← Back

Google

google

13,751 CVEs • 235 products

Products (235)

Click to collapse
Toggle
Android
android
8,095 CVEs
Chrome
chrome
4,911 CVEs
Tensorflow
tensorflow
431 CVEs
Chrome Os
chrome_os
67 CVEs
V8
v8
33 CVEs
Asylo
asylo
16 CVEs
Blink
blink
12 CVEs
Picasa
picasa
11 CVEs
Mini Search Appliance
mini_search_appliance
8 CVEs
Search Appliance
search_appliance
7 CVEs
Cr 48 Chromebook
cr-48_chromebook
7 CVEs
Sketchup
sketchup
7 CVEs
Tunnelblick
tunnelblick
7 CVEs
Gvisor
gvisor
7 CVEs
Chromecast Firmware
chromecast_firmware
6 CVEs
Nest Cam Iq Indoor Firmware
nest_cam_iq_indoor_firmware
6 CVEs
Toolbar
toolbar
5 CVEs
Web Toolkit
web_toolkit
5 CVEs
Protobuf
protobuf
5 CVEs
Rendertron
rendertron
5 CVEs
Fuchsia
fuchsia
5 CVEs
Protobuf Java
protobuf-java
5 CVEs
Earth
earth
4 CVEs
App Engine Python Sdk
app_engine_python_sdk
4 CVEs
Fscrypt
fscrypt
4 CVEs
Protobuf Javalite
protobuf-javalite
4 CVEs
Android Sdk
android_sdk
3 CVEs
Guava
guava
3 CVEs
Monorail
monorail
3 CVEs
Guest Oslogin
guest-oslogin
3 CVEs
Gerrit
gerrit
3 CVEs
Protobuf Kotlin
protobuf-kotlin
3 CVEs
Linux And Chrome Os
linux_and_chrome_os
3 CVEs
Nest Wifi Point Firmware
nest_wifi_point_firmware
3 CVEs
Nest Wifi Pro Firmware
nest_wifi_pro_firmware
3 CVEs
Web Designer
web_designer
3 CVEs
Talk
talk
2 CVEs
Desktop
desktop
2 CVEs
Google Sketchup
google_sketchup
2 CVEs
Bionic
bionic
2 CVEs
Mod Pagespeed
mod_pagespeed
2 CVEs
Android Debug Bridge
android_debug_bridge
2 CVEs
Home Firmware
home_firmware
2 CVEs
Kubernetes Engine
kubernetes_engine
2 CVEs
Oauth Client Library For Java
oauth_client_library_for_java
2 CVEs
Flatbuffers
flatbuffers
2 CVEs
Bazel
bazel
2 CVEs
Google Protobuf
google-protobuf
2 CVEs
Firebase Php Jwt
firebase_php-jwt
2 CVEs
Google Play Services Software Development Kit
google_play_services_software_development_kit
2 CVEs
Protobuf Python
protobuf-python
2 CVEs
Protobuf Kotlin Lite
protobuf-kotlin-lite
2 CVEs
Web Stories
web_stories
2 CVEs
Nest Mini Firmware
nest_mini_firmware
2 CVEs
Nest Wifi Router Firmware
nest_wifi_router_firmware
2 CVEs
Updater
updater
2 CVEs
Nearby
nearby
2 CVEs
Api Search
api_search
1 CVE
Matter
matter
1 CVE
Custom Search Engine
custom_search_engine
1 CVE
Kml
kml
1 CVE
Google Apps
google_apps
1 CVE
Gears
gears
1 CVE
Idapython
idapython
1 CVE
Admob
admob
1 CVE
Checkout Php
checkout-php
1 CVE
Cityhash
cityhash
1 CVE
Chrome Frame
chrome_frame
1 CVE
Authenticator
authenticator
1 CVE
Glass
glass
1 CVE
Android Api
android_api
1 CVE
Search Appliance Software
search_appliance_software
1 CVE
Android Sdk Platform Tools
android_sdk_platform_tools
1 CVE
Android Browser
android_browser
1 CVE
Email
email
1 CVE
Play Services Sdk
play_services_sdk
1 CVE
Nexus 5x Firmware
nexus_5x_firmware
1 CVE
Nexus 6p Firmware
nexus_6p_firmware
1 CVE
Android One
android_one
1 CVE
Sfntly
sfntly
1 CVE
Skia
skia
1 CVE
Google I/o 2017
google_i/o_2017
1 CVE
News And Weather
news_and_weather
1 CVE
Pdfium
pdfium
1 CVE
Gmail
gmail
1 CVE
Santa
santa
1 CVE
Boringssl
boringssl
1 CVE
Cardboard
cardboard
1 CVE
Snappy
snappy
1 CVE
Api C++ Client
api_c++_client
1 CVE
Nexus 7 Firmware
nexus_7_firmware
1 CVE
Nexus 9 Firmware
nexus_9_firmware
1 CVE
Voice Builder
voice_builder
1 CVE
Google Cloud Platform Service Broker
google_cloud_platform_service_broker
1 CVE
Cloud Messaging Notification
cloud_messaging_notification
1 CVE
Gizmo5
gizmo5
1 CVE
Native Client
native_client
1 CVE
Closure Library
closure_library
1 CVE
Openthread
openthread
1 CVE
Chrome Launcher
chrome-launcher
1 CVE

