Trending Zero-Day Explore Browse Search Saved

CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Home Trending Zero-Day Watch Attack Types Browse CVEs Search

Legal

Privacy Policy Terms of Service Data Disclaimer

© 2026CVEInsight. For informational use only — not a substitute for professional security advice.

CVE data sourced from NVD / NIST & public disclosures.

google

chromecast_firmware

6 known vulnerabilities · sorted by CVSS score

u-boot bug that allows for u-boot shell and interrupt over UART

google / chromecast_firmware

Published Apr 5, 2024

U-Boot vulnerability resulting in persistent Code Execution

google / chromecast_firmware

Published Dec 11, 2023

U-Boot shell vulnerability resulting in Privilege escalation in a production device

google / chromecast_firmware

Published Dec 11, 2023

Missing Permission checks resulting in unauthorized access and Manipulation in KeyChainActivity Application

google / chromecast_firmware

Published Dec 11, 2023

An oversight in BCB handling of reboot reason that allows for persistent code execution

google / chromecast_firmware

Published Dec 11, 2023

The API service on Google Home and Chromecast devices before mid-July 2018 does not prevent DNS rebinding attacks from reading the scan_results JSON data, which allows remote attackers to determine the physical location of most web browsers by leveraging the presence of one of these devices on its local network, extracting the scan_results bssid fields, and sending these fields in a geolocation/v1/geolocate Google Maps Geolocation API request.

google / chromecast_firmware+1

Published Jun 25, 2018