Vulnerabilidades en Google

5244 resultados
Análisis Vexday

Com 4.763 CVEs catalogadas e 77 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Google é 3,6 vezes superior à média geral do catálogo, sinalizando risco operacional elevado para organizações que dependem desse ecossistema. O volume de 1.225 CVEs surgidas nos últimos 90 dias indica cadência intensa de descobertas, exigindo ciclos de patching ágeis. O tipo de falha mais recorrente é CWE-416 (use-after-free), classe de vulnerabilidade que frequentemente viabiliza execução de código arbitrário e escalada de privilégios. Destaque especial para CVE-2023-4863, com EPSS de 0,9974 — valor próximo ao máximo possível —, indicando probabilidade altíssima de exploração ativa e merecendo tratamento prioritário imediato.

CVE-2024-29751MEDIUMIn asn1_ec_pkey_parse_p384 of asn1_common.c, there is a possible OOB Read due to a missing null check. This could lead to local information EPSS 0.1%CVE-2025-48545HIGHIn isSystemUid of AccountManagerService.java, there is a possible way for an app to access privileged APIs due to a confused deputy. This coEPSS 0.1%CVE-2023-40136In setHeader of DialogFillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local EPSS 0.1%CVE-2024-49728MEDIUMIn generateFileInfo of BluetoothOppSendFileInfo.java, there is a possible cross user media disclosure due to a confused deputy. This could lEPSS 0.1%CVE-2023-21355In libaudioclient, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with noEPSS 0.1%CVE-2024-27221HIGHIn update_policy_data of , there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of priEPSS 0.1%CVE-2025-48624HIGHIn multiple functions of arm-smmu-v3.c, there is a possible out-of-bounds write due to improper input validation. This could lead to local eEPSS 0.1%CVE-2023-21379In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the BEPSS 0.1%CVE-2023-21385In Whitechapel, there is a possible out of bounds read due to memory corruption. This could lead to local information disclosure with no addEPSS 0.1%CVE-2023-40134In isFullScreen of FillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local infEPSS 0.1%CVE-2025-32323HIGHIn getCallingAppName of Shared.java, there is a possible way to trick users into granting file access via deceptive text in a permission popEPSS 0.1%CVE-2023-21289In multiple locations, there is a possible bypass of a multi user security boundary due to a confused deputy. This could lead to local inforEPSS 0.1%CVE-2023-21378In Telecomm, there is a possible way to silence the ring for calls of secondary users due to a missing permission check. This could lead to EPSS 0.1%CVE-2024-29747MEDIUMIn _dvfs_get_lv of dvfs.c, there is a possible out of bounds read due to a missing null check. This could lead to local information disclosuEPSS 0.1%CVE-2025-22434HIGHIn handleKeyGestureEvent of PhoneWindowManager.java, there is a possible lock screen bypass due to a logic error in the code. This could leaEPSS 0.1%CVE-2023-21376MEDIUMIn Telephony, there is a possible way to retrieve the ICCID due to a logic error in the code. This could lead to local information disclosurEPSS 0.1%CVE-2025-48620HIGHIn onSomePackagesChanged of VoiceInteractionManagerService.java, there is a possible way for a third party application's component name to pEPSS 0.1%CVE-2025-36930HIGHIn GetHostAddress of gxp_buffer.h, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalatioEPSS 0.1%CVE-2025-32324HIGHIn onCommand of ActivityManagerShellCommand.java, there is a possible arbitrary activity launch due to a confused deputy. This could lead toEPSS 0.1%CVE-2025-36927HIGHIn GetTachyonCommand of tachyon_server_common.h, there is a possible out of bounds write due to a missing bounds check. This could lead to lEPSS 0.1%