CVEs (13,751)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2015-6608
1Google
1Android
May 6, 2026
Nov 3, 2015
N/A· v4
N/A· v3
10.0 HIGH· v2
mediaserver in Android 5.x before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bugs 1977...Show more
mediaserver in Android 5.x before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bugs 19779574, 23680780, 23876444, and 23658148, a different vulnerability than CVE-2015-8072 and CVE-2015-8073.Show less
CVE-2015-7834
1Google
2Chrome
V8
May 6, 2026
Oct 15, 2015
N/A· v4
N/A· v3
7.5 HIGH· v2
Multiple unspecified vulnerabilities in Google V8 before 4.6.85.23, as used in Google Chrome before 46.0.2490.71, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
CVE-2015-6763
1Google
1Chrome
May 6, 2026
Oct 15, 2015
N/A· v4
N/A· v3
7.5 HIGH· v2
Multiple unspecified vulnerabilities in Google Chrome before 46.0.2490.71 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
CVE-2015-6762
1Google
1Chrome
May 6, 2026
Oct 15, 2015
N/A· v4
N/A· v3
7.5 HIGH· v2
The CSSFontFaceSrcValue::fetch function in core/css/CSSFontFaceSrcValue.cpp in the Cascading Style Sheets (CSS) implementation in Blink, as used in Google Chrome before 46.0.2490.71, does not use the CORS cross-origin re...Show more
The CSSFontFaceSrcValue::fetch function in core/css/CSSFontFaceSrcValue.cpp in the Cascading Style Sheets (CSS) implementation in Blink, as used in Google Chrome before 46.0.2490.71, does not use the CORS cross-origin request algorithm when a font's URL appears to be a same-origin URL, which allows remote web servers to bypass the Same Origin Policy via a redirect.Show less
CVE-2015-6761
2Ffmpeg
Google
2Chrome
Ffmpeg
May 6, 2026
Oct 15, 2015
N/A· v4
N/A· v3
6.8 MEDIUM· v2
The update_dimensions function in libavcodec/vp8.c in FFmpeg through 2.8.1, as used in Google Chrome before 46.0.2490.71 and other products, relies on a coefficient-partition count during multi-threaded operation, which...Show more
The update_dimensions function in libavcodec/vp8.c in FFmpeg through 2.8.1, as used in Google Chrome before 46.0.2490.71 and other products, relies on a coefficient-partition count during multi-threaded operation, which allows remote attackers to cause a denial of service (race condition and memory corruption) or possibly have unspecified other impact via a crafted WebM file.Show less
CVE-2015-6760
1Google
1Chrome
May 6, 2026
Oct 15, 2015
N/A· v4
N/A· v3
7.5 HIGH· v2
The Image11::map function in renderer/d3d/d3d11/Image11.cpp in libANGLE, as used in Google Chrome before 46.0.2490.71, mishandles mapping failures after device-lost events, which allows remote attackers to cause a denial...Show more
The Image11::map function in renderer/d3d/d3d11/Image11.cpp in libANGLE, as used in Google Chrome before 46.0.2490.71, mishandles mapping failures after device-lost events, which allows remote attackers to cause a denial of service (invalid read or write) or possibly have unspecified other impact via vectors involving a removed device.Show less
CVE-2015-6759
1Google
1Chrome
May 6, 2026
Oct 15, 2015
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The shouldTreatAsUniqueOrigin function in platform/weborigin/SecurityOrigin.cpp in Blink, as used in Google Chrome before 46.0.2490.71, does not ensure that the origin of a LocalStorage resource is considered unique, whi...Show more
The shouldTreatAsUniqueOrigin function in platform/weborigin/SecurityOrigin.cpp in Blink, as used in Google Chrome before 46.0.2490.71, does not ensure that the origin of a LocalStorage resource is considered unique, which allows remote attackers to obtain sensitive information via vectors involving a blob: URL.Show less
CVE-2015-6758
1Google
1Chrome
May 6, 2026
Oct 15, 2015
N/A· v4
N/A· v3
6.8 MEDIUM· v2
The CPDF_Document::GetPage function in fpdfapi/fpdf_parser/fpdf_parser_document.cpp in PDFium, as used in Google Chrome before 46.0.2490.71, does not properly perform a cast of a dictionary object, which allows remote at...Show more
The CPDF_Document::GetPage function in fpdfapi/fpdf_parser/fpdf_parser_document.cpp in PDFium, as used in Google Chrome before 46.0.2490.71, does not properly perform a cast of a dictionary object, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document.Show less
CVE-2015-6757
1Google
1Chrome
May 6, 2026
Oct 15, 2015
N/A· v4
N/A· v3
7.5 HIGH· v2
Use-after-free vulnerability in content/browser/service_worker/embedded_worker_instance.cc in the ServiceWorker implementation in Google Chrome before 46.0.2490.71 allows remote attackers to cause a denial of service or...Show more
Use-after-free vulnerability in content/browser/service_worker/embedded_worker_instance.cc in the ServiceWorker implementation in Google Chrome before 46.0.2490.71 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging object destruction in a callback.Show less
