Vulnerabilities in Google Inc.

960 results

Vexday analysis

Com 960 CVEs catalogadas e nenhuma entrada no catálogo KEV da CISA, o perfil de exploração ativa do Google Inc. está abaixo da média geral do catálogo, o que sugere menor pressão imediata de ataques em curso. Apesar da ausência de severidades críticas e de novas vulnerabilidades nos últimos 90 dias, há 16 CVEs com prova de conceito pública disponível, o que representa um vetor de risco concreto para equipes que ainda não aplicaram as correções correspondentes. A falha mais recorrente é CWE-269 (gerenciamento inadequado de privilégios), padrão que tipicamente favorece escalonamento de privilégios e movimentação lateral em ambientes comprometidos. A CVE mais perigosa atualmente rastreada é CVE-2017-0561, com EPSS de 0,30, indicando probabilidade não negligenciável de exploração e justificando atenção prioritária mesmo tratando-se de uma vulnerabilidade mais antiga.

CVE-2018-9437—In getstring of ID3.cpp there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote denial of service wiEPSS 0.9%CVE-2017-0443—An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code wiEPSS 0.9%CVE-2017-0441—An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code wiEPSS 0.9%CVE-2016-10293—An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of itEPSS 0.9%CVE-2017-0633—An information disclosure vulnerability in the Broadcom Wi-Fi driver could enable a local malicious component to access data outside of its EPSS 0.9%CVE-2017-0628—An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of iEPSS 0.9%CVE-2017-0631—An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of iEPSS 0.9%CVE-2017-0629—An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of iEPSS 0.9%CVE-2017-0632—An information disclosure vulnerability in the Qualcomm sound codec driver could enable a local malicious application to access data outsideEPSS 0.9%CVE-2016-8410—An information disclosure vulnerability in the Qualcomm sound driver could enable a local malicious application to access data outside of itEPSS 0.9%CVE-2016-8408—An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its EPSS 0.9%CVE-2016-8409—An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its EPSS 0.9%CVE-2017-0535—An information disclosure vulnerability in the HTC sound codec driver could enable a local malicious application to access data outside of iEPSS 0.9%CVE-2017-0436—An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code wiEPSS 0.9%CVE-2017-0437—An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code wiEPSS 0.9%CVE-2017-0434—An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary EPSS 0.9%CVE-2017-0438—An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code wiEPSS 0.9%CVE-2017-0459—An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of itEPSS 0.9%CVE-2017-0533—An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of itEPSS 0.9%CVE-2017-0534—An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of itEPSS 0.9%

← previouspage 20 / 48next →