google security advisories
60 threat alerts tracking vulnerabilities and security advisories that affect google products.
Vulnios monitors google CVE feeds, vendor advisories, CISA KEV listings, and exploit-prediction data continuously. Each alert below is enriched with severity, exploitation status, affected products, and a remediation path. Use this page to scan recent google security news in one place, or click into an individual alert for full detail.
Critical Vulnerability: CVE-2012-5376 — google — chrome
The Inter-process Communication (IPC) implementation in Google Chrome before 22.0.1229.94 allows remote attackers to bypass intended sandbox restrictions and write to arbitrary files by leveraging acc
criticalCVE-2012-5376Critical Vulnerability: CVE-2010-4201 — google — chrome
Use-after-free vulnerability in Google Chrome before 7.0.517.44 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving text control select
criticalCVE-2010-4201Critical Vulnerability: CVE-2010-4205 — google — chrome
Google Chrome before 7.0.517.44 does not properly handle the data types of event objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unkno
criticalCVE-2010-4205Critical Vulnerability: CVE-2010-3729 — google — chrome
The SPDY protocol implementation in Google Chrome before 6.0.472.62 does not properly manage buffers, which might allow remote attackers to execute arbitrary code via unspecified vectors.
criticalCVE-2010-3729Critical Vulnerability: CVE-2017-13160 — google — android
A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-37160362.
criticalCVE-2017-13160Critical Vulnerability: CVE-2017-13150 — google — android
An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-38328132.
criticalCVE-2017-13150Critical Vulnerability: CVE-2017-14917 — google — android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer sizes in the message passing interface are not properly validated.
criticalCVE-2017-14917Critical Vulnerability: CVE-2017-14909 — google — android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a count value that is read from a file is not properly validated.
criticalCVE-2017-14909Critical Vulnerability: CVE-2017-14918 — google — android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the GPS location wireless interface, a Use After Free condition can occur.
criticalCVE-2017-14918Critical Vulnerability: CVE-2017-0879 — google — android
An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65025028.
criticalCVE-2017-0879Critical Vulnerability: CVE-2017-14916 — google — android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer sizes in the message passing interface are not properly validated.
criticalCVE-2017-14916Critical Vulnerability: CVE-2017-6211 — google — android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the processing of a downlink supplementary services message, a buffer overflow can oc
criticalCVE-2017-6211Critical Vulnerability: CVE-2017-14908 — google — android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the SafeSwitch test application does not properly validate the number of blocks to verif
criticalCVE-2017-14908Critical Vulnerability: CVE-2017-11005 — google — android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a Use After Free condition can occur during a deinitialization path.
criticalCVE-2017-11005Critical Vulnerability: CVE-2017-14907 — google — android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, cryptographic strength is reduced while deriving disk encryption key.
criticalCVE-2017-14907Critical Vulnerability: CVE-2017-13149 — google — android
An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65719872.
criticalCVE-2017-13149Critical Vulnerability: CVE-2017-11006 — google — android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a Use After Free condition can occur during positioning.
criticalCVE-2017-11006Critical Vulnerability: CVE-2017-9709 — google — android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a privilege escalation vulnerability exists in telephony.
criticalCVE-2017-9709Critical Vulnerability: CVE-2017-14914 — google — android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, handles in the global client structure can become stale.
criticalCVE-2017-14914Critical Vulnerability: CVE-2017-15813 — google — android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overflow can occur while reading firmware logs.
criticalCVE-2017-15813Critical Vulnerability: CVE-2017-0853 — google — android
An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63121644.
criticalCVE-2017-0853Critical Vulnerability: CVE-2017-0854 — google — android
An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63873837.
criticalCVE-2017-0854Critical Vulnerability: CVE-2017-0847 — google — android
An elevation of privilege vulnerability in the Android media framework (mediaanalytics). Product: Android. Versions: 8.0. Android ID: A-65540999.
criticalCVE-2017-0847Critical Vulnerability: CVE-2017-6274 — google — android
An elevation of Privilege vulnerability exists in the Thermal Driver, where a missing bounds checks in the thermal throttle driver can cause an out-of-bounds write in the kernel. This issue is rated a
criticalCVE-2017-6274Critical Vulnerability: CVE-2017-0822 — google — android
An elevation of privilege vulnerability in the Android system (camera). Product: Android. Versions: 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63787722.
criticalCVE-2017-0822Critical Vulnerability: CVE-2017-0829 — google — android
An elevation of privilege vulnerability in the Motorola bootloader. Product: Android. Versions: Android kernel. Android ID: A-62345044.
criticalCVE-2017-0829Critical Vulnerability: CVE-2017-0828 — google — android
An elevation of privilege vulnerability in the Huawei bootloader. Product: Android. Versions: Android kernel. Android ID: A-34622855.
criticalCVE-2017-0828Critical Vulnerability: CVE-2017-0807 — google — android
An elevation of privilege vulnerability in the Android framework (ui framework). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35056974.
criticalCVE-2017-0807Critical Vulnerability: CVE-2017-0824 — google — android
An elevation of privilege vulnerability in the Broadcom wifi driver. Product: Android. Versions: Android kernel. Android ID: A-37622847. References: B-V2017063001.
criticalCVE-2017-0824Critical Vulnerability: CVE-2015-9066 — google — android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in an Inter-RAT procedure.
