Vulnerabilidades en Google
5229 resultadosAnálisis Vexday
Com 4.763 CVEs catalogadas e 77 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Google é 3,6 vezes superior à média geral do catálogo, sinalizando risco operacional elevado para organizações que dependem desse ecossistema. O volume de 1.225 CVEs surgidas nos últimos 90 dias indica cadência intensa de descobertas, exigindo ciclos de patching ágeis. O tipo de falha mais recorrente é CWE-416 (use-after-free), classe de vulnerabilidade que frequentemente viabiliza execução de código arbitrário e escalada de privilégios. Destaque especial para CVE-2023-4863, com EPSS de 0,9974 — valor próximo ao máximo possível —, indicando probabilidade altíssima de exploração ativa e merecendo tratamento prioritário imediato.
CVE-2025-6044MEDIUMAn Improper Access Control vulnerability in the Stylus Tools component of Google ChromeOS version 16238.64.0 on the garaged stylus devices aEPSS 0.1%CVE-2024-31328HIGHIn broadcastIntentLockedTraced of BroadcastController.java, there is a possible way to launch arbitrary activities from the background on thEPSS 0.1%CVE-2023-40075—In forceReplaceShortcutInner of ShortcutPackage.java, there is a possible way to register unlimited packages due to a missing bounds check. EPSS 0.1%CVE-2024-34723MEDIUMIn onTransact of ParcelableListBinder.java , there is a possible way to steal mAllowlistToken to launch an app from background due to a logiEPSS 0.1%CVE-2024-0036HIGHIn startNextMatchingActivity of ActivityTaskManagerService.java, there is a possible way to bypass the restrictions on starting activities fEPSS 0.1%CVE-2025-48580HIGHIn connectInternal of MediaBrowser.java, there is a possible way to access while in use permission while the app is in background due to a lEPSS 0.1%CVE-2024-0037LOWIn applyCustomDescription of SaveUi.java, there is a possible way to view images belonging to a different user due to a missing permission cEPSS 0.1%CVE-2026-28587CRITICALIn MmsSmsProvider of MmsSmsProvider.java, there is a possible way to retrieve sensitive information due to a missing permission check. This EPSS 0.1%CVE-2025-48650HIGHIn multiple locations, there is a possible information disclosure due to SQL injection. This could lead to local escalation of privilege witEPSS 0.1%CVE-2026-0059HIGHIn multiple functions of sdp_discovery.cc, there is a possible way to achieve code execution due to a heap buffer overflow. This could lead EPSS 0.1%CVE-2024-34719HIGHIn multiple locations, there is a possible permissions bypass due to a missing null check. This could lead to local escalation of privilege EPSS 0.1%CVE-2024-40660HIGHIn setTransactionState of SurfaceFlinger.cpp, there is a possible way to change protected display attributes due to a logic error in the codEPSS 0.1%CVE-2024-34747HIGHIn DevmemXIntMapPages of devicemem_server.c, there is a possible use-after-free due to a logic error in the code. This could lead to local eEPSS 0.1%CVE-2026-13914MEDIUMInappropriate implementation in Passwords in Google Chrome on Mac prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensEPSS 0.1%CVE-2023-21266HIGHIn multiple functions of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. EPSS 0.1%CVE-2026-0011HIGHIn enableSystemPackageLPw of Settings.java, there is a possible way to prevent location access from working due to a logic error in the codeEPSS 0.1%CVE-2021-39810HIGHIn verifyDefaults of CardEmulationManager.java, there is a possible way to set a third party app as the default contactless payment app withEPSS 0.1%CVE-2024-43087HIGHIn getInstalledAccessibilityPreferences of AccessibilitySettings.java, there is a possible way to hide an enabled accessibility service in tEPSS 0.1%CVE-2026-7990HIGHInsufficient validation of untrusted input in Updater in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to performEPSS 0.1%CVE-2024-31310HIGHIn newServiceInfoLocked of AutofillManagerServiceImpl.java, there is a possible way to hide an enabled Autofill service app in the Autofill EPSS 0.1%