VYPR

Vendor CVEs

Google

All CVEs

11,473 total · sorted by risk
  • CVE-2019-2081HigSep 27, 2019
    risk 0.57cvss 8.8epss 0.01

    In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116473261

  • CVE-2019-2080HigSep 27, 2019
    risk 0.57cvss 8.8epss 0.01

    In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118619159

  • CVE-2019-2078HigSep 27, 2019
    risk 0.57cvss 8.8epss 0.01

    In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-114749542

  • CVE-2019-2076HigSep 27, 2019
    risk 0.57cvss 8.8epss 0.01

    In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115907334

  • CVE-2019-2075HigSep 27, 2019
    risk 0.57cvss 8.8epss 0.01

    In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115908308

  • CVE-2019-2074HigSep 27, 2019
    risk 0.57cvss 8.8epss 0.01

    In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116617847

  • CVE-2019-2073HigSep 27, 2019
    risk 0.57cvss 8.8epss 0.01

    In libxaac there is a possible out of bounds write to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117100484

  • CVE-2019-2072HigSep 27, 2019
    risk 0.57cvss 8.8epss 0.01

    In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116117112

  • CVE-2019-2071HigSep 27, 2019
    risk 0.57cvss 8.8epss 0.01

    In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117216549

  • CVE-2019-2070HigSep 27, 2019
    risk 0.57cvss 8.8epss 0.01

    In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117883804

  • CVE-2019-2069HigSep 27, 2019
    risk 0.57cvss 8.8epss 0.01

    In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117832864

  • CVE-2019-2068HigSep 27, 2019
    risk 0.57cvss 8.8epss 0.01

    In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117099943

  • CVE-2019-2067HigSep 27, 2019
    risk 0.57cvss 8.8epss 0.01

    In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116114402

  • CVE-2019-2066HigSep 27, 2019
    risk 0.57cvss 8.8epss 0.01

    In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117100617

  • CVE-2019-2065HigSep 27, 2019
    risk 0.57cvss 8.8epss 0.01

    In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118143575

  • CVE-2019-2064HigSep 27, 2019
    risk 0.57cvss 8.8epss 0.01

    In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116469592

  • CVE-2019-2063HigSep 27, 2019
    risk 0.57cvss 8.8epss 0.01

    In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in the media server with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions:…

  • CVE-2019-2062HigSep 27, 2019
    risk 0.57cvss 8.8epss 0.01

    In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117660045

  • CVE-2019-2061HigSep 27, 2019
    risk 0.57cvss 8.8epss 0.01

    In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112610994

  • CVE-2019-2059HigSep 27, 2019
    risk 0.57cvss 8.8epss 0.01

    In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118386824

  • CVE-2019-2055HigSep 27, 2019
    risk 0.57cvss 8.8epss 0.01

    In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113164693

  • CVE-2019-2177HigSep 5, 2019
    risk 0.57cvss 8.8epss 0.01

    In isPreferred of HidProfile.java in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is a possible device type confusion due to a permissions bypass. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.

  • CVE-2019-2109HigJul 8, 2019
    risk 0.57cvss 8.8epss 0.01

    In MakeMPEG4VideoCodecSpecificData of AVIExtractor.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product:…

  • CVE-2019-2106HigJul 8, 2019
    risk 0.57cvss 8.8epss 0.01

    In ihevcd_sao_shift_ctb of ihevcd_sao.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:…

  • CVE-2019-2105HigJul 8, 2019
    risk 0.57cvss 8.8epss 0.01

    In FileInputStream::Read of file_input_stream.cc, there is a possible memory corruption due to uninitialized data. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation.…

  • CVE-2019-5836HigJun 27, 2019
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in ANGLE in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-5831HigJun 27, 2019
    risk 0.57cvss 8.8epss 0.02

    Object lifecycle issue in V8 in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-5829HigJun 27, 2019
    risk 0.57cvss 8.8epss 0.01

    Integer overflow in download manager in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

  • CVE-2019-5828HigJun 27, 2019
    risk 0.57cvss 8.8epss 0.01

    Object lifecycle issue in ServiceWorker in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

  • CVE-2019-5827HigJun 27, 2019
    risk 0.57cvss 8.8epss 0.02

    Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-5824HigJun 27, 2019
    risk 0.57cvss 8.8epss 0.01

    Parameter passing error in media in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-5822HigJun 27, 2019
    risk 0.57cvss 8.8epss 0.02

    Inappropriate implementation in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page.

  • CVE-2019-5821HigJun 27, 2019
    risk 0.57cvss 8.8epss 0.01

    Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

  • CVE-2019-5820HigJun 27, 2019
    risk 0.57cvss 8.8epss 0.01

    Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

  • CVE-2019-5817HigJun 27, 2019
    risk 0.57cvss 8.8epss 0.02

    Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-5816HigJun 27, 2019
    risk 0.57cvss 8.8epss 0.02

    Process lifetime issue in Chrome in Google Chrome on Android prior to 74.0.3729.108 allowed a remote attacker to potentially persist an exploited process via a crafted HTML page.

  • CVE-2019-5813HigJun 27, 2019
    risk 0.57cvss 8.8epss 0.01

    Use after free in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-5811HigJun 27, 2019
    risk 0.57cvss 8.8epss 0.01

    Incorrect handling of CORS in ServiceWorker in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page.

  • CVE-2019-5809HigJun 27, 2019
    risk 0.57cvss 8.8epss 0.02

    Use after free in file chooser in Google Chrome prior to 74.0.3729.108 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page.

  • CVE-2019-5808HigJun 27, 2019
    risk 0.57cvss 8.8epss 0.02

    Use after free in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-5807HigJun 27, 2019
    risk 0.57cvss 8.8epss 0.01

    Object lifetime issue in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-5806HigJun 27, 2019
    risk 0.57cvss 8.8epss 0.01

    Integer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2018-6161HigJun 27, 2019
    risk 0.57cvss 8.8epss 0.01

    Insufficient policy enforcement in Blink in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to bypass same origin policy via a crafted HTML page.

  • CVE-2018-6157HigJun 27, 2019
    risk 0.57cvss 8.8epss 0.01

    Type confusion in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file.

  • CVE-2018-6156HigJun 27, 2019
    risk 0.57cvss 8.8epss 0.01

    Incorect derivation of a packet length in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file.

  • CVE-2018-6154HigJun 27, 2019
    risk 0.57cvss 8.8epss 0.01

    Insufficient data validation in WebGL in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2018-6149HigJun 27, 2019
    risk 0.57cvss 8.8epss 0.01

    Type confusion in JavaScript in Google Chrome prior to 67.0.3396.87 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.

  • CVE-2018-6131HigJun 27, 2019
    risk 0.57cvss 8.8epss 0.01

    Object lifecycle issue in WebAssembly in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2018-6121HigJun 27, 2019
    risk 0.57cvss 8.8epss 0.01

    Insufficient validation of input in Blink in Google Chrome prior to 66.0.3359.170 allowed a remote attacker to perform privilege escalation via a crafted HTML page.

  • CVE-2018-6118HigJun 27, 2019
    risk 0.57cvss 8.8epss 0.01

    A double-eviction in the Incognito mode cache that lead to a user-after-free in cache in Google Chrome prior to 66.0.3359.139 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.

Page 39 of 230