CVE-2015-6756
1Google
1Chrome
May 6, 2026
Oct 15, 2015
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Use-after-free vulnerability in the CPDFSDK_PageView implementation in fpdfsdk/src/fsdk_mgr.cpp in PDFium, as used in Google Chrome before 46.0.2490.71, allows remote attackers to cause a denial of service (heap memory c...Show more
Use-after-free vulnerability in the CPDFSDK_PageView implementation in fpdfsdk/src/fsdk_mgr.cpp in PDFium, as used in Google Chrome before 46.0.2490.71, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by leveraging mishandling of a focused annotation in a PDF document.Show less
CVE-2015-6755
1Google
1Chrome
May 6, 2026
Oct 15, 2015
N/A· v4
N/A· v3
7.5 HIGH· v2
The ContainerNode::parserInsertBefore function in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 46.0.2490.71, proceeds with a DOM tree insertion in certain cases where a parent node no longer conta...Show more
The ContainerNode::parserInsertBefore function in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 46.0.2490.71, proceeds with a DOM tree insertion in certain cases where a parent node no longer contains a child node, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code.Show less
CVE-2015-1304
1Google
1Chrome
May 6, 2026
Oct 12, 2015
N/A· v4
N/A· v3
7.5 HIGH· v2
object-observe.js in Google V8, as used in Google Chrome before 45.0.2454.101, does not properly restrict method calls on access-checked objects, which allows remote attackers to bypass the Same Origin Policy via a (1) o...Show more
object-observe.js in Google V8, as used in Google Chrome before 45.0.2454.101, does not properly restrict method calls on access-checked objects, which allows remote attackers to bypass the Same Origin Policy via a (1) observe or (2) getNotifier call.Show less
CVE-2015-1303
1Google
1Chrome
May 6, 2026
Oct 12, 2015
N/A· v4
N/A· v3
7.5 HIGH· v2
bindings/core/v8/V8DOMWrapper.h in Blink, as used in Google Chrome before 45.0.2454.101, does not perform a rethrow action to propagate information about a cross-context exception, which allows remote attackers to bypass...Show more
bindings/core/v8/V8DOMWrapper.h in Blink, as used in Google Chrome before 45.0.2454.101, does not perform a rethrow action to propagate information about a cross-context exception, which allows remote attackers to bypass the Same Origin Policy via a crafted HTML document containing an IFRAME element.Show less
CVE-2015-7718
1Google
1Android
May 6, 2026
Oct 6, 2015
N/A· v4
N/A· v3
5.0 MEDIUM· v2
mediaserver in Android 5.x before 5.1.1 LMY48T and 6.0 before 2015-10-01 allows attackers to cause a denial of service (process crash) via unspecified vectors, aka internal bug 22278703, a different vulnerability than CV...Show more
mediaserver in Android 5.x before 5.1.1 LMY48T and 6.0 before 2015-10-01 allows attackers to cause a denial of service (process crash) via unspecified vectors, aka internal bug 22278703, a different vulnerability than CVE-2015-6605.Show less
CVE-2015-7717
1Google
1Android
May 6, 2026
Oct 6, 2015
N/A· v4
N/A· v3
9.3 HIGH· v2
mediaserver in Android 5.x before 5.1.1 LMY48T and 6.0 before 2015-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 19573085, a different vulnerability than CVE-2015-6596.
CVE-2015-7716
1Google
1Android
May 6, 2026
Oct 6, 2015
N/A· v4
N/A· v3
10.0 HIGH· v2
libstagefright in Android 5.x before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 20721050, a different vulner...Show more
libstagefright in Android 5.x before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 20721050, a different vulnerability than CVE-2015-3873.Show less
CVE-2015-6606
1Google
1Android
May 6, 2026
Oct 6, 2015
N/A· v4
N/A· v3
9.3 HIGH· v2
The Secure Element Evaluation Kit (aka SEEK or SmartCard API) plugin in Android before 5.1.1 LMY48T allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSyst...Show more
The Secure Element Evaluation Kit (aka SEEK or SmartCard API) plugin in Android before 5.1.1 LMY48T allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 22301786.Show less
CVE-2015-6605
1Google
1Android
May 6, 2026
Oct 6, 2015
N/A· v4
N/A· v3
5.0 MEDIUM· v2
mediaserver in Android before 5.1.1 LMY48T allows attackers to cause a denial of service (process crash) via unspecified vectors, aka internal bugs 20915134 and 23142203, a different vulnerability than CVE-2015-7718.
CVE-2015-6604
1Google
1Android
May 6, 2026
Oct 6, 2015
N/A· v4
N/A· v3
10.0 HIGH· v2
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23129786.
CVE-2015-6603
1Google
1Android
May 6, 2026
Oct 6, 2015
N/A· v4
N/A· v3
10.0 HIGH· v2
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23227354.