Vulnerabilidades en Google Inc.

960 resultados
Análisis Vexday

Com 960 CVEs catalogadas e nenhuma entrada no catálogo KEV da CISA, o perfil de exploração ativa do Google Inc. está abaixo da média geral do catálogo, o que sugere menor pressão imediata de ataques em curso. Apesar da ausência de severidades críticas e de novas vulnerabilidades nos últimos 90 dias, há 16 CVEs com prova de conceito pública disponível, o que representa um vetor de risco concreto para equipes que ainda não aplicaram as correções correspondentes. A falha mais recorrente é CWE-269 (gerenciamento inadequado de privilégios), padrão que tipicamente favorece escalonamento de privilégios e movimentação lateral em ambientes comprometidos. A CVE mais perigosa atualmente rastreada é CVE-2017-0561, com EPSS de 0,30, indicando probabilidade não negligenciável de exploração e justificando atenção prioritária mesmo tratando-se de uma vulnerabilidade mais antiga.

CVE-2017-0672A denial of service vulnerability in the Android libraries. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-34778578.EPSS 0.3%CVE-2017-0784A elevation of privilege vulnerability in the Android system (nfc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2.EPSS 0.3%CVE-2016-6770An elevation of privilege vulnerability in the Framework API could enable a local malicious application to access system functions beyond itEPSS 0.3%CVE-2018-9518In nfc_llcp_build_sdreq_tlv of llcp_commands.c, there is a possible out of bounds write due to a missing bounds check. This could lead to loEPSS 0.3%CVE-2018-9385In driver_override_store of bus.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalaEPSS 0.3%CVE-2018-9415In driver_override_store and driver_override_show of bus.c, there is a possible double free due to improper locking. This could lead to locaEPSS 0.3%CVE-2017-0792A information disclosure vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37305578. RefEPSS 0.2%CVE-2016-6771An elevation of privilege vulnerability in Telephony could enable a local malicious application to access system functions beyond its accessEPSS 0.2%CVE-2018-9501In the SetupWizard, there is a possible Factory Reset Protection bypass due to a permissions bypass. This could lead to local escalation of EPSS 0.2%CVE-2017-13184In the enableVSyncInjections function of SurfaceFlinger, there is a possible use after free of mVSyncInjector. This could lead to a local elEPSS 0.2%CVE-2018-9511In ipSecSetEncapSocketOwner of XfrmController.cpp, there is a possible failure to initialize a security feature due to uninitialized data. TEPSS 0.2%CVE-2018-9422In get_futex_key of futex.c, there is a use-after-free due to improper locking. This could lead to local escalation of privilege with no addEPSS 0.2%CVE-2017-13210In CameraDeviceClient::submitRequestList of CameraDeviceClient.cpp, there is an out-of-bounds write if metadataSize is too small. This couldEPSS 0.2%CVE-2015-9015An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-3671EPSS 0.2%CVE-2016-8482An elevation of privilege vulnerability in the NVIDIA GPU driver. Product: Android. Versions: Android kernel. Android ID: A-31799863. RefereEPSS 0.2%CVE-2018-9465In task_get_unused_fd_flags of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation EPSS 0.2%CVE-2018-9357In BNEP_Write of bnep_api.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation EPSS 0.2%CVE-2018-9543In trim_device of f2fs_format_utils.c, it is possible that the data partition is not wiped during a factory reset. This could lead to local EPSS 0.2%CVE-2017-13217In DisplayFtmItem in the bootloader, there is an out-of-bounds write due to reading a string without verifying that it's null-terminated. ThEPSS 0.2%CVE-2017-13182In the sendFormatChange function of ACodec, there is a possible integer overflow which could lead to an out-of-bounds write. This could leadEPSS 0.2%