CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google : Security Vulnerabilities (CVSS score between 5 and 5.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2010-1029 399 2 DoS Exec Code 2010-03-19 2019-09-26
5.0
None Remote Low Not required None None Partial
Stack consumption vulnerability in the WebCore::CSSSelector function in WebKit, as used in Apple Safari 4.0.4, Apple Safari on iPhone OS and iPhone OS for iPod touch, and Google Chrome 4.0.249, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a STYLE element composed of a large number of *> sequences.
2 CVE-2012-6301 20 1 DoS 2012-12-10 2012-12-11
5.0
None Remote Low Not required None None Partial
The Browser application in Android 4.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted market: URI in the SRC attribute of an IFRAME element.
3 CVE-2022-31055 863 2022-06-13 2022-06-27
5.0
None Remote Low Not required None Partial None
kCTF is a Kubernetes-based infrastructure for capture the flag (CTF) competitions. Prior to version 1.6.0, the kctf cluster set-src-ip-ranges was broken and allowed traffic from any IP. The problem has been patched in v1.6.0. As a workaround, those who want to test challenges privately can mark them as `public: false` and use `kctf chal debug port-forward` to connect.
4 CVE-2022-30721 20 2022-06-07 2022-06-11
5.0
None Remote Low Not required None None Partial
Improper input validation check logic vulnerability in libsmkvextractor prior to SMR Jun-2022 Release 1 allows attackers to trigger crash.
5 CVE-2022-30720 20 2022-06-07 2022-06-11
5.0
None Remote Low Not required None None Partial
Improper input validation check logic vulnerability in libsmkvextractor prior to SMR Jun-2022 Release 1 allows attackers to trigger crash.
6 CVE-2022-30719 20 2022-06-07 2022-06-11
5.0
None Remote Low Not required None None Partial
Improper input validation check logic vulnerability in libsmkvextractor prior to SMR Jun-2022 Release 1 allows attackers to trigger crash.
7 CVE-2022-30717 863 2022-06-07 2022-06-11
5.0
None Remote Low Not required None Partial None
Improper caller check in AR Emoji prior to SMR Jun-2022 Release 1 allows untrusted applications to use some camera functions via deeplink.
8 CVE-2022-30716 755 2022-06-07 2022-06-11
5.0
None Remote Low Not required Partial None None
Unprotected broadcast in sendIntentForToastDumpLog in DisplayToast prior to SMR Jun-2022 Release 1 allows untrusted applications to access toast message information from device.
9 CVE-2022-30715 862 2022-06-07 2022-06-11
5.0
None Remote Low Not required None Partial None
Improper access control vulnerability in DofViewer prior to SMR Jun-2022 Release 1 allows attackers to control floating system alert window.
10 CVE-2022-30709 20 2022-06-07 2022-06-11
5.0
None Remote Low Not required None None Partial
Improper input validation check logic vulnerability in SECRIL prior to SMR Jun-2022 Release 1 allows attackers to trigger crash.
11 CVE-2022-27825 125 2022-04-11 2022-04-18
5.8
None Remote Medium Not required Partial None Partial
Improper size check in sapefd_parse_meta_HEADER function of libsapeextractor library prior to SMR Apr-2022 Release 1 allows out of bounds read via a crafted media file.
12 CVE-2022-27824 125 2022-04-11 2022-04-18
5.8
None Remote Medium Not required Partial None Partial
Improper size check of in sapefd_parse_meta_DESCRIPTION function of libsapeextractor library prior to SMR Apr-2022 Release 1 allows out of bounds read via a crafted media file
13 CVE-2022-27823 125 2022-04-11 2022-04-18
5.8
None Remote Medium Not required Partial None Partial
Improper size check in sapefd_parse_meta_HEADER_old function of libsapeextractor library prior to SMR Apr-2022 Release 1 allows out of bounds read via a crafted media file.
14 CVE-2022-25647 502 2022-05-01 2022-05-14
5.0
None Remote Low Not required None None Partial
The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks.
15 CVE-2022-23593 754 DoS 2022-02-04 2022-02-10
5.0
None Remote Low Not required None None Partial
Tensorflow is an Open Source Machine Learning Framework. The `simplifyBroadcast` function in the MLIR-TFRT infrastructure in TensorFlow is vulnerable to a segfault (hence, denial of service), if called with scalar shapes. If all shapes are scalar, then `maxRank` is 0, so we build an empty `SmallVector`. The fix will be included in TensorFlow 2.8.0. This is the only affected version.