criticalCVE-2015-9066Critical Vulnerability: CVE-2015-8593 — google — android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in 1x call processing.
criticalCVE-2015-8593Critical Vulnerability: CVE-2014-9975 — google — android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a rollback vulnerability potentially exists in Full Disk Encryption.
criticalCVE-2014-9975Critical Vulnerability: CVE-2016-10391 — google — android
In all Qualcomm products with Android releases from CAF using the Linux kernel, the length in an HCI command is not properly checked for validity.
criticalCVE-2016-10391Critical Vulnerability: CVE-2014-9980 — google — android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a Sample App failed to check a length potentially leading to unauthorized access to secure memory.
criticalCVE-2014-9980Critical Vulnerability: CVE-2014-9976 — google — android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in 1x call processing.
criticalCVE-2014-9976Critical Vulnerability: CVE-2015-9055 — google — android
In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a memory management routine.
criticalCVE-2015-9055Critical Vulnerability: CVE-2015-9072 — google — android
In all Qualcomm products with Android releases from CAF using the Linux kernel, an untrusted pointer dereference can occur in a TrustZone syscall.
criticalCVE-2015-9072Critical Vulnerability: CVE-2015-9052 — google — android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in LTE where an assertion can be reached while processing a downlink message.
criticalCVE-2015-9052Critical Vulnerability: CVE-2014-9977 — google — android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in PlayReady DRM.
criticalCVE-2014-9977Critical Vulnerability: CVE-2015-0574 — google — android
In all Qualcomm products with Android releases from CAF using the Linux kernel, the validation of filesystem access was insufficient.
criticalCVE-2015-0574Critical Vulnerability: CVE-2015-9051 — google — android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in LTE where an assertion can be reached due to an improper bound on a length in a System Informa
criticalCVE-2015-9051Critical Vulnerability: CVE-2015-9053 — google — android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the processing of certain responses from the USIM.
criticalCVE-2015-9053Critical Vulnerability: CVE-2015-9064 — google — android
In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send IMEI or IMEISV to the network on a network request before NAS security has been activated.
criticalCVE-2015-9064Critical Vulnerability: CVE-2015-9042 — google — android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists when processing a QMI message.
criticalCVE-2015-9042Critical Vulnerability: CVE-2015-9049 — google — android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in the processing of certain responses from the USIM.
criticalCVE-2015-9049Critical Vulnerability: CVE-2016-10385 — google — android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a use-after-free vulnerability exists in IMS RCS.
criticalCVE-2016-10385Critical Vulnerability: CVE-2015-9073 — google — android
In all Qualcomm products with Android releases from CAF using the Linux kernel, an untrusted pointer dereference can occur in a TrustZone syscall.
criticalCVE-2015-9073Critical Vulnerability: CVE-2017-7364 — google — android
In all Qualcomm products with Android releases from CAF using the Linux kernel, in function __mdss_fb_copy_destscaler_data(), variable ds_data[i].scale may still point to a user-provided address (whic
criticalCVE-2017-7364Critical Vulnerability: CVE-2016-10346 — google — android
In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in the hypervisor.
criticalCVE-2016-10346Critical Vulnerability: CVE-2015-9044 — google — android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in LTE where an assertion can be reached due to an improper bound on the size of a frequency list
criticalCVE-2015-9044Critical Vulnerability: CVE-2015-9069 — google — android
In all Qualcomm products with Android releases from CAF using the Linux kernel, the Secure File System can become corrupted.
criticalCVE-2015-9069Critical Vulnerability: CVE-2015-9067 — google — android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a potential compiler optimization of memset() is addressed.
criticalCVE-2015-9067Critical Vulnerability: CVE-2015-9043 — google — android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer can be dereferenced upon the expiry of a timer.
criticalCVE-2015-9043Critical Vulnerability: CVE-2016-5872 — google — android
In all Qualcomm products with Android releases from CAF using the Linux kernel, arguments to several QTEE syscalls are not properly validated.
criticalCVE-2016-5872Critical Vulnerability: CVE-2014-9971 — google — android
In all Qualcomm products with Android releases from CAF using the Linux kernel, disabling asserts causes an instruction inside of an assert to not be executed resulting in incorrect control flow.
criticalCVE-2014-9971Critical Vulnerability: CVE-2016-10381 — google — android
In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send unprotected MeasurementReports revealing UE location.
criticalCVE-2016-10381Critical Vulnerability: CVE-2015-8594 — google — android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read vulnerability exists in RFA-1x.
criticalCVE-2015-8594Critical Vulnerability: CVE-2015-9045 — google — android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in GERAN where a buffer can be overflown while taking power measurements.
criticalCVE-2015-9045Critical Vulnerability: CVE-2015-0575 — google — android
In all Qualcomm products with Android releases from CAF using the Linux kernel, insecure ciphersuites were included in the default configuration.
criticalCVE-2015-0575Critical Vulnerability: CVE-2015-9048 — google — android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in the processing of lost RTP packets.
criticalCVE-2015-9048
Showing the 60 most recent. Older alerts are archived but still reachable via search and the main feed.
Track google exposure across your environment
Vulnios automatically cross-references your asset inventory against new google CVEs and surfaces only what affects you. No more sifting manually — actionable findings only.
Start a free scan