Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
google android api vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2013-6282
The (1) get_user and (2) put_user API functions in the Linux kernel prior to 3.5.5 on the v6k and v7 ARM platforms do not validate certain addresses, which allows malicious users to read or modify the contents of arbitrary kernel memory locations via a crafted application, as exp...
Linux Linux Kernel
2 EDB exploits
8 Github repositories
4.3
CVSSv2
CVE-2016-5217
The extensions API in Google Chrome before 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly permitted access to privileged plugins, which allowed a remote malicious user to bypass site isolation via a crafted HTML page.
Google Chrome
NA
CVE-2023-0130
Inappropriate implementation in in Fullscreen API in Google Chrome on Android before 109.0.5414.74 allowed a remote malicious user to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)
Google Chrome
NA
CVE-2023-0136
Inappropriate implementation in in Fullscreen API in Google Chrome on Android before 109.0.5414.74 allowed a remote malicious user to execute incorrect security UI via a crafted HTML page. (Chromium security severity: Medium)
Google Chrome
NA
CVE-2023-0927
Use after free in Web Payments API in Google Chrome on Android before 110.0.5481.177 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Google Chrome
NA
CVE-2022-2611
Inappropriate implementation in Fullscreen API in Google Chrome on Android before 104.0.5112.79 allowed a remote malicious user to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 37
6.8
CVSSv2
CVE-2020-16044
Use after free in WebRTC in Google Chrome before 88.0.4324.96 allowed a remote malicious user to potentially exploit heap corruption via a crafted SCTP packet.
Google Chrome
1 Article
5.8
CVSSv2
CVE-2018-10229
A hardware vulnerability in GPU memory modules allows malicious users to accelerate micro-architectural attacks through the use of the JavaScript WebGL API.
Mozilla Firefox -
Google Chrome -
Lg Nexus 5 -
1 Github repository
4.3
CVSSv2
CVE-2021-21136
Insufficient policy enforcement in WebView in Google Chrome on Android before 88.0.4324.96 allowed a remote malicious user to leak cross-origin data via a crafted HTML page.
Google Chrome
Microsoft Edge Chromium
6.8
CVSSv2
CVE-2021-21124
Potential user after free in Speech Recognizer in Google Chrome on Android before 88.0.4324.96 allowed a remote malicious user to potentially perform a sandbox escape via a crafted HTML page.
Google Chrome
Microsoft Edge Chromium
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »