Vulnerabilities in Google Inc.

960 results
Vexday analysis

Com 960 CVEs catalogadas e nenhuma entrada no catálogo KEV da CISA, o perfil de exploração ativa do Google Inc. está abaixo da média geral do catálogo, o que sugere menor pressão imediata de ataques em curso. Apesar da ausência de severidades críticas e de novas vulnerabilidades nos últimos 90 dias, há 16 CVEs com prova de conceito pública disponível, o que representa um vetor de risco concreto para equipes que ainda não aplicaram as correções correspondentes. A falha mais recorrente é CWE-269 (gerenciamento inadequado de privilégios), padrão que tipicamente favorece escalonamento de privilégios e movimentação lateral em ambientes comprometidos. A CVE mais perigosa atualmente rastreada é CVE-2017-0561, com EPSS de 0,30, indicando probabilidade não negligenciável de exploração e justificando atenção prioritária mesmo tratando-se de uma vulnerabilidade mais antiga.

CVE-2017-0733A denial of service vulnerability in the Android media framework (libmediaplayerservice). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0EPSS 0.3%CVE-2017-0697A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7EPSS 0.3%CVE-2017-0730A denial of service vulnerability in the Android media framework (h264 decoder). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. EPSS 0.3%CVE-2017-13305A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID: A-7052EPSS 0.3%CVE-2016-8471An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permEPSS 0.3%CVE-2016-8472An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permEPSS 0.3%CVE-2016-8470An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permEPSS 0.3%CVE-2017-0493An information disclosure vulnerability in File-Based Encryption could enable a local malicious attacker to bypass operating system protectiEPSS 0.3%CVE-2016-6774An information disclosure vulnerability in Package Manager could enable a local malicious application to bypass operating system protectionsEPSS 0.3%CVE-2017-13215A elevation of privilege vulnerability in the Upstream kernel skcipher. Product: Android. Versions: Android kernel. Android ID: A-64386293. EPSS 0.3%CVE-2016-8462An information disclosure vulnerability in the bootloader could enable a local attacker to access data outside of its permission level. ThisEPSS 0.3%CVE-2018-9499In readVector of iCrypto.cpp, there is a possible invalid read due to uninitialized data. This could lead to local information disclosure frEPSS 0.3%CVE-2017-0690A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7EPSS 0.3%CVE-2017-0727A elevation of privilege vulnerability in the Android media framework (libgui). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: AEPSS 0.3%CVE-2017-13220An elevation of privilege vulnerability in the Upstream kernel bluez. Product: Android. Versions: Android kernel. Android ID: A-63527053.EPSS 0.3%CVE-2017-0787A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37722970. RefEPSS 0.3%CVE-2017-0791A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37306719. RefEPSS 0.3%CVE-2017-0790A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37357704. RefEPSS 0.3%CVE-2017-0789A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37685267. RefEPSS 0.3%CVE-2017-0788A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37722328. RefEPSS 0.3%