CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google : Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2016-3765 200 DoS +Info 2016-07-10 2016-07-12
6.4
None Remote Low Not required Partial None Partial
decoder/impeg2d_bitstream.c in mediaserver in Android 6.x before 2016-07-01 allows attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted application, aka internal bug 28168413.
2 CVE-2016-2536 399 Exec Code 2016-02-22 2016-05-19
6.8
None Remote Medium Not required Partial Partial Partial
Multiple use-after-free vulnerabilities in SAP 3D Visual Enterprise Viewer allow remote attackers to execute arbitrary code via a crafted SketchUp document. NOTE: the primary affected product may be SketchUp.
3 CVE-2016-2475 20 +Priv 2016-06-12 2016-06-14
6.8
None Remote Medium Not required Partial Partial Partial
The Broadcom Wi-Fi driver in Android before 2016-06-01 on Nexus 5, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus 9, Nexus Player, and Pixel C devices allows attackers to gain privileges for certain system calls via a crafted application, aka internal bug 26425765.
4 CVE-2016-2423 264 Bypass 2016-04-17 2016-04-25
6.6
None Local Low Not required None Complete Complete
server/telecom/CallsManager.java in Telephony in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not properly consider whether a device is provisioned, which allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 26303187.
5 CVE-2016-2421 264 Bypass 2016-04-17 2016-04-25
6.6
None Local Low Not required None Complete Complete
Setup Wizard in Android 5.1.x before 5.1.1 and 6.x before 2016-04-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 26154410.
6 CVE-2016-2410 264 +Priv 2016-04-17 2016-04-20
6.9
None Local Medium Not required Complete Complete Complete
A Qualcomm video kernel driver in Android 6.x before 2016-04-01 allows attackers to gain privileges via a crafted application that leverages control over a service that can call this driver, aka internal bug 26291677.
7 CVE-2016-2052 DoS 2016-01-25 2016-07-20
6.8
None Remote Medium Not required Partial Partial Partial
Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via crafted data, as demonstrated by a buffer over-read resulting from an inverted length check in hb-ot-font.cc, a different issue than CVE-2015-8947.
8 CVE-2016-2051 DoS 2016-01-25 2016-02-10
6.8
None Remote Medium Not required Partial Partial Partial
Multiple unspecified vulnerabilities in Google V8 before 4.8.271.17, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
9 CVE-2016-1704 DoS 2016-07-03 2016-07-13
6.8
None Remote Medium Not required Partial Partial Partial
Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.103 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
10 CVE-2016-1703 DoS 2016-06-05 2016-06-06
6.8
None Remote Medium Not required Partial Partial Partial
Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.79 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
11 CVE-2016-1701 DoS 2016-06-05 2016-06-06
6.8
None Remote Medium Not required Partial Partial Partial
The Autofill implementation in Google Chrome before 51.0.2704.79 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site, a different vulnerability than CVE-2016-1690.
12 CVE-2016-1697 284 Bypass 2016-06-05 2016-06-06
6.8
None Remote Medium Not required Partial Partial Partial
The FrameLoader::startLoad function in WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 51.0.2704.79, does not prevent frame navigations during DocumentLoader detach operations, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code.
13 CVE-2016-1696 284 Bypass 2016-06-05 2016-06-06
6.8
None Remote Medium Not required Partial Partial Partial
The extensions subsystem in Google Chrome before 51.0.2704.79 does not properly restrict bindings access, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
14 CVE-2016-1695 DoS 2016-06-05 2016-06-06
6.8
None Remote Medium Not required Partial Partial Partial
Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.63 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
15 CVE-2016-1681 119 DoS Overflow 2016-06-05 2016-06-07
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the opj_j2k_read_SPCod_SPCoc function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 51.0.2704.63, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document.
16 CVE-2016-1680 119 DoS Overflow Mem. Corr. 2016-06-05 2016-06-06
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in ports/SkFontHost_FreeType.cpp in Skia, as used in Google Chrome before 51.0.2704.63, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via unknown vectors.
17 CVE-2016-1679 DoS 2016-06-05 2016-06-06
6.8
None Remote Medium Not required Partial Partial Partial
The ToV8Value function in content/child/v8_value_converter_impl.cc in the V8 bindings in Google Chrome before 51.0.2704.63 does not properly restrict use of getters and setters, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code.
18 CVE-2016-1678 119 DoS Overflow 2016-06-05 2016-06-06
6.8
None Remote Medium Not required Partial Partial Partial
objects.cc in Google V8 before 5.0.71.32, as used in Google Chrome before 51.0.2704.63, does not properly restrict lazy deoptimization, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JavaScript code.
19 CVE-2016-1676 284 Bypass 2016-06-05 2016-06-06
6.8
None Remote Medium Not required Partial Partial Partial
extensions/renderer/resources/binding.js in the extension bindings in Google Chrome before 51.0.2704.63 does not properly use prototypes, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
20 CVE-2016-1675 284 Bypass 2016-06-05 2016-06-06
6.8
None Remote Medium Not required Partial Partial Partial
Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Same Origin Policy by leveraging the mishandling of Document reattachment during destruction, related to FrameLoader.cpp and LocalFrame.cpp.
