Vulnerabilidades en Google Inc.

960 resultados

Análisis Vexday

Com 960 CVEs catalogadas e nenhuma entrada no catálogo KEV da CISA, o perfil de exploração ativa do Google Inc. está abaixo da média geral do catálogo, o que sugere menor pressão imediata de ataques em curso. Apesar da ausência de severidades críticas e de novas vulnerabilidades nos últimos 90 dias, há 16 CVEs com prova de conceito pública disponível, o que representa um vetor de risco concreto para equipes que ainda não aplicaram as correções correspondentes. A falha mais recorrente é CWE-269 (gerenciamento inadequado de privilégios), padrão que tipicamente favorece escalonamento de privilégios e movimentação lateral em ambientes comprometidos. A CVE mais perigosa atualmente rastreada é CVE-2017-0561, com EPSS de 0,30, indicando probabilidade não negligenciável de exploração e justificando atenção prioritária mesmo tratando-se de uma vulnerabilidade mais antiga.

CVE-2017-0570—An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code wiEPSS 1.5%CVE-2017-0581—An elevation of privilege vulnerability in the Synaptics Touchscreen driver could enable a local malicious application to execute arbitrary EPSS 1.5%CVE-2017-0577—An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code wEPSS 1.5%CVE-2017-0579—An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code wiEPSS 1.5%CVE-2017-0583—An elevation of privilege vulnerability in the Qualcomm CP access driver could enable a local malicious application to execute arbitrary codEPSS 1.5%CVE-2017-0575—An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code wiEPSS 1.5%CVE-2017-0580—An elevation of privilege vulnerability in the Synaptics Touchscreen driver could enable a local malicious application to execute arbitrary EPSS 1.5%CVE-2016-8449—An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code withinEPSS 1.5%CVE-2017-0568—An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code wiEPSS 1.5%CVE-2017-0574—An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code wiEPSS 1.5%CVE-2017-0572—An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code wiEPSS 1.5%CVE-2017-0454—An elevation of privilege vulnerability in the Qualcomm audio driver could enable a local malicious application to execute arbitrary code wiEPSS 1.5%CVE-2017-0567—An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code wiEPSS 1.5%CVE-2017-0571—An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code wiEPSS 1.5%CVE-2017-0627—An information disclosure vulnerability in the kernel UVC driver could enable a local malicious application to access data outside of its peEPSS 1.5%CVE-2017-0453—An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code wiEPSS 1.5%CVE-2017-0637—A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corrEPSS 1.5%CVE-2017-0520—An elevation of privilege vulnerability in the Qualcomm crypto engine driver could enable a local malicious application to execute arbitraryEPSS 1.5%CVE-2016-8417—An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code wEPSS 1.5%CVE-2017-0460—An elevation of privilege vulnerability in the Qualcomm networking driver could enable a local malicious application to execute arbitrary coEPSS 1.5%

← anteriorpágina 8 / 48siguiente →