CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google : Security Vulnerabilities (CVSS score between 7 and 7.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2016-2424 20 DoS 2016-04-17 2016-04-25
7.1
None Remote Medium Not required None None Complete
server/content/SyncStorageEngine.java in SyncStorageEngine in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 mismanages certain authority data, which allows attackers to cause a denial of service (reboot loop) via a crafted application, aka internal bug 26513719.
2 CVE-2016-2415 200 +Info 2016-04-17 2016-04-21
7.1
None Remote Medium Not required Complete None None
exchange/eas/EasAutoDiscover.java in the Autodiscover implementation in Exchange ActiveSync in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to obtain sensitive information via a crafted application that triggers a spoofed response to a GET request, aka internal bug 26488455.
3 CVE-2016-2052 DoS 2016-01-25 2016-01-26
7.5
None Remote Low Not required Partial Partial Partial
Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
4 CVE-2016-1636 264 Bypass 2016-03-05 2016-03-07
7.5
None Remote Low Not required Partial Partial Partial
The PendingScript::notifyFinished function in WebKit/Source/core/dom/PendingScript.cpp in Google Chrome before 49.0.2623.75 relies on memory-cache information about integrity-check occurrences instead of integrity-check successes, which allows remote attackers to bypass the Subresource Integrity (aka SRI) protection mechanism by triggering two loads of the same resource.
5 CVE-2016-0849 189 Overflow +Priv 2016-04-17 2016-04-20
7.2
None Local Low Not required Complete Complete Complete
Multiple integer overflows in minzip/SysUtil.c in the Recovery Procedure in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26960931.
6 CVE-2016-0848 362 Bypass 2016-04-17 2016-04-20
7.2
None Local Low Not required Complete Complete Complete
Race condition in Download Manager in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to bypass private-storage file-access restrictions via a crafted application that changes a symlink target, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26211054.
7 CVE-2016-0847 264 2016-04-17 2016-04-21
7.2
None Local Low Not required Complete Complete Complete
The Telecom Component in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to spoof the originating telephone number of a call via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26864502.
8 CVE-2016-0846 264 +Priv 2016-04-17 2016-04-20
7.2
None Local Low Not required Complete Complete Complete
libs/binder/IMemory.cpp in the IMemory Native Interface in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not properly consider the heap size, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26877992.
9 CVE-2016-0844 264 +Priv 2016-04-17 2016-04-20
7.2
None Local Low Not required Complete Complete Complete
The Qualcomm RF driver in Android 6.x before 2016-04-01 does not properly restrict access to socket ioctl calls, which allows attackers to gain privileges via a crafted application, aka internal bug 26324307.
10 CVE-2016-0843 264 +Priv 2016-04-17 2016-04-20
7.2
None Local Low Not required Complete Complete Complete
The Qualcomm ARM processor performance-event manager in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to gain privileges via a crafted application, aka internal bug 25801197.
11 CVE-2016-0822 264 +Priv 2016-03-12 2016-03-22
7.6
None Remote High Not required Complete Complete Complete
The MediaTek connectivity kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application that leverages conn_launcher access, aka internal bug 25873324.
12 CVE-2016-0811 200 Overflow Bypass +Info 2016-02-06 2016-03-14
7.8
None Remote Low Not required Complete None None
Integer overflow in the BnCrypto::onTransact function in media/libmedia/ICrypto.cpp in libmediaplayerservice in Android 6.x before 2016-02-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, by triggering an improper size calculation, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 25800375.
13 CVE-2016-0807 264 +Priv 2016-02-06 2016-03-11
7.2
None Local Low Not required Complete Complete Complete
The get_build_id function in elf_utils.cpp in Debuggerd in Android 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application that mishandles a Desc Size element in an ELF Note, aka internal bug 25187394.
14 CVE-2016-0806 264 +Priv 2016-02-06 2016-03-16
7.2
None Local Low Not required Complete Complete Complete
The Qualcomm Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application, aka internal bug 25344453.
15 CVE-2016-0805 264 +Priv 2016-02-06 2016-03-11
7.2
None Local Low Not required Complete Complete Complete
The performance event manager for Qualcomm ARM processors in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application, aka internal bug 25773204.
16 CVE-2016-0728 DoS Overflow +Priv 2016-02-07 2016-03-24
7.2
None Local Low Not required Complete Complete Complete
The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands.
17 CVE-2015-8664 189 DoS Overflow 2015-12-23 2015-12-24
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in the WebCursor::Deserialize function in content/common/cursors/webcursor.cc in Google Chrome before 47.0.2526.106 allows remote attackers to cause a denial of service or possibly have unspecified other impact via an RGBA pixel array with crafted dimensions, a different vulnerability than CVE-2015-6792.
18 CVE-2015-8479 119 DoS Overflow Mem. Corr. 2015-12-05 2015-12-07
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the AudioOutputDevice::OnDeviceAuthorized function in media/audio/audio_output_device.cc in Google Chrome before 47.0.2526.73 allows attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by triggering access to an unauthorized audio output device.
