in V8 in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-2400Mar 13, 2024
    risk 0.00cvss epss 0.01

    Use after free in Performance Manager in Google Chrome prior to 122.0.6261.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-27237Mar 11, 2024
    risk 0.00cvss epss 0.00

    In wipe_ns_memory of nsmemwipe.c, there is a possible incorrect size calculation due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-27236Mar 11, 2024
    risk 0.00cvss epss 0.00

    In aoc_unlocked_ioctl of aoc.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-27235Mar 11, 2024
    risk 0.00cvss epss 0.00

    In plugin_extern_func of , there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-27234Mar 11, 2024
    risk 0.00cvss epss 0.00

    In fvp_set_target of fvp.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-27233Mar 11, 2024
    risk 0.00cvss epss 0.00

    In ppcfw_init_secpolicy of ppcfw.c, there is a possible permission bypass due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-27230Mar 11, 2024
    risk 0.00cvss epss 0.00

    In ProtocolPsKeepAliveStatusAdapter::getCode() of protocolpsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for…

  • CVE-2024-27229Mar 11, 2024
    risk 0.00cvss epss 0.00

    In ss_SendCallBarringPwdRequiredIndMsg of ss_CallBarring.c, there is a possible null pointer deref due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-27228Mar 11, 2024
    risk 0.00cvss epss 0.01

    there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-27227Mar 11, 2024
    risk 0.00cvss epss 0.00

    A malicious DNS response can trigger a number of OOB reads, writes, and other memory issues

  • CVE-2024-27226Mar 11, 2024
    risk 0.00cvss epss 0.00

    In tmu_config_gov_params of , there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-27225Mar 11, 2024
    risk 0.00cvss epss 0.00

    In sendHciCommand of bluetooth_hci.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-27224Mar 11, 2024
    risk 0.00cvss epss 0.00

    In strncpy of strncpy.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-27223Mar 11, 2024
    risk 0.00cvss epss 0.00

    In EUTRAN_LCS_DecodeFacilityInformationElement of LPP_LcsManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure after authenticating the cell connection with no additional execution privileges needed.…

  • CVE-2024-27222Mar 11, 2024
    risk 0.00cvss epss 0.00

    In onSkipButtonClick of FaceEnrollFoldPage.java, there is a possible way to access the file the app cannot access due to Intent Redirect GRANT_URI_PERMISSIONS Attack. This could lead to local escalation of privilege with no additional execution privileges needed. User…

  • CVE-2024-27221Mar 11, 2024
    risk 0.00cvss epss 0.00

    In update_policy_data of , there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-27220Mar 11, 2024
    risk 0.00cvss epss 0.00

    In lpm_req_handler of , there is a possible out of bounds memory access due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-27219Mar 11, 2024
    risk 0.00cvss epss 0.00

    In tmu_set_pi of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-27218Mar 11, 2024
    risk 0.00cvss epss 0.00

    In update_freq_data of , there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-27213Mar 11, 2024
    risk 0.00cvss epss 0.00

    In BroadcastSystemMessage of servicemgr.cpp, there is a possible Remote Code Execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-27212Mar 11, 2024
    risk 0.00cvss epss 0.00

    In init_data of , there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-27211Mar 11, 2024
    risk 0.00cvss epss 0.00

    In AtiHandleAPOMsgType of ati_Main.c, there is a possible OOB write due to a missing null check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-27210Mar 11, 2024
    risk 0.00cvss epss 0.00

    In policy_check of fvp.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-27209Mar 11, 2024
    risk 0.00cvss epss 0.00

    there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-27208Mar 11, 2024
    risk 0.00cvss epss 0.00

    there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-27207Mar 11, 2024
    risk 0.00cvss epss 0.00

    Exported broadcast receivers allowing malicious apps to bypass broadcast protection.

  • CVE-2024-27206Mar 11, 2024
    risk 0.00cvss epss 0.00

    there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Page 197 of 227