Vulnerabilidades en google
5244 resultadosCVE-2025-36889MEDIUMIn onCreateTasks of CameraActivity.java, there is a possible permission bypass due to a confused deputy. This could lead to local informatioEPSS 0.1%CVE-2025-22442HIGHIn multiple functions of DevicePolicyManagerService.java, there is a possible way to install unauthorized applications into a newly created EPSS 0.1%CVE-2025-48575HIGHIn multiple functions of CertInstaller.java, there is a possible way to install certificates due to a permissions bypass. This could lead toEPSS 0.1%CVE-2026-0112HIGHIn vpu_open_inst of vpu_ioctl.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilegEPSS 0.1%CVE-2026-0158LOWIn Camera, there is a possible unauthorized way to access photos due to a missing permission check. This could lead to local information disEPSS 0.1%CVE-2025-48625HIGHIn multiple locations of UsbDataAdvancedProtectionHook.java, there is a possible way to access USB data when the screen is off due to a raceEPSS 0.1%CVE-2026-0094HIGHIn getApplicationLabel of KeyChainActivity.java, there is a possible way to trick the user into approving access to certificates due to mislEPSS 0.1%CVE-2026-0121LOWIn VPU, there is a possible use-after-free read due to a race condition. This could lead to local information disclosure with no additional EPSS 0.1%CVE-2025-36916HIGHIn PrepareWorkloadBuffers of gxp_main_actor.cc, there is a possible double fetch due to a race condition. This could lead to local escalatioEPSS 0.1%CVE-2026-15765HIGHUse after free in Ozone in Google Chrome prior to 150.0.7871.125 allowed a remote attacker who convinced a user to engage in specific UI gesEPSS —CVE-2026-15773CRITICALUse after free in Core in Google Chrome on Windows prior to 150.0.7871.125 allowed a remote attacker to potentially perform a sandbox escapeEPSS —CVE-2026-15768—Insufficient policy enforcement in HTML-in-Canvas in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to bypass same origin pEPSS —CVE-2026-15764HIGHUse after free in Ozone in Google Chrome on Linux prior to 150.0.7871.125 allowed a remote attacker who convinced a user to engage in specifEPSS —CVE-2026-15776HIGHInappropriate implementation in V8 in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to execute arbitrary code inside a sanEPSS —CVE-2026-15777HIGHUse after free in UI in Google Chrome on Linux prior to 150.0.7871.125 allowed a remote attacker who convinced a user to engage in specific EPSS —CVE-2026-15770MEDIUMUninitialized Use in V8 in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to obtain potentially sensitive information from EPSS —CVE-2026-15775—Inappropriate implementation in V8 in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to bypass same origin policy via a craEPSS —CVE-2026-15778—Insufficient validation of untrusted input in Navigation in Google Chrome prior to 150.0.7871.125 allowed a remote attacker who had compromiEPSS —CVE-2026-15774HIGHUse after free in Skia in Google Chrome prior to 150.0.7871.125 allowed a remote attacker who had compromised the renderer process to potentEPSS —CVE-2026-15766MEDIUMUninitialized Use in Skia in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to obtain potentially sensitive information froEPSS —