19 CVE-2015-8478 DoS 2015-12-05 2015-12-07
7.5
None Remote Low Not required Partial Partial Partial
Multiple unspecified vulnerabilities in Google V8 before 4.7.80.23, as used in Google Chrome before 47.0.2526.73, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
20 CVE-2015-7834 DoS 2015-10-15 2015-10-15
7.5
None Remote Low Not required Partial Partial Partial
Multiple unspecified vulnerabilities in Google V8 before 4.6.85.23, as used in Google Chrome before 46.0.2490.71, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
21 CVE-2015-6781 189 DoS Overflow 2015-12-05 2015-12-07
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in the FontData::Bound function in data/font_data.cc in Google sfntly, as used in Google Chrome before 47.0.2526.73, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted offset or length value within font data in an SFNT container.
22 CVE-2015-6778 119 DoS Overflow 2015-12-05 2015-12-07
7.5
None Remote Low Not required Partial Partial Partial
The CJBig2_SymbolDict class in fxcodec/jbig2/JBig2_SymbolDict.cpp in PDFium, as used in Google Chrome before 47.0.2526.73, allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via a PDF document containing crafted data with JBIG2 compression.
23 CVE-2015-6777 DoS 2015-12-05 2015-12-07
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the ContainerNode::notifyNodeInsertedInternal function in WebKit/Source/core/dom/ContainerNode.cpp in the DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOMCharacterDataModified events for certain detached-subtree insertions.
24 CVE-2015-6775 DoS 2015-12-05 2015-12-07
7.5
None Remote Low Not required Partial Partial Partial
fpdfsdk/src/jsapi/fxjs_v8.cpp in PDFium, as used in Google Chrome before 47.0.2526.73, does not use signatures, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion."
25 CVE-2015-6774 DoS 2015-12-05 2015-12-07
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the GetLoadTimes function in renderer/loadtimes_extension_bindings.cc in the Extensions implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that modifies a pointer used for reporting loadTimes data.
26 CVE-2015-6773 119 DoS Overflow 2015-12-05 2015-12-07
7.5
None Remote Low Not required Partial Partial Partial
The convolution implementation in Skia, as used in Google Chrome before 47.0.2526.73, does not properly constrain row lengths, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via crafted graphics data.
27 CVE-2015-6772 264 Bypass 2015-12-05 2015-12-07
7.5
None Remote Low Not required Partial Partial Partial
The DOM implementation in Blink, as used in Google Chrome before 47.0.2526.73, does not prevent javascript: URL navigation while a document is being detached, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that improperly interacts with a plugin.
28 CVE-2015-6771 119 DoS Overflow 2015-12-05 2015-12-07
7.5
None Remote Low Not required Partial Partial Partial
js/array.js in Google V8, as used in Google Chrome before 47.0.2526.73, improperly implements certain map and filter operations for arrays, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via crafted JavaScript code.
29 CVE-2015-6770 264 Bypass 2015-12-05 2015-12-07
7.5
None Remote Low Not required Partial Partial Partial
The DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-6768.
30 CVE-2015-6769 264 Bypass 2015-12-05 2015-12-07
7.5
None Remote Low Not required Partial Partial Partial
The provisional-load commit implementation in WebKit/Source/bindings/core/v8/WindowProxy.cpp in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy by leveraging a delay in window proxy clearing.
31 CVE-2015-6768 264 Bypass 2015-12-05 2015-12-07
7.5
None Remote Low Not required Partial Partial Partial
The DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-6770.
32 CVE-2015-6767 DoS 2015-12-05 2015-12-07
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in content/browser/appcache/appcache_dispatcher_host.cc in the AppCache implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect pointer maintenance associated with certain callbacks.
33 CVE-2015-6766 DoS 2015-12-05 2015-12-07
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the AppCache implementation in Google Chrome before 47.0.2526.73 allows remote attackers with renderer access to cause a denial of service or possibly have unspecified other impact by leveraging incorrect AppCacheUpdateJob behavior associated with duplicate cache selection.
34 CVE-2015-6764 119 DoS Overflow 2015-12-05 2015-12-07
7.5
None Remote Low Not required Partial Partial Partial
The BasicJsonStringifier::SerializeJSArray function in json-stringifier.h in the JSON stringifier in Google V8, as used in Google Chrome before 47.0.2526.73, improperly loads array elements, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via crafted JavaScript code.
35 CVE-2015-6763 DoS 2015-10-15 2015-10-15
7.5
None Remote Low Not required Partial Partial Partial
Multiple unspecified vulnerabilities in Google Chrome before 46.0.2490.71 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
36 CVE-2015-6762 254 Bypass 2015-10-15 2015-10-15
7.5
None Remote Low Not required Partial Partial Partial
The CSSFontFaceSrcValue::fetch function in core/css/CSSFontFaceSrcValue.cpp in the Cascading Style Sheets (CSS) implementation in Blink, as used in Google Chrome before 46.0.2490.71, does not use the CORS cross-origin request algorithm when a font's URL appears to be a same-origin URL, which allows remote web servers to bypass the Same Origin Policy via a redirect.
