← Back

Google

google

13,256 CVEs • 235 products

Products (235)

Click to collapse
Toggle
Android
android
8,095 CVEs
Chrome
chrome
4,416 CVEs
Tensorflow
tensorflow
431 CVEs
Chrome Os
chrome_os
67 CVEs
V8
v8
33 CVEs
Asylo
asylo
16 CVEs
Blink
blink
12 CVEs
Picasa
picasa
11 CVEs
Mini Search Appliance
mini_search_appliance
8 CVEs
Search Appliance
search_appliance
7 CVEs
Cr 48 Chromebook
cr-48_chromebook
7 CVEs
Sketchup
sketchup
7 CVEs
Tunnelblick
tunnelblick
7 CVEs
Gvisor
gvisor
7 CVEs
Chromecast Firmware
chromecast_firmware
6 CVEs
Nest Cam Iq Indoor Firmware
nest_cam_iq_indoor_firmware
6 CVEs
Toolbar
toolbar
5 CVEs
Web Toolkit
web_toolkit
5 CVEs
Protobuf
protobuf
5 CVEs
Rendertron
rendertron
5 CVEs
Fuchsia
fuchsia
5 CVEs
Protobuf Java
protobuf-java
5 CVEs
Earth
earth
4 CVEs
App Engine Python Sdk
app_engine_python_sdk
4 CVEs
Fscrypt
fscrypt
4 CVEs
Protobuf Javalite
protobuf-javalite
4 CVEs
Android Sdk
android_sdk
3 CVEs
Guava
guava
3 CVEs
Monorail
monorail
3 CVEs
Guest Oslogin
guest-oslogin
3 CVEs
Gerrit
gerrit
3 CVEs
Protobuf Kotlin
protobuf-kotlin
3 CVEs
Linux And Chrome Os
linux_and_chrome_os
3 CVEs
Nest Wifi Point Firmware
nest_wifi_point_firmware
3 CVEs
Nest Wifi Pro Firmware
nest_wifi_pro_firmware
3 CVEs
Web Designer
web_designer
3 CVEs
Talk
talk
2 CVEs
Desktop
desktop
2 CVEs
Google Sketchup
google_sketchup
2 CVEs
Bionic
bionic
2 CVEs
Mod Pagespeed
mod_pagespeed
2 CVEs
Android Debug Bridge
android_debug_bridge
2 CVEs
Home Firmware
home_firmware
2 CVEs
Kubernetes Engine
kubernetes_engine
2 CVEs
Oauth Client Library For Java
oauth_client_library_for_java
2 CVEs
Flatbuffers
flatbuffers
2 CVEs
Bazel
bazel
2 CVEs
Google Protobuf
google-protobuf
2 CVEs
Firebase Php Jwt
firebase_php-jwt
2 CVEs
Google Play Services Software Development Kit
google_play_services_software_development_kit
2 CVEs
Protobuf Python
protobuf-python
2 CVEs
Protobuf Kotlin Lite
protobuf-kotlin-lite
2 CVEs
Web Stories
web_stories
2 CVEs
Nest Mini Firmware
nest_mini_firmware
2 CVEs
Nest Wifi Router Firmware
nest_wifi_router_firmware
2 CVEs
Updater
updater
2 CVEs
Nearby
nearby
2 CVEs
Api Search
api_search
1 CVE
Matter
matter
1 CVE
Custom Search Engine
custom_search_engine
1 CVE
Kml
kml
1 CVE
Google Apps
google_apps
1 CVE
Gears
gears
1 CVE
Idapython
idapython
1 CVE
Admob
admob
1 CVE
Checkout Php
checkout-php
1 CVE
Cityhash
cityhash
1 CVE
Chrome Frame
chrome_frame
1 CVE
Authenticator
authenticator
1 CVE
Glass
glass
1 CVE
Android Api
android_api
1 CVE
Search Appliance Software
search_appliance_software
1 CVE
Android Sdk Platform Tools
android_sdk_platform_tools
1 CVE
Android Browser
android_browser
1 CVE
Email
email
1 CVE
Play Services Sdk
play_services_sdk
1 CVE
Nexus 5x Firmware
nexus_5x_firmware
1 CVE
Nexus 6p Firmware
nexus_6p_firmware
1 CVE
Android One
android_one
1 CVE
Sfntly
sfntly
1 CVE
Skia
skia
1 CVE
Google I/o 2017
google_i/o_2017
1 CVE
News And Weather
news_and_weather
1 CVE
Pdfium
pdfium
1 CVE
Gmail
gmail
1 CVE
Santa
santa
1 CVE
Boringssl
boringssl
1 CVE
Cardboard
cardboard
1 CVE
Snappy
snappy
1 CVE
Api C++ Client
api_c++_client
1 CVE
Nexus 7 Firmware
nexus_7_firmware
1 CVE
Nexus 9 Firmware
nexus_9_firmware
1 CVE
Voice Builder
voice_builder
1 CVE
Google Cloud Platform Service Broker
google_cloud_platform_service_broker
1 CVE
Cloud Messaging Notification
cloud_messaging_notification
1 CVE
Gizmo5
gizmo5
1 CVE
Native Client
native_client
1 CVE
Closure Library
closure_library
1 CVE
Openthread
openthread
1 CVE
Chrome Launcher
chrome-launcher
1 CVE

