Vulnerabilities in Google

5,229 results
Vexday analysis

Com 4.763 CVEs catalogadas e 77 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Google é 3,6 vezes superior à média geral do catálogo, sinalizando risco operacional elevado para organizações que dependem desse ecossistema. O volume de 1.225 CVEs surgidas nos últimos 90 dias indica cadência intensa de descobertas, exigindo ciclos de patching ágeis. O tipo de falha mais recorrente é CWE-416 (use-after-free), classe de vulnerabilidade que frequentemente viabiliza execução de código arbitrário e escalada de privilégios. Destaque especial para CVE-2023-4863, com EPSS de 0,9974 — valor próximo ao máximo possível —, indicando probabilidade altíssima de exploração ativa e merecendo tratamento prioritário imediato.

CVE-2023-21290In update of MmsProvider.java, there is a possible way to bypass file permission checks due to a race condition. This could lead to local deEPSS 0.1%CVE-2026-0145LOWIn keymint, there is a possible Permission Bypass due to a logic error in the code. This could lead to local information disclosure with no EPSS 0.1%CVE-2025-26418HIGHIn setUserDisclaimerAcknowledged of CarDevicePolicyService.java, there is a possible way to bypass the user dialog when adding an account toEPSS 0.1%CVE-2026-0150HIGHIn ExecuteGraph command handler of EdgeTPU firmware, there is a possible out of bounds write due to an integer overflow. This could lead to EPSS 0.1%CVE-2026-0125HIGHIn multiple functions of vpu_ioctl.c, there is a possible use after free due to a race condition. This could lead to local escalation of priEPSS 0.1%CVE-2026-28577HIGHIn addWindow of WindowManagerService.java, there is a possible tapjacking issue due to a tapjacking/overlay attack. This could lead to localEPSS 0.1%CVE-2026-0133HIGHIn smmu_attach_dev of arm-smmu-v3.c, there is a possible way to sign malicious Android Runtime bootclass artifacts due to a missing permissiEPSS 0.1%CVE-2024-43766MEDIUMIn multiple functions of btm_ble_sec.cc, there is a possible unencrypted communication due to Invalid error handling. This could lead to remEPSS 0.1%CVE-2025-36921MEDIUMIn ProtocolPsUnthrottleApn() of protocolpsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could leadEPSS 0.1%CVE-2026-0089HIGHIn multiple functions of PackageInstallerService.java, there is a possible way to install unverified apps due to a missing permission check.EPSS 0.1%CVE-2026-0091HIGHIn multiple locations, there is a possible way to execute code in the launcher process due to an over-privileged shell user. This could leadEPSS 0.1%CVE-2026-28578MEDIUMIn multiple functions of DevicePolicyManagerService.java, there is a possible desync from persistence due to improper input validation. ThisEPSS 0.1%CVE-2023-21399there is a possible way to bypass cryptographic assurances due to a logic error in the code. This could lead to local escalation of privilegEPSS 0.1%CVE-2024-29779HIGHthere is a possible escalation of privilege due to an unusual root cause. This could lead to local escalation of privilege with no additionaEPSS 0.1%CVE-2025-48569MEDIUMIn multiple locations, there is a possible permanent denial of service due to resource exhaustion. This could lead to local denial of servicEPSS 0.1%CVE-2026-11290MEDIUMInteger overflow in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to cause a denial of service via a mEPSS 0.1%CVE-2026-0057LOWIn Contacts Provider, there is a possible way to access an incoming call's phone number and associated metadata due to a missing permission EPSS 0.1%CVE-2026-0016LOWIn updateProvidersWhenServiceRemoved of CredentialManagerService.java, there is a possible way to override settings across users due to a peEPSS 0.1%CVE-2026-28586LOWIn multiple functions of AppOpsService.java, there is a possible missing permission check due to a permissions bypass. This could lead to loEPSS 0.1%CVE-2025-48608MEDIUMIn isValidMediaUri of SettingsProvider.java, there is a possible cross user media read due to a missing permission check. This could lead toEPSS 0.1%