37 CVE-2015-6760 17 DoS 2015-10-15 2015-10-15
7.5
None Remote Low Not required Partial Partial Partial
The Image11::map function in renderer/d3d/d3d11/Image11.cpp in libANGLE, as used in Google Chrome before 46.0.2490.71, mishandles mapping failures after device-lost events, which allows remote attackers to cause a denial of service (invalid read or write) or possibly have unspecified other impact via vectors involving a removed device.
38 CVE-2015-6757 DoS 2015-10-15 2015-10-15
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in content/browser/service_worker/embedded_worker_instance.cc in the ServiceWorker implementation in Google Chrome before 46.0.2490.71 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging object destruction in a callback.
39 CVE-2015-6755 264 Bypass 2015-10-15 2015-10-15
7.5
None Remote Low Not required Partial Partial Partial
The ContainerNode::parserInsertBefore function in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 46.0.2490.71, proceeds with a DOM tree insertion in certain cases where a parent node no longer contains a child node, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code.
40 CVE-2015-6646 399 DoS 2016-01-06 2016-04-11
7.8
None Remote Low Not required None None Complete
The System V IPC implementation in the kernel in Android before 6.0 2016-01-01 allows attackers to cause a denial of service (global kernel resource consumption) by leveraging improper interaction between IPC resource allocation and the memory manager, aka internal bug 22300191, a different vulnerability than CVE-2015-7613.
41 CVE-2015-6645 264 DoS 2016-01-06 2016-01-07
7.1
None Remote Medium Not required None None Complete
SyncManager in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to cause a denial of service (continuous rebooting) via a crafted application, aka internal bug 23591205.
42 CVE-2015-6643 264 Bypass 2016-01-06 2016-01-07
7.2
None Local Low Not required Complete Complete Complete
Setup Wizard in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows physically proximate attackers to modify settings or bypass a reset protection mechanism via unspecified vectors, aka internal bug 25290269.
43 CVE-2015-6642 264 Bypass +Info 2016-01-06 2016-01-07
7.8
None Remote Low Not required Complete None None
The kernel in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via unknown vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 24157888.
44 CVE-2015-6581 DoS Exec Code Mem. Corr. 2015-09-03 2015-09-04
7.5
None Remote Low Not required Partial Partial Partial
Double free vulnerability in the opj_j2k_copy_default_tcp_and_create_tcd function in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 45.0.2454.85, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by triggering a memory-allocation failure.
45 CVE-2015-6580 DoS 2015-09-03 2015-09-04
7.5
None Remote Low Not required Partial Partial Partial
Multiple unspecified vulnerabilities in Google V8 before 4.5.103.29, as used in Google Chrome before 45.0.2454.85, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
46 CVE-2015-5380 119 DoS Overflow Mem. Corr. 2015-07-09 2015-07-09
7.5
None Remote Low Not required Partial Partial Partial
The Utf8DecoderBase::WriteUtf16Slow function in unicode-decoder.cc in Google V8, as used in Node.js before 0.12.6, io.js before 1.8.3 and 2.x before 2.3.3, and other products, does not verify that there is memory available for a UTF-16 surrogate pair, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted byte sequence.
47 CVE-2015-3910 DoS 2015-05-20 2015-06-30
7.5
None Remote Low Not required Partial Partial Partial
Multiple unspecified vulnerabilities in Google V8 before 4.3.61.21, as used in Google Chrome before 43.0.2357.65, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
48 CVE-2015-3860 284 Bypass 2015-09-30 2015-10-01
7.2
None Local Low Not required Complete Complete Complete
packages/Keyguard/res/layout/keyguard_password_view.xml in Lockscreen in Android 5.x before 5.1.1 LMY48M does not restrict the number of characters in the passwordEntry input field, which allows physically proximate attackers to bypass intended access restrictions via a long password that triggers a SystemUI crash, aka internal bug 22214934.
49 CVE-2015-3335 264 2015-04-19 2015-04-20
7.5
None Remote Low Not required Partial Partial Partial
The NaClSandbox::InitializeLayerTwoSandbox function in components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc in Google Chrome before 42.0.2311.90 does not have RLIMIT_AS and RLIMIT_DATA limits for Native Client (aka NaCl) processes, which might make it easier for remote attackers to conduct row-hammer attacks or have unspecified other impact by leveraging the ability to run a crafted program in the NaCl sandbox.
50 CVE-2015-3333 DoS 2015-04-19 2015-05-11
7.5
None Remote Low Not required Partial Partial Partial
Multiple unspecified vulnerabilities in Google V8 before 4.2.77.14, as used in Google Chrome before 42.0.2311.90, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
Total number of vulnerabilities : 581   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.