Vulnerabilities in google
5,244 resultsCVE-2025-26448MEDIUMIn writeToParcel of CursorWindow.cpp, there is a possible out of bounds read due to uninitialized data. This could lead to local informationEPSS 0.1%CVE-2025-48576MEDIUMIn updateNotificationChannelGroupFromPrivilegedListener of NotificationManagerService.java, there is a possible permanent denial of service EPSS 0.1%CVE-2026-11115HIGHUse after free in Updater in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perform OS-level privilege escalatiEPSS 0.1%CVE-2026-11035HIGHInappropriate implementation in Custom Tabs in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to perform privilegeEPSS 0.1%CVE-2025-48603MEDIUMIn InputMethodInfo of InputMethodInfo.java, there is a possible permanent denial of service due to resource exhaustion. This could lead to lEPSS 0.1%CVE-2024-40657HIGHIn addPreferencesForType of AccountTypePreferenceLoader.java, there is a possible way to disable apps for other users due to a confused depuEPSS 0.1%CVE-2025-26435HIGHIn updateState of ContentProtectionTogglePreferenceController.java, there is a possible way for a secondary user to disable the primary userEPSS 0.1%CVE-2024-47035HIGHIn vring_init of external/headers/include/virtio/virtio_ring.h, there is a possible out of bounds write due to a logic error in the code. ThEPSS 0.1%CVE-2025-48649HIGHIn multiple locations, there is a possible way to reset user-selected permissions selections due to a permissions bypass. This could lead toEPSS 0.1%CVE-2024-32919HIGHIn lwis_add_completion_fence of lwis_fence.c, there is a possible escalation of privilege due to type confusion. This could lead to local esEPSS 0.1%CVE-2025-48538MEDIUMIn setApplicationHiddenSettingAsUser of PackageManagerService.java, there is a possible way to hide a system critical package due to impropeEPSS 0.1%CVE-2025-36903HIGHIn lwis_io_buffer_write, there is a possible OOB read/write due to improper input validation. This could lead to local escalation of privileEPSS 0.1%CVE-2025-48555HIGHIn multiple functions of NotificationStation.java, there is a possible cross-profile information disclosure due to a confused deputy. This cEPSS 0.1%CVE-2024-29787HIGHIn lwis_process_transactions_in_queue of lwis_transaction.c, there is a possible use after free due to a use after free. This could lead to EPSS 0.1%CVE-2025-48532HIGHIn markMediaAsFavorite of MediaProvider.java, there is a possible way to bypass the WRITE_EXTERNAL_STORAGE permission due to a confused depuEPSS 0.1%CVE-2025-32322HIGHIn onCreate of MediaProjectionPermissionActivity.java , there is a possible way to grant a malicious app a token enabling unauthorized screeEPSS 0.1%CVE-2024-34742MEDIUMIn shouldWrite of OwnersData.java, there is a possible edge case that prevents MDM policies from being persisted due to a logic error in theEPSS 0.1%CVE-2024-56185MEDIUMIn ProtocolUnsolOnSSAdapter::GetServiceClass() of protocolcalladapter.cpp, there is a possible out-of-bounds read due to a missing bounds chEPSS 0.1%CVE-2024-44099MEDIUMThere is a possible Local bypass of user interaction due to an insecure default value. This could lead to local information disclosure with EPSS 0.1%CVE-2025-0076LOWIn multiple locations, there is a possible way to view icons belonging to another user due to a missing permission check. This could lead toEPSS 0.1%