Vulnerabilidades em Google Inc.

960 resultados

Análise Vexday

Com 960 CVEs catalogadas e nenhuma entrada no catálogo KEV da CISA, o perfil de exploração ativa do Google Inc. está abaixo da média geral do catálogo, o que sugere menor pressão imediata de ataques em curso. Apesar da ausência de severidades críticas e de novas vulnerabilidades nos últimos 90 dias, há 16 CVEs com prova de conceito pública disponível, o que representa um vetor de risco concreto para equipes que ainda não aplicaram as correções correspondentes. A falha mais recorrente é CWE-269 (gerenciamento inadequado de privilégios), padrão que tipicamente favorece escalonamento de privilégios e movimentação lateral em ambientes comprometidos. A CVE mais perigosa atualmente rastreada é CVE-2017-0561, com EPSS de 0,30, indicando probabilidade não negligenciável de exploração e justificando atenção prioritária mesmo tratando-se de uma vulnerabilidade mais antiga.

CVE-2017-0485—A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. EPSS 0.6%CVE-2017-0484—A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. EPSS 0.6%CVE-2017-0482—A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. EPSS 0.6%CVE-2017-0486—A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. EPSS 0.6%CVE-2016-6723—A denial of service vulnerability in Proxy Auto Config in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-EPSS 0.6%CVE-2017-13243—A information disclosure vulnerability in the Android system (ui). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. IDEPSS 0.6%CVE-2016-8445—An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local maliciouEPSS 0.6%CVE-2017-0558—An information disclosure vulnerability in Mediaserver could enable a local malicious application to access data outside of its permission lEPSS 0.6%CVE-2017-0557—An information disclosure vulnerability in libmpeg2 in Mediaserver could enable a local malicious application to access data outside of its EPSS 0.6%CVE-2016-8422—An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code withEPSS 0.6%CVE-2016-8433—An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within tEPSS 0.6%CVE-2016-8423—An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code withEPSS 0.6%CVE-2017-13251—In impeg2d_dec_pic_data_thread of impeg2d_dec_hdr.c, there is a possible out of bounds write due to a missing bounds check. This could lead EPSS 0.6%CVE-2017-13252—In CryptoHal::decrypt of CryptoHal.cpp, there is an out of bounds write due to improper input validation that results in a read from uninitiEPSS 0.6%CVE-2017-0465—An elevation of privilege vulnerability in the Qualcomm ADSPRPC driver could enable a local malicious application to execute arbitrary code EPSS 0.6%CVE-2017-0879—An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android IDEPSS 0.6%CVE-2016-6788—An elevation of privilege vulnerability in the MediaTek I2C driver could enable a local malicious application to execute arbitrary code withEPSS 0.6%CVE-2017-13198—A vulnerability in the Android media framework (ex) related to composition of frames lacking a color map. Product: Android. Versions: 7.0, 7EPSS 0.6%CVE-2017-13157—An information disclosure vulnerability in the Android system (activitymanagerservice). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, EPSS 0.6%CVE-2017-13159—An information disclosure vulnerability in the Android system (activitymanagerservice). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, EPSS 0.6%

← anteriorpágina 29 / 48próxima →