16 CVE-2022-23592 125 2022-02-04 2022-02-10
5.5
None Remote Low ??? Partial None Partial
Tensorflow is an Open Source Machine Learning Framework. TensorFlow's type inference can cause a heap out of bounds read as the bounds checking is done in a `DCHECK` (which is a no-op during production). An attacker can control the `input_idx` variable such that `ix` would be larger than the number of values in `node_t.args`. The fix will be included in TensorFlow 2.8.0. This is the only affected version.
17 CVE-2022-23591 400 Overflow 2022-02-04 2022-02-10
5.0
None Remote Low Not required None None Partial
Tensorflow is an Open Source Machine Learning Framework. The `GraphDef` format in TensorFlow does not allow self recursive functions. The runtime assumes that this invariant is satisfied. However, a `GraphDef` containing a fragment such as the following can be consumed when loading a `SavedModel`. This would result in a stack overflow during execution as resolving each `NodeDef` means resolving the function itself and its nodes. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
18 CVE-2022-23590 754 2022-02-04 2022-02-17
5.0
None Remote Low Not required None None Partial
Tensorflow is an Open Source Machine Learning Framework. A `GraphDef` from a TensorFlow `SavedModel` can be maliciously altered to cause a TensorFlow process to crash due to encountering a `StatusOr` value that is an error and forcibly extracting the value from it. We have patched the issue in multiple GitHub commits and these will be included in TensorFlow 2.8.0 and TensorFlow 2.7.1, as both are affected.
19 CVE-2022-23581 617 DoS 2022-02-04 2022-02-10
5.0
None Remote Low Not required None None Partial
Tensorflow is an Open Source Machine Learning Framework. The Grappler optimizer in TensorFlow can be used to cause a denial of service by altering a `SavedModel` such that `IsSimplifiableReshape` would trigger `CHECK` failures. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
20 CVE-2022-23580 400 2022-02-04 2022-02-10
5.0
None Remote Low Not required None None Partial
Tensorflow is an Open Source Machine Learning Framework. During shape inference, TensorFlow can allocate a large vector based on a value from a tensor controlled by the user. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
21 CVE-2022-23579 617 DoS 2022-02-04 2022-02-10
5.0
None Remote Low Not required None None Partial
Tensorflow is an Open Source Machine Learning Framework. The Grappler optimizer in TensorFlow can be used to cause a denial of service by altering a `SavedModel` such that `SafeToRemoveIdentity` would trigger `CHECK` failures. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
22 CVE-2022-21741 369 2022-02-03 2022-02-09
5.0
None Remote Low Not required None None Partial
Tensorflow is an Open Source Machine Learning Framework. ### Impact An attacker can craft a TFLite model that would trigger a division by zero in the implementation of depthwise convolutions. The parameters of the convolution can be user controlled and are also used within a division operation to determine the size of the padding that needs to be added before applying the convolution. There is no check before this division that the divisor is strictly positive. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
23 CVE-2022-21733 190 DoS Overflow 2022-02-03 2022-02-09
5.0
None Remote Low Not required None None Partial
Tensorflow is an Open Source Machine Learning Framework. The implementation of `StringNGrams` can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on `pad_witdh` and that result in computing a negative value for `ngram_width` which is later used to allocate parts of the output. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
24 CVE-2022-21730 125 2022-02-03 2022-02-08
5.5
None Remote Low ??? Partial None Partial
Tensorflow is an Open Source Machine Learning Framework. The implementation of `FractionalAvgPoolGrad` does not consider cases where the input tensors are invalid allowing an attacker to read from outside of bounds of heap. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
25 CVE-2022-21728 125 2022-02-03 2022-02-08
5.5
None Remote Low ??? Partial None Partial
Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `ReverseSequence` does not fully validate the value of `batch_dim` and can result in a heap OOB read. There is a check to make sure the value of `batch_dim` does not go over the rank of the input, but there is no check for negative values. Negative dimensions are allowed in some cases to mimic Python's negative indexing (i.e., indexing from the end of the array), however if the value is too negative then the implementation of `Dim` would access elements before the start of an array. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
26 CVE-2022-20209 787 Overflow 2022-06-15 2022-06-24
5.0
None Remote Low Not required Partial None None
In hme_add_new_node_to_a_sorted_array of hme_utils.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-207502397
