Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
google security research vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2019-2215
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerabi...
Google Android -
2 EDB exploits
31 Github repositories
2 Articles
7.8
CVSSv3
CVE-2019-2000
In several functions of binder.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android ker...
Google Android -
1 EDB exploit
1 Article
7.8
CVSSv3
CVE-2018-9515
In sdcardfs_create and sdcardfs_mkdir of inode.c, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Vers...
Google Android -
1 EDB exploit
7.8
CVSSv3
CVE-2017-13216
In ashmem_ioctl of ashmem.c, there is an out-of-bounds write due to insufficient locking when accessing asma. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not ...
Google Android -
1 EDB exploit
5.5
CVSSv3
CVE-2016-6689
Binder in the kernel in Android prior to 2016-10-05 on Nexus devices allows malicious users to obtain sensitive information via a crafted application, aka internal bug 30768347.
Google Android
1 EDB exploit
5.5
CVSSv3
CVE-2015-7889
The SecEmailComposer/EmailComposer application in the Samsung S6 Edge before the October 2015 MR uses weak permissions for the com.samsung.android.email.intent.action.QUICK_REPLY_BACKGROUND service action, which might allow remote attackers with knowledge of the local email addre...
Google Android
1 EDB exploit
7.8
CVSSv3
CVE-2019-2025
In binder_thread_read of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: ...
Google Android -
1 EDB exploit
6.5
CVSSv3
CVE-2017-5101
Inappropriate implementation in Omnibox in Google Chrome before 60.0.3112.78 for Linux, Windows, and Mac allowed a remote malicious user to spoof the contents of the Omnibox via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
6.5
CVSSv3
CVE-2017-5105
Insufficient Policy Enforcement in Omnibox in Google Chrome before 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote malicious user to perform domain spoofing via IDN homographs in a crafted domain name.
Google Chrome
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
8.8
CVSSv3
CVE-2017-5091
A use after free in IndexedDB in Google Chrome before 60.0.3112.78 for Linux, Android, Windows, and Mac allowed a remote malicious user to perform an out of bounds memory read via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »