Vulnerabilidades en Google

5244 resultados
Análisis Vexday

Com 4.763 CVEs catalogadas e 77 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Google é 3,6 vezes superior à média geral do catálogo, sinalizando risco operacional elevado para organizações que dependem desse ecossistema. O volume de 1.225 CVEs surgidas nos últimos 90 dias indica cadência intensa de descobertas, exigindo ciclos de patching ágeis. O tipo de falha mais recorrente é CWE-416 (use-after-free), classe de vulnerabilidade que frequentemente viabiliza execução de código arbitrário e escalada de privilégios. Destaque especial para CVE-2023-4863, com EPSS de 0,9974 — valor próximo ao máximo possível —, indicando probabilidade altíssima de exploração ativa e merecendo tratamento prioritário imediato.

CVE-2025-48526MEDIUMIn createMultiProfilePagerAdapter of ChooserActivity.java , there is a possible way for an app to launch the ChooserActivity in another profEPSS 0.1%CVE-2025-26444HIGHIn onHandleForceStop of VoiceInteractionManagerService.java, there is a bug that could cause the system to incorrectly revert to the defaultEPSS 0.1%CVE-2023-21297In SEPolicy, there is a possible way to access the factory MAC address due to a permissions bypass. This could lead to local information disEPSS 0.1%CVE-2023-21327In Permission Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel infoEPSS 0.1%CVE-2023-21319In UsageStatsService, there is a possible way to read installed 3rd party apps due to side channel information disclosure. This could lead tEPSS 0.1%CVE-2023-21318In Content, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disEPSS 0.1%CVE-2023-40106HIGHIn sanitizeSbn of NotificationManagerService.java, there is a possible way to launch an activity from the background due to BAL Bypass. ThisEPSS 0.1%CVE-2023-21354In Package Manager Service, there is a possible way to determine whether an app is installed, without query permissions, due to side channelEPSS 0.1%CVE-2018-9378MEDIUMIn BnAudioPolicyService::onTransact of IAudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. This cEPSS 0.1%CVE-2025-48523HIGHIn onCreate of SelectAccountActivity.java, there is a possible way to add contacts without permission due to a logic error in the code. ThisEPSS 0.1%CVE-2023-21280In setMediaButtonBroadcastReceiver of MediaSessionRecord.java, there is a possible permanent DoS due to resource exhaustion. This could leadEPSS 0.1%CVE-2018-9386MEDIUMIn reboot_block_command of htc reboot_block driver, there is a possible stack buffer overflow due to a missing bounds check. This could EPSS 0.1%CVE-2017-13227MEDIUMIn the autofill service, the package name that is provided by the app process is trusted inappropriately.  This could lead to information diEPSS 0.1%CVE-2023-40112MEDIUMIn ippSetValueTag of ipp.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclEPSS 0.1%CVE-2024-29742MEDIUMIn apply_minlock_constraint of dvfs.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local informEPSS 0.1%CVE-2026-0118HIGHIn oobconfig, there is a possible bypass of carrier restrictions due to a logic error. This could lead to local escalation of privilege withEPSS 0.1%CVE-2024-34736MEDIUMIn setupVideoEncoder of StagefrightRecorder.cpp, there is a possible asynchronous playback when B-frame support is enabled. This could lead EPSS 0.1%CVE-2025-48584MEDIUMIn multiple functions of NotificationManagerService.java, there is a possible way to bypass the per-package channel limits causing resource EPSS 0.1%CVE-2023-40107HIGHIn ARTPWriter of ARTPWriter.cpp, there is a possible use after free due to uninitialized data. This could lead to local escalation of privilEPSS 0.1%CVE-2023-40131HIGHIn GpuService of GpuService.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilegEPSS 0.1%