In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation Patch ID: ALPS07835901; Issue ID: ALPS07835901.
Max CVSS
4.4
EPSS Score
0.04%
Published
2024-02-05
Updated
2024-02-09
Inappropriate implementation in Extensions API in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. (Chromium security severity: Low)
Max CVSS
4.3
EPSS Score
0.05%
Published
2024-01-24
Updated
2024-02-19
Insufficient policy enforcement in DevTools in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. (Chromium security severity: Medium)
Max CVSS
4.3
EPSS Score
0.05%
Published
2024-01-24
Updated
2024-01-29
Inappropriate implementation in Autofill in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low)
Max CVSS
4.3
EPSS Score
0.08%
Published
2024-01-24
Updated
2024-01-29
Inappropriate implementation in Downloads in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium)
Max CVSS
4.3
EPSS Score
0.08%
Published
2024-01-24
Updated
2024-01-29
In Init of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
Max CVSS
4.9
EPSS Score
0.06%
Published
2023-12-08
Updated
2024-03-12
In Init of protocolcalladapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
Max CVSS
4.9
EPSS Score
0.06%
Published
2023-12-08
Updated
2024-03-12
In autotest driver, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with System execution privileges needed
Max CVSS
4.4
EPSS Score
0.04%
Published
2024-01-18
Updated
2024-01-24
In drm driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
Max CVSS
4.4
EPSS Score
0.04%
Published
2024-01-18
Updated
2024-01-24
In vsp driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
Max CVSS
4.4
EPSS Score
0.04%
Published
2024-01-18
Updated
2024-01-24
In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
Max CVSS
4.4
EPSS Score
0.04%
Published
2024-01-18
Updated
2024-01-24
In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
Max CVSS
4.4
EPSS Score
0.04%
Published
2024-01-18
Updated
2024-01-24
In vsp driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed
Max CVSS
4.4
EPSS Score
0.04%
Published
2024-01-18
Updated
2024-01-24
In media service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
Max CVSS
4.4
EPSS Score
0.04%
Published
2024-01-18
Updated
2024-01-19
In jpg driver, there is a possible missing permission check. This could lead to local information disclosure with System execution privileges needed
Max CVSS
4.4
EPSS Score
0.04%
Published
2024-01-18
Updated
2024-01-25
The vulnerability is that the Messaging ("com.android.mms") app patched by LG forwards attacker-controlled intents back to the attacker in the exported "com.android.mms.ui.QClipIntentReceiverActivity" activity. The attacker can abuse this functionality by launching this activity and then sending a broadcast with the "com.lge.message.action.QCLIP" action. The attacker can send, e.g., their own data/clipdata and set Intent.FLAG_GRANT_* flags. After the attacker received that intent in the "onActivityResult()" method, they would have access to arbitrary content providers that have the `android:grantUriPermissions="true"` flag set.
Max CVSS
3.6
EPSS Score
0.04%
Published
2023-09-27
Updated
2023-10-02
In gnss service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
Max CVSS
4.4
EPSS Score
0.04%
Published
2023-12-04
Updated
2023-12-07
In gnss service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
Max CVSS
4.4
EPSS Score
0.04%
Published
2023-11-01
Updated
2023-11-08
In telephony service, there is a possible missing permission check. This could lead to local information disclosure with System execution privileges needed
Max CVSS
4.4
EPSS Score
0.04%
Published
2023-12-04
Updated
2023-12-07
In Gnss service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
Max CVSS
4.4
EPSS Score
0.04%
Published
2023-12-04
Updated
2023-12-07
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
Max CVSS
4.4
EPSS Score
0.04%
Published
2023-12-04
Updated
2023-12-07
In gpu driver, there is a possible out of bounds write due to a incorrect bounds check. This could lead to local denial of service with System execution privileges needed
Max CVSS
4.4
EPSS Score
0.04%
Published
2023-12-04
Updated
2023-12-07
In TeleService, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
Max CVSS
4.4
EPSS Score
0.04%
Published
2023-12-04
Updated
2023-12-07
In gpu driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
Max CVSS
4.4
EPSS Score
0.04%
Published
2023-12-04
Updated
2023-12-07
In gpu driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
Max CVSS
4.4
EPSS Score
0.04%
Published
2023-12-04
Updated
2023-12-07
1149 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!