Vulnerabilidades en Google

5244 resultados
Análisis Vexday

Com 4.763 CVEs catalogadas e 77 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Google é 3,6 vezes superior à média geral do catálogo, sinalizando risco operacional elevado para organizações que dependem desse ecossistema. O volume de 1.225 CVEs surgidas nos últimos 90 dias indica cadência intensa de descobertas, exigindo ciclos de patching ágeis. O tipo de falha mais recorrente é CWE-416 (use-after-free), classe de vulnerabilidade que frequentemente viabiliza execução de código arbitrário e escalada de privilégios. Destaque especial para CVE-2023-4863, com EPSS de 0,9974 — valor próximo ao máximo possível —, indicando probabilidade altíssima de exploração ativa e merecendo tratamento prioritário imediato.

CVE-2018-9463HIGHIn sw49408_irq_runtime_engine_debug of touch_sw49408.c, there is a possible out of bounds write due to an incorrect bounds check. This cEPSS 0.1%CVE-2018-9462HIGHIn store_cmd of ftm4_pdc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalatioEPSS 0.1%CVE-2018-9394HIGHIn mtk_p2p_wext_set_key of drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/gl_p2p.c, there is a possible OOB write due to improper inpEPSS 0.1%CVE-2023-4164HIGHThere is a possible information disclosure due to a missing permission check in Pixel WatchEPSS 0.1%CVE-2018-9399HIGHIn /proc/driver/wmt_dbg driver, there are several possible out of bounds writes. These could lead to local escalation of privilege with EPSS 0.1%CVE-2025-48583HIGHIn multiple functions of BaseBundle.java, there is a possible way to execute arbitrary code due to a logic error in the code. This could leaEPSS 0.1%CVE-2023-35664In convertSubgraphFromHAL of ShimConverter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to locEPSS 0.1%CVE-2018-9376HIGHIn rpc_msg_handler and related handlers of drivers/misc/mediatek/eccci/port_rpc.c, there is a possible out of bounds write due to an incorreEPSS 0.1%CVE-2023-35667In updateList of NotificationAccessSettings.java, there is a possible way to hide approved notification listeners in the settings due to a lEPSS 0.1%CVE-2018-9428HIGHIn startDevice of AAudioServiceStreamBase.cpp there is a possible out of bounds write due to a use after free. This could lead to local arbiEPSS 0.1%CVE-2023-21346In the Device Idle Controller, there is a possible way to determine whether an app is installed, without query permissions, due to side chanEPSS 0.1%CVE-2025-26436HIGHIn clearAllowBgActivityStarts of PendingIntentRecord.java, there is a possible way for an application to launch an activity from the backgroEPSS 0.1%CVE-2023-21366In Scudo, there is a possible way for an attacker to predict heap allocation patterns due to insecure implementation/design. This could leadEPSS 0.1%CVE-2023-21350In Media Projection, there is a possible way to determine whether an app is installed, without query permissions, due to side channel informEPSS 0.1%CVE-2025-26431HIGHIn setupAccessibilityServices of AccessibilityFragment.java, there is a possible way to hide an enabled accessibility service due to a logicEPSS 0.1%CVE-2025-48556HIGHIn multiple methods of NotificationChannel.java, there is a possible desynchronization from persistence due to improper input validation. ThEPSS 0.1%CVE-2025-26440HIGHIn multiple functions of CameraService.cpp, there is a possible way to use the camera from the background due to a permissions bypass. This EPSS 0.1%CVE-2025-48591MEDIUMIn multiple locations, there is a possible way to read files from another user due to a missing permission check. This could lead to local iEPSS 0.1%CVE-2025-48606HIGHIn preparePackage of InstallPackageHelper.java, there is a possible way for an app to appear hidden upon installation without a mechanism toEPSS 0.1%CVE-2024-23713HIGHIn migrateNotificationFilter of NotificationManagerService.java, there is a possible failure to persist notifications settings due to impropEPSS 0.1%