Vulnerabilidades en Google
5244 resultadosAnálisis Vexday
Com 4.763 CVEs catalogadas e 77 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Google é 3,6 vezes superior à média geral do catálogo, sinalizando risco operacional elevado para organizações que dependem desse ecossistema. O volume de 1.225 CVEs surgidas nos últimos 90 dias indica cadência intensa de descobertas, exigindo ciclos de patching ágeis. O tipo de falha mais recorrente é CWE-416 (use-after-free), classe de vulnerabilidade que frequentemente viabiliza execução de código arbitrário e escalada de privilégios. Destaque especial para CVE-2023-4863, com EPSS de 0,9974 — valor próximo ao máximo possível —, indicando probabilidade altíssima de exploração ativa e merecendo tratamento prioritário imediato.
CVE-2024-29755MEDIUMIn tmu_get_pi of tmu.c, there is a possible out of bounds read due to improper input validation. This could lead to local information discloEPSS 0.1%CVE-2023-21271—In parseInputs of ShimPreparedModel.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local iEPSS 0.1%CVE-2018-9407MEDIUMIn emmc_rpmb_ioctl of emmc_rpmb.c, there is an Information Disclosure due to a Missing Bounds Check. This could lead to Information DisclosEPSS 0.1%CVE-2024-27225MEDIUMIn sendHciCommand of bluetooth_hci.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local informEPSS 0.1%CVE-2021-0948—The PVRSRVBridgeGetMultiCoreInfo ioctl in the PowerVR kernel driver can return uninitialized kernel memory to user space. The contents of thEPSS 0.1%CVE-2025-36928HIGHIn GetHostAddress of gxp_buffer.h, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalaEPSS 0.1%CVE-2025-48644MEDIUMIn multiple locations, there is a possible persistent denial of service due to improper input validation. This could lead to local denial ofEPSS 0.1%CVE-2025-22409HIGHIn rfc_send_buf_uih of rfc_ts_frames.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to localEPSS 0.1%CVE-2025-36932HIGHIn tracepoint_msg_handler of cpm/google/lib/tracepoint/tracepoint_ipc.c, there is a possible memory overwrite due to improper input validatiEPSS 0.1%CVE-2025-22427HIGHIn onCreate of NotificationAccessConfirmationActivity.java, there is a possible way to grant notification access above the lock screen due tEPSS 0.1%CVE-2018-9482MEDIUMIn intr_data_copy_cb of btif_hd.cc, there is a possible out of bounds read due to an integer overflow. This could lead to local information EPSS 0.1%CVE-2025-36920HIGHIn hyp_alloc of arch/arm64/kvm/hyp/nvhe/alloc.c, there is a possible out of bounds write due to improper input validation. This could lead tEPSS 0.1%CVE-2025-22437HIGHIn setMediaButtonReceiver of multiple files, there is a possible way to launch arbitrary activities from background due to a logic error in EPSS 0.1%CVE-2025-32333HIGHIn startSpaActivityForApp of SpaActivity.kt, there is a possible cross-user permission bypass due to a logic error in the code. This could lEPSS 0.1%CVE-2025-48528MEDIUMIn multiple locations, there is a possible way to overlay biometrics due to a tapjacking/overlay attack. This could lead to local escalationEPSS 0.1%CVE-2023-21368—In Audio, there is a possible out of bounds read due to missing bounds check. This could lead to local information disclosure with no additiEPSS 0.1%CVE-2025-26444HIGHIn onHandleForceStop of VoiceInteractionManagerService.java, there is a bug that could cause the system to incorrectly revert to the defaultEPSS 0.1%CVE-2025-32328HIGHIn multiple functions of Session.java, there is a possible way to view images belonging to a different user of the device due to a logic errEPSS 0.1%CVE-2023-21316—In Content, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disEPSS 0.1%CVE-2023-21323—In Activity Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel informEPSS 0.1%