21 CVE-2016-1674 Bypass 2016-06-05 2016-06-06
6.8
None Remote Medium Not required Partial Partial Partial
The extensions subsystem in Google Chrome before 51.0.2704.63 allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
22 CVE-2016-1673 Bypass 2016-06-05 2016-06-06
6.8
None Remote Medium Not required Partial Partial Partial
Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
23 CVE-2016-1672 284 Bypass 2016-06-05 2016-06-06
6.8
None Remote Medium Not required Partial Partial Partial
The ModuleSystem::RequireForJsInner function in extensions/renderer/module_system.cc in the extension bindings in Google Chrome before 51.0.2704.63 mishandles properties, which allows remote attackers to conduct bindings-interception attacks and bypass the Same Origin Policy via unspecified vectors.
24 CVE-2016-1671 22 Dir. Trav. 2016-05-14 2016-05-18
6.8
None Remote Medium Not required Partial Partial Partial
Google Chrome before 50.0.2661.102 on Android mishandles / (slash) and \ (backslash) characters, which allows attackers to conduct directory traversal attacks via a file: URL, related to net/base/escape.cc and net/base/filename_util.cc.
25 CVE-2016-1668 284 Bypass 2016-05-14 2016-07-15
6.8
None Remote Medium Not required Partial Partial Partial
The forEachForBinding function in WebKit/Source/bindings/core/v8/Iterable.h in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.102, uses an improper creation context, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
26 CVE-2016-1667 284 Bypass 2016-05-14 2016-07-15
6.8
None Remote Medium Not required Partial Partial Partial
The TreeScope::adoptIfNeeded function in WebKit/Source/core/dom/TreeScope.cpp in the DOM implementation in Blink, as used in Google Chrome before 50.0.2661.102, does not prevent script execution during node-adoption operations, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
27 CVE-2016-1663 DoS 2016-05-14 2016-07-15
6.8
None Remote Medium Not required Partial Partial Partial
The SerializedScriptValue::transferArrayBuffers function in WebKit/Source/bindings/core/v8/SerializedScriptValue.cpp in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.94, mishandles certain array-buffer data structures, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site.
28 CVE-2016-1660 20 DoS 2016-05-14 2016-07-15
6.8
None Remote Medium Not required Partial Partial Partial
Blink, as used in Google Chrome before 50.0.2661.94, mishandles assertions in the WTF::BitArray and WTF::double_conversion::Vector classes, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted web site.
29 CVE-2016-1655 DoS 2016-04-18 2016-05-18
6.8
None Remote Medium Not required Partial Partial Partial
Google Chrome before 50.0.2661.75 does not properly consider that frame removal may occur during callback execution, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted extension.
30 CVE-2016-1638 284 Bypass 2016-03-05 2016-03-07
6.8
None Remote Medium Not required Partial Partial Partial
extensions/renderer/resources/platform_app.js in the Extensions subsystem in Google Chrome before 49.0.2623.75 does not properly restrict use of Web APIs, which allows remote attackers to bypass intended access restrictions via a crafted platform app.
31 CVE-2016-1632 264 Bypass 2016-03-05 2016-03-07
6.8
None Remote Medium Not required Partial Partial Partial
The Extensions subsystem in Google Chrome before 49.0.2623.75 does not properly maintain own properties, which allows remote attackers to bypass intended access restrictions via crafted JavaScript code that triggers an incorrect cast, related to extensions/renderer/v8_helpers.h and gin/converter.h.
32 CVE-2016-1631 264 Bypass 2016-03-05 2016-03-07
6.8
None Remote Medium Not required Partial Partial Partial
The PPB_Flash_MessageLoop_Impl::InternalRun function in content/renderer/pepper/ppb_flash_message_loop_impl.cc in the Pepper plugin in Google Chrome before 49.0.2623.75 mishandles nested message loops, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
33 CVE-2016-1630 264 Bypass 2016-03-05 2016-03-07
6.8
None Remote Medium Not required Partial Partial Partial
The ContainerNode::parserRemoveChild function in WebKit/Source/core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 49.0.2623.75, mishandles widget updates, which makes it easier for remote attackers to bypass the Same Origin Policy via a crafted web site.
34 CVE-2016-1628 119 DoS Exec Code Overflow 2016-02-21 2016-02-25
6.8
None Remote Medium Not required Partial Partial Partial
pi.c in OpenJPEG, as used in PDFium in Google Chrome before 48.0.2564.109, does not validate a certain precision value, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a crafted JPEG 2000 image in a PDF document, related to the opj_pi_next_rpcl, opj_pi_next_pcrl, and opj_pi_next_cprl functions.
35 CVE-2016-1627 264 Bypass 2016-02-13 2016-02-25
6.8
None Remote Medium Not required Partial Partial Partial
The Developer Tools (aka DevTools) subsystem in Google Chrome before 48.0.2564.109 does not validate URL schemes and ensure that the remoteBase parameter is associated with a chrome-devtools-frontend.appspot.com URL, which allows remote attackers to bypass intended access restrictions via a crafted URL, related to browser/devtools/devtools_ui_bindings.cc and WebKit/Source/devtools/front_end/Runtime.js.
