CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google : Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2022-30712 20 2022-06-07 2022-06-11
6.4
None Remote Low Not required Partial Partial None
Improper validation vulnerability in KfaOptions prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.
2 CVE-2022-27573 787 2022-04-11 2022-04-18
6.5
None Remote Low ??? Partial Partial Partial
Improper input validation vulnerability in parser_infe and sheifd_find_itemIndexin fuctions of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by privileged attackers.
3 CVE-2022-26099 476 2022-04-11 2022-04-18
6.4
None Remote Low Not required Partial None Partial
Null pointer dereference vulnerability in parser_infe function of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds read by remote attackers.
4 CVE-2022-24925 20 DoS 2022-02-11 2022-02-22
6.8
None Remote Low ??? None None Complete
Improper input validation vulnerability in SettingsProvider prior to Android S(12) allows privileged attackers to trigger a permanent denial of service attack on a victim's devices.
5 CVE-2022-23729 287 2022-03-04 2022-03-11
6.9
None Local Medium Not required Complete Complete Complete
When the device is in factory state, it can be access the shell without adb authentication process. The LG ID is LVE-SMP-210010.
6 CVE-2022-23728 2022-01-21 2022-07-11
6.6
None Local Low Not required None Complete Complete
Attacker can reset the device with AT Command in the process of rebooting the device. The LG ID is LVE-SMP-210011.
7 CVE-2022-23574 125 2022-02-04 2022-02-10
6.5
None Remote Low ??? Partial Partial Partial
Tensorflow is an Open Source Machine Learning Framework. There is a typo in TensorFlow's `SpecializeType` which results in heap OOB read/write. Due to a typo, `arg` is initialized to the `i`th mutable argument in a loop where the loop index is `j`. Hence it is possible to assign to `arg` from outside the vector of arguments. Since this is a mutable proto value, it allows both read and write to outside of bounds data. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, and TensorFlow 2.6.3, as these are also affected and still in supported range.
8 CVE-2022-23573 908 2022-02-04 2022-02-10
6.5
None Remote Low ??? Partial Partial Partial
Tensorflow is an Open Source Machine Learning Framework. The implementation of `AssignOp` can result in copying uninitialized data to a new tensor. This later results in undefined behavior. The implementation has a check that the left hand side of the assignment is initialized (to minimize number of allocations), but does not check that the right hand side is also initialized. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
9 CVE-2022-23566 787 2022-02-04 2022-02-10
6.5
None Remote Low ??? Partial Partial Partial
Tensorflow is an Open Source Machine Learning Framework. TensorFlow is vulnerable to a heap OOB write in `Grappler`. The `set_output` function writes to an array at the specified index. Hence, this gives a malicious user a write primitive. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
10 CVE-2022-23562 190 Overflow 2022-02-04 2022-02-09
6.5
None Remote Low ??? Partial Partial Partial
Tensorflow is an Open Source Machine Learning Framework. The implementation of `Range` suffers from integer overflows. These can trigger undefined behavior or, in some scenarios, extremely large allocations. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
11 CVE-2022-23561 787 2022-02-04 2022-02-09
6.5
None Remote Low ??? Partial Partial Partial
Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause a write outside of bounds of an array in TFLite. In fact, the attacker can override the linked list used by the memory allocator. This can be leveraged for an arbitrary write primitive under certain conditions. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
12 CVE-2022-23560 125 2022-02-04 2022-02-09
6.5
None Remote Low ??? Partial Partial Partial
Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in the conversion from sparse tensors to dense tensors. The fix is included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. Users are advised to upgrade as soon as possible.
13 CVE-2022-23559 190 Overflow 2022-02-04 2022-02-09
6.5
None Remote Low ??? Partial Partial Partial
Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in embedding lookup operations. Both `embedding_size` and `lookup_size` are products of values provided by the user. Hence, a malicious user could trigger overflows in the multiplication. In certain scenarios, this can then result in heap OOB read/write. Users are advised to upgrade to a patched version.
