Export limit exceeded: 347261 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (13942 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-3516 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-03-13 | 8.8 High |
| Heap buffer overflow in ANGLE in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-20129 | 2 Google, Mediatek | 47 Android, Mt6580, Mt6739 and 44 more | 2025-03-13 | 7.5 High |
| In Telephony, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09289881; Issue ID: MSV-2025. | ||||
| CVE-2024-9965 | 2 Google, Microsoft | 2 Chrome, Windows | 2025-03-13 | 8.8 High |
| Insufficient data validation in DevTools in Google Chrome on Windows prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2024-5840 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-03-13 | 6.5 Medium |
| Policy bypass in CORS in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2024-20111 | 2 Google, Mediatek | 11 Android, Mt6765, Mt6768 and 8 more | 2025-03-13 | 6.7 Medium |
| In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09065033; Issue ID: MSV-1754. | ||||
| CVE-2024-20075 | 2 Google, Mediatek | 11 Android, Mt6833, Mt6853 and 8 more | 2025-03-13 | 6.7 Medium |
| In eemgpu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08713302; Issue ID: MSV-1393. | ||||
| CVE-2024-12693 | 1 Google | 1 Chrome | 2025-03-13 | 8 High |
| Out of bounds memory access in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-31332 | 1 Google | 1 Android | 2025-03-13 | 8.4 High |
| In multiple locations, there is a possible way to bypass a restriction on adding new Wi-Fi connections due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-29779 | 1 Google | 1 Android | 2025-03-13 | 7.4 High |
| there is a possible escalation of privilege due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-20114 | 2 Google, Mediatek | 11 Android, Mt6765, Mt6768 and 8 more | 2025-03-13 | 6.7 Medium |
| In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09037038; Issue ID: MSV-1714. | ||||
| CVE-2024-0019 | 1 Google | 1 Android | 2025-03-13 | 6.2 Medium |
| In setListening of AppOpsControllerImpl.java, there is a possible way to hide the microphone privacy indicator when restarting systemUI due to a missing check for active recordings. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2023-21113 | 1 Google | 1 Android | 2025-03-13 | 7.8 High |
| In multiple locations, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-6996 | 1 Google | 1 Chrome | 2025-03-13 | 3.1 Low |
| Race in Frames in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2024-3168 | 1 Google | 1 Chrome | 2025-03-13 | 8.8 High |
| Use after free in DevTools in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2024-32910 | 1 Google | 1 Android | 2025-03-13 | 5.5 Medium |
| In handle_msg_shm_map_req of trusty/user/base/lib/spi/srv/tipc/tipc.c, there is a possible stack data disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-32898 | 1 Google | 1 Android | 2025-03-13 | 4.7 Medium |
| In ProtocolCellIdentityParserV4::Parse() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User Interaction is not needed for exploitation. | ||||
| CVE-2024-20022 | 5 Google, Linuxfoundation, Mediatek and 2 more | 34 Android, Yocto, Mt2737 and 31 more | 2025-03-13 | 6.7 Medium |
| In lk, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08528255; Issue ID: ALPS08528255. | ||||
| CVE-2017-13322 | 1 Google | 1 Android | 2025-03-13 | 5.5 Medium |
| In endCallForSubscriber of PhoneInterfaceManager.java, there is a possible way to prevent access to emergency services due to a logic error in the code. This could lead to a local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-2940 | 1 Google | 1 Chrome | 2025-03-12 | 6.5 Medium |
| Inappropriate implementation in Downloads in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2022-47454 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-03-12 | 5.5 Medium |
| In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. | ||||