36 CVE-2016-1624 119 DoS Overflow 2016-02-13 2016-02-25
6.8
None Remote Medium Not required Partial Partial Partial
Integer underflow in the ProcessCommandsInternal function in dec/decode.c in Brotli, as used in Google Chrome before 48.0.2564.109, allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted data with brotli compression.
37 CVE-2016-1623 264 Bypass 2016-02-13 2016-02-25
6.8
None Remote Medium Not required Partial Partial Partial
The DOM implementation in Google Chrome before 48.0.2564.109 does not properly restrict frame-attach operations from occurring during or after frame-detach operations, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, related to FrameLoader.cpp, HTMLFrameOwnerElement.h, LocalFrame.cpp, and WebLocalFrameImpl.cpp.
38 CVE-2016-1622 264 Bypass 2016-02-13 2016-02-25
6.8
None Remote Medium Not required Partial Partial Partial
The Extensions subsystem in Google Chrome before 48.0.2564.109 does not prevent use of the Object.defineProperty method to override intended extension behavior, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code.
39 CVE-2016-1619 119 DoS Overflow 2016-01-25 2016-01-26
6.8
None Remote Medium Not required Partial Partial Partial
Multiple integer overflows in the (1) sycc422_to_rgb and (2) sycc444_to_rgb functions in fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted PDF document.
40 CVE-2016-1613 DoS 2016-01-25 2016-01-26
6.8
None Remote Medium Not required Partial Partial Partial
Multiple use-after-free vulnerabilities in the formfiller implementation in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to improper tracking of the destruction of (1) IPWL_FocusHandler and (2) IPWL_Provider objects.
41 CVE-2016-1612 20 DoS 2016-01-25 2016-01-26
6.8
None Remote Medium Not required Partial Partial Partial
The LoadIC::UpdateCaches function in ic/ic.cc in Google V8, as used in Google Chrome before 48.0.2564.82, does not ensure receiver compatibility before performing a cast of an unspecified variable, which allows remote attackers to cause a denial of service or possibly have unknown other impact via crafted JavaScript code.
42 CVE-2016-0832 264 Bypass 2016-03-12 2016-03-21
6.6
None Local Low Not required None Complete Complete
Setup Wizard in Android 5.1.x before LMY49H and 6.x before 2016-03-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 25955042.
43 CVE-2016-0813 264 Bypass 2016-02-06 2016-03-14
6.6
None Local Low Not required None Complete Complete
packages/SystemUI/src/com/android/systemui/recents/AlternateRecentsComponent.java in Setup Wizard in Android 5.1.x before 5.1.1 LMY49G and 6.x before 2016-02-01 does not properly check for device provisioning, which allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 25476219.
44 CVE-2016-0812 264 Bypass 2016-02-06 2016-03-14
6.6
None Local Low Not required None Complete Complete
The interceptKeyBeforeDispatching function in policy/src/com/android/internal/policy/impl/PhoneWindowManager.java in Setup Wizard in Android 5.1.x before 5.1.1 LMY49G and 6.0 before 2016-02-01 does not properly check for setup completion, which allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 25229538.
45 CVE-2016-0810 264 +Priv 2016-02-06 2016-03-14
6.9
None Local Medium Not required Complete Complete Complete
media/libmedia/SoundPool.cpp in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 mishandles locking requirements, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 25781119.
46 CVE-2015-6780 DoS 2015-12-05 2015-12-07
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in the Infobars implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site, related to browser/ui/views/website_settings/website_settings_popup_view.cc.
47 CVE-2015-6776 119 DoS Overflow 2015-12-05 2015-12-07
6.8
None Remote Medium Not required Partial Partial Partial
The opj_dwt_decode_1* functions in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 47.0.2526.73, allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG 2000 data that is mishandled during a discrete wavelet transform.
48 CVE-2015-6761 362 DoS Mem. Corr. 2015-10-15 2015-10-15
6.8
None Remote Medium Not required Partial Partial Partial
The update_dimensions function in libavcodec/vp8.c in FFmpeg through 2.8.1, as used in Google Chrome before 46.0.2490.71 and other products, relies on a coefficient-partition count during multi-threaded operation, which allows remote attackers to cause a denial of service (race condition and memory corruption) or possibly have unspecified other impact via a crafted WebM file.
49 CVE-2015-6758 17 DoS 2015-10-15 2015-10-15
6.8
None Remote Medium Not required Partial Partial Partial
The CPDF_Document::GetPage function in fpdfapi/fpdf_parser/fpdf_parser_document.cpp in PDFium, as used in Google Chrome before 46.0.2490.71, does not properly perform a cast of a dictionary object, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document.
50 CVE-2015-6756 DoS Mem. Corr. 2015-10-15 2015-10-15
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in the CPDFSDK_PageView implementation in fpdfsdk/src/fsdk_mgr.cpp in PDFium, as used in Google Chrome before 46.0.2490.71, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by leveraging mishandling of a focused annotation in a PDF document.
Total number of vulnerabilities : 199   Page : 1 (This Page)2 3 4
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.