Vulnerabilities in Google
5,229 resultsVexday analysis
Com 4.763 CVEs catalogadas e 77 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Google é 3,6 vezes superior à média geral do catálogo, sinalizando risco operacional elevado para organizações que dependem desse ecossistema. O volume de 1.225 CVEs surgidas nos últimos 90 dias indica cadência intensa de descobertas, exigindo ciclos de patching ágeis. O tipo de falha mais recorrente é CWE-416 (use-after-free), classe de vulnerabilidade que frequentemente viabiliza execução de código arbitrário e escalada de privilégios. Destaque especial para CVE-2023-4863, com EPSS de 0,9974 — valor próximo ao máximo possível —, indicando probabilidade altíssima de exploração ativa e merecendo tratamento prioritário imediato.
CVE-2026-0081CRITICALIn NFC, there is a possible way to spoof an NFC event due to a missing permission check. This could lead to local escalation of privilege wiEPSS 0.1%CVE-2018-9475HIGHIn HeadsetInterface::ClccResponse of btif_hf.cc, there is a possible out of bounds stack write due to a missing bounds check. This could leaEPSS 0.1%CVE-2026-13957MEDIUMIncorrect security UI in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious EPSS 0.1%CVE-2024-34740HIGHIn attributeBytesBase64 and attributeBytesHex of BinaryXmlSerializer.java, there is a possible arbitrary XML injection due to an integer oveEPSS 0.1%CVE-2026-3939MEDIUMInsufficient policy enforcement in PDF in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions vEPSS 0.1%CVE-2024-0047MEDIUMIn writeUserLP of UserManagerService.java, device policies are serialized with an incorrect tag due to a logic error in the code. This couldEPSS 0.1%CVE-2023-21356—In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to remote (proximal/adjacent) code execEPSS 0.1%CVE-2023-21361—In Bluetooth, there is a possibility of code-execution due to a use after free. This could lead to paired device escalation of privilege in EPSS 0.1%CVE-2026-11205MEDIUMInsufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who coEPSS 0.1%CVE-2026-0027MEDIUMIn smmu_detach_dev of arm-smmu-v3.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation ofEPSS 0.1%CVE-2026-13940MEDIUMUninitialized Use in Cast in Google Chrome prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially senEPSS 0.1%CVE-2025-0092MEDIUMIn handleBondStateChanged of AdapterService.java, there is a possible permission bypass due to misleading or insufficient UI. This could leaEPSS 0.1%CVE-2026-3223HIGHZip Slip leading to Arbitrary File Write and Privilege Escalation in Google Web DesignerEPSS 0.1%CVE-2026-11232MEDIUMInappropriate implementation in TabGroups in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via malicEPSS 0.1%CVE-2026-12454HIGHRace in Safe Browsing in Google Chrome on Mac prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to EPSS 0.1%CVE-2026-8003MEDIUMInsufficient validation of untrusted input in TabGroups in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform UI spooEPSS 0.1%CVE-2026-13024MEDIUMInsufficient validation of untrusted input in Navigation in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromiEPSS 0.1%CVE-2026-14147MEDIUMInappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML (UEPSS 0.1%CVE-2026-8017LOWSide-channel information leakage in Media in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a EPSS 0.1%CVE-2023-21262—In startInput of AudioPolicyInterfaceImpl.cpp, there is a possible way of erroneously displaying the microphone privacy indicator due to a rEPSS 0.1%