CVEs (13,256)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2006-7157
1Google
1Earth
Apr 23, 2026
Mar 7, 2007
N/A· v4
N/A· v3
7.1 HIGH· v2
Buffer overflow in Google Earth v4.0.2091 (beta) allows remote user-assisted attackers to cause a denial of service (crash) via a KML or KMZ file with a long href element.
CVE-2007-1085
1Google
1Desktop
Apr 23, 2026
Feb 23, 2007
N/A· v4
N/A· v3
7.6 HIGH· v2
Cross-site scripting (XSS) vulnerability in Google Desktop allows remote attackers to bypass protection schemes and inject arbitrary web script or HTML, and possibly gain full access to the system, by using an XSS vulner...Show more
Cross-site scripting (XSS) vulnerability in Google Desktop allows remote attackers to bypass protection schemes and inject arbitrary web script or HTML, and possibly gain full access to the system, by using an XSS vulnerability in google.com to extract the signature for the internal web server, then calling the "under" parameter in Advanced Search with the proper signature.Show less
CVE-2006-6223
1Google
2Mini Search Appliance
Search Appliance
Apr 23, 2026
Dec 2, 2006
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in Google Search Appliance and Google Mini allows remote attackers to inject arbitrary web script or HTML via a UTF-7 encoded q parameter.
CVE-2006-5019
1Google
1Mini Search Appliance
Apr 23, 2026
Sep 27, 2006
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Google Mini 4.4.102.M.36 and earlier allows remote attackers to obtain sensitive information via a direct request for /search with an invalid client parameter, which reveals the path in an error message.
CVE-2005-3899
1Google
1Talk
Apr 16, 2026
Nov 29, 2005
N/A· v4
N/A· v3
5.4 MEDIUM· v2
The automatic update feature in Google Talk allows remote attackers to cause a denial of service (CPU and memory consumption) by poisoning a target's DNS cache and causing a large update file to be sent, which consumes l...Show more
The automatic update feature in Google Talk allows remote attackers to cause a denial of service (CPU and memory consumption) by poisoning a target's DNS cache and causing a large update file to be sent, which consumes large amounts of CPU and memory during the signature verification, aka BenjiBug.Show less
CVE-2005-3869
1Google
1Api Search
Apr 16, 2026
Nov 29, 2005
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in index.php in Google API Search 1.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via hex-encoded values in the REQ parameter.
CVE-2005-3758
1Google
2Mini Search Appliance
Search Appliance
Apr 16, 2026
Nov 22, 2005
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to inject arbitrary Javascript, and possibly other web script or HTML, via a proxyst...Show more
Cross-site scripting (XSS) vulnerability in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to inject arbitrary Javascript, and possibly other web script or HTML, via a proxystylesheet variable that contains a malicious XSLT style sheet.Show less
CVE-2005-3757
1Google
2Mini Search Appliance
Search Appliance
Apr 16, 2026
Nov 22, 2005
N/A· v4
N/A· v3
7.5 HIGH· v2
The Saxon XSLT parser in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to obtain sensitive information and execute arbitrary code via dangerous Java class methods in select a...Show more
The Saxon XSLT parser in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to obtain sensitive information and execute arbitrary code via dangerous Java class methods in select attribute of xsl:value-of tags in XSLT style sheets, such as (1) system-property, (2) sys:getProperty, and (3) run:exec.Show less
CVE-2005-3756
1Google
2Mini Search Appliance
Search Appliance
Apr 16, 2026
Nov 22, 2005
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to port scan arbitrary hosts via URLs with modified targets and ports, then comparing the resulting error messages to determine...Show more
Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to port scan arbitrary hosts via URLs with modified targets and ports, then comparing the resulting error messages to determine open and closed ports.Show less
CVE-2005-3755
1Google
2Mini Search Appliance
Search Appliance
Apr 16, 2026
Nov 22, 2005
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Directory traversal vulnerability in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to determine the existence of arbitrary files via a relative path from a style sheet direct...Show more
Directory traversal vulnerability in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to determine the existence of arbitrary files via a relative path from a style sheet directory, then comparing the resulting error messages.Show less
CVE-2005-3754
1Google
2Mini Search Appliance
Search Appliance
Apr 16, 2026
Nov 22, 2005
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to inject arbitrary Javascript, and possibly other web script or HTML, via the proxy...Show more
Cross-site scripting (XSS) vulnerability in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to inject arbitrary Javascript, and possibly other web script or HTML, via the proxystylesheet variable, which will be executed in the resulting error message.Show less
CVE-2005-3678
1Google
1Talk
Apr 16, 2026
Nov 18, 2005
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Google Talk before 1.0.0.76, with email notification enabled, allows remote attackers to cause a denial of service (connection reset) via email with a blank sender.
CVE-2004-2475
1Google
1Toolbar
Apr 16, 2026
Dec 31, 2004
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in Google Toolbar 2.0.114.1 allows remote attackers to inject arbitrary web script via about.html in the About section. NOTE: some followup posts suggest that the demonstration c...Show more
Cross-site scripting (XSS) vulnerability in Google Toolbar 2.0.114.1 allows remote attackers to inject arbitrary web script via about.html in the About section. NOTE: some followup posts suggest that the demonstration code's use of the res:// protocol does not cross privilege boundaries, since it is not allowed in the Internet Zone. Thus this might not be a vulnerability.Show less
CVE-2002-1443
1Google
1Toolbar
Apr 16, 2026
Apr 11, 2003
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The Google toolbar 1.1.58 and earlier allows remote web sites to monitor a user's input into the toolbar via an "onkeydown" event handler.
CVE-2002-1442
1Google
1Toolbar
Apr 16, 2026
Apr 11, 2003
N/A· v4
N/A· v3
7.5 HIGH· v2
The Google toolbar 1.1.58 and earlier allows remote web sites to perform unauthorized toolbar operations including script execution and file reading in other zones such as "My Computer" by opening a window to tools.googl...Show more
The Google toolbar 1.1.58 and earlier allows remote web sites to perform unauthorized toolbar operations including script execution and file reading in other zones such as "My Computer" by opening a window to tools.google.com or the res: protocol, then using script to modify the window's location to the toolbar's configuration URL, which bypasses the origin verification check.Show less
CVE-2002-1444
2Google
Microsoft
2Internet Explorer
Toolbar
Apr 16, 2026
Aug 15, 2002
N/A· v4
N/A· v3
2.6 LOW· v2
The Google toolbar 1.1.60, when running on Internet Explorer 5.5 and 6.0, allows remote attackers to cause a denial of service (crash with an exception in oleaut32.dll) via malicious HTML, possibly related to small width...Show more
The Google toolbar 1.1.60, when running on Internet Explorer 5.5 and 6.0, allows remote attackers to cause a denial of service (crash with an exception in oleaut32.dll) via malicious HTML, possibly related to small width and height parameters or an incorrect call to the Google.Search() function.Show less