Vulnerabilities in Google
5,229 resultsVexday analysis
Com 4.763 CVEs catalogadas e 77 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Google é 3,6 vezes superior à média geral do catálogo, sinalizando risco operacional elevado para organizações que dependem desse ecossistema. O volume de 1.225 CVEs surgidas nos últimos 90 dias indica cadência intensa de descobertas, exigindo ciclos de patching ágeis. O tipo de falha mais recorrente é CWE-416 (use-after-free), classe de vulnerabilidade que frequentemente viabiliza execução de código arbitrário e escalada de privilégios. Destaque especial para CVE-2023-4863, com EPSS de 0,9974 — valor próximo ao máximo possível —, indicando probabilidade altíssima de exploração ativa e merecendo tratamento prioritário imediato.
CVE-2023-21390HIGHIn Sim, there is a possible way to evade mobile preference restrictions due to a permission bypass. This could lead to local escalation of pEPSS 0.1%CVE-2024-0041HIGHIn removePersistentDot of SystemStatusAnimationSchedulerImpl.kt, there is a possible race condition due to a logic error in the code. This cEPSS 0.1%CVE-2023-21340—In Telecomm, there is a possible way to get the call state due to a missing permission check. This could lead to local information disclosurEPSS 0.1%CVE-2018-9379MEDIUMIn multiple functions of MiniThumbFile.java, there is a possible way to view the thumbnails of deleted photos due to a confused deputy. ThisEPSS 0.1%CVE-2026-11308MEDIUMInappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malEPSS 0.1%CVE-2025-48578HIGHIn multiple functions of MediaProvider.java, there is a possible way to bypass the WRITE_EXTERNAL_STORAGE permission due to a missing permisEPSS 0.1%CVE-2024-56193MEDIUMThere is a possible disclosure of Bluetooth adapter details due to a permissions bypass. This could lead to local information disclosure witEPSS 0.1%CVE-2026-9987HIGHInsufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 148.0.7778.216 allowed a local attacker toEPSS 0.1%CVE-2023-21241—In rw_i93_send_to_upper of rw_i93.cc, there is a possible out of bounds write due to an integer overflow. This could lead to local escalatioEPSS 0.1%CVE-2023-21329—In Activity Manager, there is a possible way to determine whether an app is installed due to a missing permission check. This could lead to EPSS 0.1%CVE-2017-13321MEDIUMIn SensorService::isDataInjectionEnabled of frameworks/native/services/sensorservice/SensorService.cpp, there is a possible out of bounds reEPSS 0.1%CVE-2025-48612HIGHIn setDefaultKey of DefaultPaymentSettings.java, there is a possible way for an application to set the main user's default NFC payment settiEPSS 0.1%CVE-2023-35686HIGHIn PVRSRVRGXKickTA3DKM of rgxta3d.c, there is a possible arbitrary code execution due to improper input validation. This could lead to localEPSS 0.1%CVE-2026-0020HIGHIn parsePermissionGroup of ParsedPermissionUtils.java, there is a possible way to bypass a consent dialog to obtain permissions due to a perEPSS 0.1%CVE-2025-32325HIGHIn appendFrom of Parcel.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of pEPSS 0.1%CVE-2023-21341HIGHIn Permission Manager, there is a possible way to bypass required permissions due to a missing permission check. This could lead to local esEPSS 0.1%CVE-2026-0021HIGHIn hasInteractAcrossUsersFullPermission of AppInfoBase.java, there is a possible cross-user permission bypass due to a confused deputy. ThisEPSS 0.1%CVE-2025-48653HIGHIn loadDataAndPostValue of multiple files, there is a possible way to obscure permission usage due to a logic error in the code. This could EPSS 0.1%CVE-2025-22421MEDIUMIn contentDescForNotification of NotificationContentDescription.kt, there is a possible notification content leak through the lockscreen dueEPSS 0.1%CVE-2024-40662HIGHIn scheme of Uri.java, there is a possible way to craft a malformed Uri object due to improper input validation. This could lead to local esEPSS 0.1%