14 CVE-2022-23558 190 Overflow 2022-02-04 2022-02-09
6.5
None Remote Low ??? Partial Partial Partial
Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in `TfLiteIntArrayCreate`. The `TfLiteIntArrayGetSizeInBytes` returns an `int` instead of a `size_t. An attacker can control model inputs such that `computed_size` overflows the size of `int` datatype. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
15 CVE-2022-21740 787 Overflow 2022-02-03 2022-02-09
6.5
None Remote Low ??? Partial Partial Partial
Tensorflow is an Open Source Machine Learning Framework. The implementation of `SparseCountSparseOutput` is vulnerable to a heap overflow. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
16 CVE-2022-21727 190 Overflow 2022-02-03 2022-02-08
6.5
None Remote Low ??? Partial Partial Partial
Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `Dequantize` is vulnerable to an integer overflow weakness. The `axis` argument can be `-1` (the default value for the optional argument) or any other positive value at most the number of dimensions of the input. Unfortunately, the upper bound is not checked, and, since the code computes `axis + 1`, an attacker can trigger an integer overflow. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
17 CVE-2022-21726 125 2022-02-03 2022-02-08
6.5
None Remote Low ??? Partial Partial Partial
Tensorflow is an Open Source Machine Learning Framework. The implementation of `Dequantize` does not fully validate the value of `axis` and can result in heap OOB accesses. The `axis` argument can be `-1` (the default value for the optional argument) or any other positive value at most the number of dimensions of the input. Unfortunately, the upper bound is not checked and this results in reading past the end of the array containing the dimensions of the input tensor. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
18 CVE-2022-20155 362 2022-06-15 2022-06-24
6.9
None Local Medium Not required Complete Complete Complete
In ipu_core_jqs_msg_transport_kernel_write_sync of ipu-core-jqs-msg-transport.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-176754369References: N/A
19 CVE-2022-20148 362 2022-06-15 2022-06-23
6.9
None Local Medium Not required Complete Complete Complete
In TBD of TBD, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-219513976References: Upstream kernel
20 CVE-2022-20141 362 2022-06-15 2022-09-01
6.9
None Local Medium Not required Complete Complete Complete
In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-112551163References: Upstream kernel
21 CVE-2022-20137 276 2022-06-15 2022-06-24
6.9
None Local Medium Not required Complete Complete Complete
In onCreateContextMenu of NetworkProviderSettings.java, there is a possible way for non-owner users to change WiFi settings due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-206986392
22 CVE-2022-20126 287 2022-06-15 2022-06-24
6.9
None Local Medium Not required Complete Complete Complete
In setScanMode of AdapterService.java, there is a possible way to enable Bluetooth discovery mode without user interaction due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-203431023
23 CVE-2022-20118 362 2022-05-10 2022-05-17
6.9
None Local Medium Not required Complete Complete Complete
In ion_ioctl and related functions of ion.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-205707793References: N/A
24 CVE-2022-20007 362 2022-05-10 2022-05-16
6.2
None Local High Not required Complete Complete Complete
In startActivityForAttachedApplicationIfNeeded of RootWindowContainer.java, there is a possible way to overlay an app that believes it's still in the foreground, when it is not, due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-211481342
25 CVE-2022-20006 362 2022-05-10 2022-06-15
6.2
None Local High Not required Complete Complete Complete
In several functions of KeyguardServiceWrapper.java and related files,, there is a possible way to briefly view what's under the lockscreen due to a race condition. This could lead to local escalation of privilege if a Guest user is enabled, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-151095871
26 CVE-2022-0809 119 Overflow Mem. Corr. 2022-04-05 2023-01-24
6.8
None Remote Medium Not required Partial Partial Partial
Out of bounds memory access in WebXR in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
27 CVE-2022-0808 416 2022-04-05 2023-01-24
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in a series of user interaction to potentially exploit heap corruption via user interactions.
28 CVE-2022-0800 787 Overflow 2022-04-05 2023-01-24
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
29 CVE-2022-0795 843 2022-04-05 2022-10-27
6.8
None Remote Medium Not required Partial Partial Partial
Type confusion in Blink Layout in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
30 CVE-2022-0794 416 2022-04-05 2022-10-27
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in WebShare in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
31 CVE-2022-0793 416 2022-04-05 2022-10-27
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Cast in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension and engage in specific user interaction to potentially exploit heap corruption via a crafted Chrome Extension.
32 CVE-2022-0790 416 2022-04-05 2023-01-24
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML page.
33 CVE-2022-0789 787 Overflow 2022-04-05 2022-10-27
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
34 CVE-2022-0610 119 Overflow 2022-04-05 2022-04-11
6.8
None Remote Medium Not required Partial Partial Partial
Inappropriate implementation in Gamepad API in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
35 CVE-2022-0609 416 2022-04-05 2022-04-08
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Animation in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
36 CVE-2022-0608 190 Overflow 2022-04-05 2022-04-08
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in Mojo in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
37 CVE-2022-0607 416 2022-04-05 2022-04-11
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in GPU in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
38 CVE-2022-0606 416 2022-04-05 2022-04-08
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in ANGLE in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
39 CVE-2022-0605 416 2022-04-05 2022-04-11
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
40 CVE-2022-0604 787 Overflow 2022-04-05 2022-04-08
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in Tab Groups in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
41 CVE-2022-0470 119 Overflow Mem. Corr. 2022-04-05 2022-04-11
6.8
None Remote Medium Not required Partial Partial Partial
Out of bounds memory access in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
42 CVE-2022-0469 416 2022-04-05 2022-04-08
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Cast in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific interactions to potentially exploit heap corruption via a crafted HTML page.
43 CVE-2022-0468 416 2022-04-05 2022-04-08
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Payments in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
44 CVE-2022-0467 Bypass 2022-04-05 2022-04-12
6.8
None Remote Medium Not required Partial Partial Partial
Inappropriate implementation in Pointer Lock in Google Chrome on Windows prior to 98.0.4758.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
45 CVE-2022-0466 2022-04-05 2022-04-13
6.8
None Remote Medium Not required Partial Partial Partial
Inappropriate implementation in Extensions Platform in Google Chrome prior to 98.0.4758.80 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page.
46 CVE-2022-0465 416 2022-04-05 2022-04-08
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Extensions in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via user interaction.
47 CVE-2022-0464 416 2022-04-05 2022-04-08
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Accessibility in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction.
48 CVE-2022-0463 416 2022-04-05 2022-04-08
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Accessibility in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction.
49 CVE-2022-0461 668 Bypass 2022-04-05 2022-04-12
6.4
None Remote Low Not required Partial Partial None
Policy bypass in COOP in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to bypass iframe sandbox via a crafted HTML page.
50 CVE-2022-0460 416 2022-04-05 2022-04-08
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Window Dialogue in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Total number of vulnerabilities : 1245   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.