Vulnerabilidades en Google

5229 resultados
Análisis Vexday

Com 4.763 CVEs catalogadas e 77 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Google é 3,6 vezes superior à média geral do catálogo, sinalizando risco operacional elevado para organizações que dependem desse ecossistema. O volume de 1.225 CVEs surgidas nos últimos 90 dias indica cadência intensa de descobertas, exigindo ciclos de patching ágeis. O tipo de falha mais recorrente é CWE-416 (use-after-free), classe de vulnerabilidade que frequentemente viabiliza execução de código arbitrário e escalada de privilégios. Destaque especial para CVE-2023-4863, com EPSS de 0,9974 — valor próximo ao máximo possível —, indicando probabilidade altíssima de exploração ativa e merecendo tratamento prioritário imediato.

CVE-2024-27213HIGHIn BroadcastSystemMessage of servicemgr.cpp, there is a possible Remote Code Execution due to a use after free. This could lead to local escEPSS 0.1%CVE-2026-13942LOWInappropriate implementation in Video Capture in Google Chrome on ChromeOS prior to 150.0.7871.47 allowed a local attacker to perform UI spoEPSS 0.1%CVE-2023-40092In verifyShortcutInfoPackage of ShortcutService.java, there is a possible way to see another user's image due to a confused deputy. This couEPSS 0.1%CVE-2023-40081In loadMediaDataInBgForResumption of MediaDataManager.kt, there is a possible way to view another user's images due to a confused deputy. TEPSS 0.1%CVE-2023-35693In incfs_kill_sb of fs/incfs/vfs.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of prEPSS 0.1%CVE-2024-43763MEDIUMIn build_read_multi_rsp of gatt_sr.cc, there is a possible denial of service due to a logic error in the code. This could lead to remote (prEPSS 0.1%CVE-2024-31331HIGHIn setMimeGroup of PackageManagerService.java, there is a possible way to hide the service from Settings due to a logic error in the code. TEPSS 0.1%CVE-2023-21267In multiple functions of KeyguardViewMediator.java, there is a possible way to bypass lockdown mode with screen pinning due to a logic errorEPSS 0.1%CVE-2024-31315MEDIUMIn multiple functions of ManagedServices.java, there is a possible way to hide an app with notification access in the Device & app notificatEPSS 0.1%CVE-2023-40089In getCredentialManagerPolicy of DevicePolicyManagerService.java, there is a possible method for users to select credential managers withoutEPSS 0.1%CVE-2026-13800HIGHInappropriate implementation in Updater in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform OS-level privEPSS 0.1%CVE-2023-21398In sdksandbox, there is a possible strandhogg style overlay attack due to a logic error in the code. This could lead to local escalation of EPSS 0.1%CVE-2026-14119MEDIUMType Confusion in Bluetooth in Google Chrome on Windows prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain poEPSS 0.1%CVE-2023-21337HIGHIn InputMethod, there is a possible way to determine whether an app is installed, without query permissions, due to side channel informationEPSS 0.1%CVE-2026-14048MEDIUMUse after free in Chromecast in Google Chrome prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially EPSS 0.1%CVE-2018-9338HIGHIn ResStringPool::setTo of ResourceTypes.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to locaEPSS 0.1%CVE-2026-13282MEDIUMUse after free in Payments in Google Chrome on Android prior to 149.0.7827.201 allowed a local attacker to potentially exploit heap corruptiEPSS 0.1%CVE-2024-34723MEDIUMIn onTransact of ParcelableListBinder.java , there is a possible way to steal mAllowlistToken to launch an app from background due to a logiEPSS 0.1%CVE-2023-40075In forceReplaceShortcutInner of ShortcutPackage.java, there is a possible way to register unlimited packages due to a missing bounds check. EPSS 0.1%CVE-2023-48409In gpu_pixel_handle_buffer_liveness_update_ioctl of private/google-modules/gpu/mali_kbase/mali_kbase_core_linux.c, there is a possible out oEPSS 0.1%