Vulnerabilidades en Google Inc.

960 resultados

Análisis Vexday

Com 960 CVEs catalogadas e nenhuma entrada no catálogo KEV da CISA, o perfil de exploração ativa do Google Inc. está abaixo da média geral do catálogo, o que sugere menor pressão imediata de ataques em curso. Apesar da ausência de severidades críticas e de novas vulnerabilidades nos últimos 90 dias, há 16 CVEs com prova de conceito pública disponível, o que representa um vetor de risco concreto para equipes que ainda não aplicaram as correções correspondentes. A falha mais recorrente é CWE-269 (gerenciamento inadequado de privilégios), padrão que tipicamente favorece escalonamento de privilégios e movimentação lateral em ambientes comprometidos. A CVE mais perigosa atualmente rastreada é CVE-2017-0561, com EPSS de 0,30, indicando probabilidade não negligenciável de exploração e justificando atenção prioritária mesmo tratando-se de uma vulnerabilidade mais antiga.

CVE-2016-8413—An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of iEPSS 0.9%CVE-2016-8477—An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of iEPSS 0.9%CVE-2017-0534—An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of itEPSS 0.9%CVE-2016-10296—An information disclosure vulnerability in the Qualcomm shared memory driver could enable a local malicious application to access data outsiEPSS 0.9%CVE-2016-10294—An information disclosure vulnerability in the Qualcomm power driver could enable a local malicious application to access data outside of itEPSS 0.9%CVE-2018-9574—In impd_parse_split_drc_characteristic of impd_drc_static_payload.c there is a possible out of bounds write due to missing bounds check. ThiEPSS 0.9%CVE-2018-9575—In impd_parse_dwnmix_instructions of impd_drc_static_payload.c there is a possible out of bounds write due to missing bounds check. This couEPSS 0.9%CVE-2017-0447—An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code wEPSS 0.9%CVE-2017-0449—An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code wiEPSS 0.9%CVE-2018-9577—In impd_parametric_drc_parse_gain_set_params of impd_drc_static_payload.c there is a possible out of bounds write due to missing bounds checEPSS 0.9%CVE-2017-0440—An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code wiEPSS 0.9%CVE-2018-9573—In impd_parse_filt_block of impd_drc_dynamic_payload.c there is a possible out of bounds write due to missing bounds check. This could lead EPSS 0.9%CVE-2017-0446—An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code wEPSS 0.9%CVE-2018-9576—In impd_parse_parametric_drc_instructions of impd_drc_static_payload.c there is a possible out of bounds write due to missing bounds check. EPSS 0.9%CVE-2018-9570—In impd_parse_drc_ext_v1 of impd_drc_dynamic_payload.c there is a possible out-of-bound write due to missing bounds check. This could lead tEPSS 0.9%CVE-2017-0442—An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code wiEPSS 0.9%CVE-2017-0504—An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and EPSS 0.9%CVE-2017-0475—An elevation of privilege vulnerability in the recovery verifier could enable a local malicious application to execute arbitrary code withinEPSS 0.9%CVE-2018-9493—In the content provider of the download manager, there is a possible SQL injection due to improper input validation. This could lead to locaEPSS 0.9%CVE-2017-0544—An elevation of privilege vulnerability in CameraBase could enable a local malicious application to execute arbitrary code. This issue is raEPSS 0.9%

← anteriorpágina 21 / 48siguiente →