Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
google android api vulnerabilities and exploits
(subscribe to this query)
187
VMScore
CVE-2021-28712
Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen offers the ability to run PV backends in regular unprivileged guests, typically re...
Xen Xen -
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
187
VMScore
CVE-2021-28713
Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen offers the ability to run PV backends in regular unprivileged guests, typically re...
Xen Xen -
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
187
VMScore
CVE-2021-45095
pep_sock_accept in net/phonet/pep.c in the Linux kernel up to and including 5.15.8 has a refcount leak.
Linux Linux Kernel
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
187
VMScore
CVE-2021-25411
Improper address validation vulnerability in RKP api prior to SMR JUN-2021 Release 1 allows root privileged local malicious users to write read-only kernel memory.
Google Android 10.0
Google Android 11.0
NA
CVE-2024-3094
Malicious code exists in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific fun...
Tukaani Xz 5.6.1
Tukaani Xz 5.6.0
80 Github repositories
6 Articles
NA
CVE-2023-21370
In the Security Element API, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Google Android
NA
CVE-2023-0460
The YouTube Embedded 1.2 SDK binds to a service within the YouTube Main App. After binding, a remote context is created with the flags Context.CONTEXT_INCLUDE_CODE | Context.CONTEXT_IGNORE_SECURITY. This allows the client app to remotely load code from YouTube Main App by retriev...
Google Youtube Android Player Api
NA
CVE-2023-0927
Use after free in Web Payments API in Google Chrome on Android before 110.0.5481.177 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Google Chrome
NA
CVE-2023-0136
Inappropriate implementation in in Fullscreen API in Google Chrome on Android before 109.0.5414.74 allowed a remote malicious user to execute incorrect security UI via a crafted HTML page. (Chromium security severity: Medium)
Google Chrome
NA
CVE-2023-0130
Inappropriate implementation in in Fullscreen API in Google Chrome on Android before 109.0.5414.74 allowed a remote malicious user to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)
Google Chrome
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »