Vulnerabilidades en Google

5244 resultados
Análisis Vexday

Com 4.763 CVEs catalogadas e 77 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Google é 3,6 vezes superior à média geral do catálogo, sinalizando risco operacional elevado para organizações que dependem desse ecossistema. O volume de 1.225 CVEs surgidas nos últimos 90 dias indica cadência intensa de descobertas, exigindo ciclos de patching ágeis. O tipo de falha mais recorrente é CWE-416 (use-after-free), classe de vulnerabilidade que frequentemente viabiliza execução de código arbitrário e escalada de privilégios. Destaque especial para CVE-2023-4863, com EPSS de 0,9974 — valor próximo ao máximo possível —, indicando probabilidade altíssima de exploração ativa e merecendo tratamento prioritário imediato.

CVE-2025-32332HIGHIn multiple locations, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with EPSS 0.1%CVE-2025-36929MEDIUMIn AreFencesRegistered of gxp_fence_manager.cc, there is a possible information leak due to improper input validation. This could lead to loEPSS 0.1%CVE-2023-21321In Package Manager, there is a possible cross-user settings disclosure due to a missing permission check. This could lead to local informatiEPSS 0.1%CVE-2026-0045HIGHIn bta_jv_rfcomm_connect of bta_jv_act.cc, there is a possible bypass of bonding for a secure connection due to a logic error in the code. TEPSS 0.1%CVE-2025-48652HIGHIn performPreInstallChecks of InstallRepository.kt, there is a possible way to bypass MDM policy due to a logic error in the code. This coulEPSS 0.1%CVE-2024-44098HIGHIn lwis_device_event_states_clear_locked of lwis_event.c, there is a possible privilege escalation due to a double free. This could lead to EPSS 0.1%CVE-2024-29783MEDIUMIn tmu_get_tr_thresholds, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosEPSS 0.1%CVE-2026-11158HIGHInsufficient validation of untrusted input in Downloads in Google Chrome on Mac prior to 149.0.7827.53 allowed a local attacker to potentialEPSS 0.1%CVE-2023-40132HIGHIn setActualDefaultRingtoneUri of RingtoneManager.java, there is a possible way to bypass content providers read permissions due to a missinEPSS 0.1%CVE-2025-48533HIGHIn multiple locations, there is a possible way to use apps linked from a context menu of a lockscreen app due to a race condition. This coulEPSS 0.1%CVE-2018-9439HIGHIn __unregister_prot_hook and packet_release of af_packet.c, there is a possible use-after-free due to improper locking. This could leadEPSS 0.1%CVE-2025-48562MEDIUMIn writeContent of RemotePrintDocument.java, there is a possible information disclosure due to a logic error. This could lead to local inforEPSS 0.1%CVE-2024-32918MEDIUMPermission Bypass allowing attackers to disable HDCP 2.2 encryption by not completing the HDCP Key Exchange initialization stepsEPSS 0.1%CVE-2024-49730HIGHIn FuseDaemon.cpp, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with nEPSS 0.1%CVE-2023-35692In getLocationCache of GeoLocation.java, there is a possible way to send a mock location during an emergency call due to improper input valiEPSS 0.1%CVE-2023-40113MEDIUMIn multiple locations, there is a possible way for apps to access cross-user message data due to a missing permission check. This could leadEPSS 0.1%CVE-2024-40659MEDIUMIn getRegistration of RemoteProvisioningService.java, there is a possible way to permanently disable the AndroidKeyStore key generation featEPSS 0.1%CVE-2018-9431HIGHIn OSUInfo of OSUInfo.java, there is a possible escalation of privilege due to improper input validation. This could lead to local escalatioEPSS 0.1%CVE-2023-21382In Content Resolver, there is a possible method to access metadata about existing content providers on the device due to a missing permissioEPSS 0.1%CVE-2024-34738HIGHIn multiple functions of AppOpsService.java, there is a possible way for unprivileged apps to read their own restrictRead app-op states due EPSS 0.1%