Vulnerabilidades em Google

5.229 resultados
Análise Vexday

Com 4.763 CVEs catalogadas e 77 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Google é 3,6 vezes superior à média geral do catálogo, sinalizando risco operacional elevado para organizações que dependem desse ecossistema. O volume de 1.225 CVEs surgidas nos últimos 90 dias indica cadência intensa de descobertas, exigindo ciclos de patching ágeis. O tipo de falha mais recorrente é CWE-416 (use-after-free), classe de vulnerabilidade que frequentemente viabiliza execução de código arbitrário e escalada de privilégios. Destaque especial para CVE-2023-4863, com EPSS de 0,9974 — valor próximo ao máximo possível —, indicando probabilidade altíssima de exploração ativa e merecendo tratamento prioritário imediato.

CVE-2023-21252In validatePassword of WifiConfigurationUtil.java, there is a possible way to get the device into a boot loop due to improper input validatiEPSS 0.1%CVE-2024-32923MEDIUMthere is a possible cellular denial of service due to a logic error in the code. This could lead to remote denial of service with no additioEPSS 0.1%CVE-2023-20971HIGHIn removePermission of PermissionManagerServiceImpl.java, there is a possible way to obtain dangerous permissions without user consent due tEPSS 0.1%CVE-2024-29741HIGHIn pblS2mpuResume of s2mpu.c, there is a possible mitigation bypass due to a logic error in the code. This could lead to local escalation ofEPSS 0.1%CVE-2024-25992HIGHIn tmu_tz_control of tmu.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of priEPSS 0.1%CVE-2018-9383MEDIUMIn asn1_ber_decoder of asn1_decoder.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local informEPSS 0.1%CVE-2025-22441HIGHIn getContextForResourcesEnsuringCorrectCachedApkPaths of RemoteViews.java, there is a possible way to load arbitrary java code in a privileEPSS 0.1%CVE-2026-13037HIGHUse after free in WebView in Google Chrome on Android prior to 149.0.7827.197 allowed a local attacker to execute arbitrary code inside a saEPSS 0.1%CVE-2024-32892HIGHIn handle_init of goodix/main/main.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of prEPSS 0.1%CVE-2024-23706HIGHIn multiple locations, there is a possible bypass of health data permissions due to an improper input validation. This could lead to local eEPSS 0.1%CVE-2023-48412In private_handle_t of mali_gralloc_buffer.h, there is a possible information leak due to a logic error in the code. This could lead to locEPSS 0.1%CVE-2023-48406there is a possible permanent DoS or way for the modem to boot unverified firmware due to a logic error in the code. This could lead to locaEPSS 0.1%CVE-2023-21396In Activity Manager, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation ofEPSS 0.1%CVE-2025-27700HIGHThere is a possible bypass of carrier restrictions due to an unusual root cause. This could lead to local escalation of privilege with no adEPSS 0.1%CVE-2023-21295In SliceManagerService, there is a possible way to check if a content provider is installed due to a missing null check. This could lead to EPSS 0.1%CVE-2023-35675In loadMediaResumptionControls of MediaResumeListener.kt, there is a possible way to play and listen to media files played by another user oEPSS 0.1%CVE-2024-0022MEDIUMIn multiple functions of CompanionDeviceManagerService.java, there is a possible launch NotificationAccessConfirmationActivity of another usEPSS 0.1%CVE-2023-21334In App Ops Service, there is a possible disclosure of information about installed packages due to a logic error in the code. This could leadEPSS 0.1%CVE-2024-0017MEDIUMIn shouldUseNoOpLocation of CameraActivity.java, there is a possible confused deputy due to a permissions bypass. This could lead to local iEPSS 0.1%CVE-2022-20264MEDIUMIn Usage Stats Service, there is a possible way to determine whether an app is installed, without query permissions due to side channel infoEPSS 0.1%