27 CVE-2022-20188 2022-06-15 2022-06-24
5.0
None Remote Low Not required Partial None None
Product: AndroidVersions: Android kernelAndroid ID: A-207254598References: N/A
28 CVE-2022-20184 2022-06-15 2022-06-24
5.0
None Remote Low Not required Partial None None
Product: AndroidVersions: Android kernelAndroid ID: A-209153114References: N/A
29 CVE-2022-20179 2022-06-15 2022-06-24
5.0
None Remote Low Not required Partial None None
Product: AndroidVersions: Android kernelAndroid ID: A-211683760References: N/A
30 CVE-2022-20177 2022-06-15 2022-06-24
5.0
None Remote Low Not required Partial None None
Product: AndroidVersions: Android kernelAndroid ID: A-209906686References: N/A
31 CVE-2022-20175 2022-06-15 2022-06-24
5.0
None Remote Low Not required Partial None None
Product: AndroidVersions: Android kernelAndroid ID: A-209252491References: N/A
32 CVE-2022-20169 2022-06-15 2022-06-24
5.0
None Remote Low Not required Partial None None
Product: AndroidVersions: Android kernelAndroid ID: A-211162353References: N/A
33 CVE-2022-20151 2022-06-15 2022-06-23
5.0
None Remote Low Not required Partial None None
Product: AndroidVersions: Android kernelAndroid ID: A-210712565References: N/A
34 CVE-2022-20149 2022-06-15 2022-06-23
5.0
None Remote Low Not required Partial None None
Product: AndroidVersions: Android kernelAndroid ID: A-211685939References: N/A
35 CVE-2022-0114 125 2022-02-12 2022-04-19
5.8
None Remote Medium Not required Partial None Partial
Out of bounds memory access in Blink Serial API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page and virtual serial port driver.
36 CVE-2021-46743 843 2022-03-29 2022-04-08
5.8
None Remote Medium Not required Partial Partial None
In Firebase PHP-JWT before 6.0.0, an algorithm-confusion issue (e.g., RS256 / HS256) exists via the kid (aka Key ID) header, when multiple types of keys are loaded in a key ring. This allows an attacker to forge tokens that validate under the incorrect key. NOTE: this provides a straightforward way to use the PHP-JWT library unsafely, but might not be considered a vulnerability in the library itself.
37 CVE-2021-39809 125 2022-04-12 2022-04-20
5.0
None Remote Low Not required Partial None None
In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-205837191
38 CVE-2021-39772 269 2022-03-30 2022-04-06
5.8
None Local Network Low Not required Partial Partial Partial
In Bluetooth, there is a possible way to access the a2dp audio control switch due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-181962322
39 CVE-2021-39762 125 Overflow 2022-03-30 2022-04-05
5.0
None Remote Low Not required Partial None None
In tremolo, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-210625816
40 CVE-2021-39726 125 Exec Code 2022-03-16 2022-03-23
5.0
None Remote Low Not required Partial None None
In cd_ParseMsg of cd_codec.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-181782896References: N/A
41 CVE-2021-39716 2022-03-16 2022-03-22
5.0
None Remote Low Not required Partial None None
Product: AndroidVersions: Android kernelAndroid ID: A-206977562References: N/A
42 CVE-2021-39677 125 2022-02-11 2022-02-17
5.0
None Remote Low Not required Partial None None
In startVideoStream() there is a possibility of an OOB Read in the heap, when the camera buffer is ‘zero’ in size.Product: AndroidVersions: Android-11Android ID: A-205097028
43 CVE-2021-39646 668 2021-12-15 2021-12-17
5.0
None Remote Low Not required Partial None None
Product: AndroidVersions: Android kernelAndroid ID: A-201537251References: N/A
44 CVE-2021-37991 362 2021-11-02 2022-02-18
5.1
None Remote High Not required Partial Partial Partial
Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
45 CVE-2021-37958 2021-10-08 2022-02-18
5.8
None Remote Medium Not required Partial Partial None
Inappropriate implementation in Navigation in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page.
46 CVE-2021-30603 362 2021-08-26 2021-11-30
5.1
None Remote High Not required Partial Partial Partial
Data race in WebAudio in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
47 CVE-2021-30593 125 2021-08-26 2021-11-30
5.8
None Remote Medium Not required Partial None Partial
Out of bounds read in Tab Strip in Google Chrome prior to 92.0.4515.131 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted HTML page.
48 CVE-2021-30539 863 Bypass 2021-06-07 2021-12-01
5.8
None Remote Medium Not required Partial Partial None
Insufficient policy enforcement in content security policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page.
49 CVE-2021-30536 125 2021-06-07 2021-12-01
5.8
None Remote Medium Not required Partial None Partial
Out of bounds read in V8 in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page.
50 CVE-2021-30511 125 2021-06-04 2021-12-02
5.8
None Remote Medium Not required Partial None Partial
Out of bounds read in Tab Groups in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted HTML page.
Total number of vulnerabilities : 689   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.