Vulnerabilidades em Google
5.244 resultadosAnálise Vexday
Com 4.763 CVEs catalogadas e 77 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Google é 3,6 vezes superior à média geral do catálogo, sinalizando risco operacional elevado para organizações que dependem desse ecossistema. O volume de 1.225 CVEs surgidas nos últimos 90 dias indica cadência intensa de descobertas, exigindo ciclos de patching ágeis. O tipo de falha mais recorrente é CWE-416 (use-after-free), classe de vulnerabilidade que frequentemente viabiliza execução de código arbitrário e escalada de privilégios. Destaque especial para CVE-2023-4863, com EPSS de 0,9974 — valor próximo ao máximo possível —, indicando probabilidade altíssima de exploração ativa e merecendo tratamento prioritário imediato.
CVE-2024-40650HIGHIn wifi_item_edit_content of styles.xml , there is a possible FRP bypass due to Missing check for FRP state. This could lead to local escalaEPSS 0.1%CVE-2026-11276MEDIUMInappropriate implementation in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to bypass discEPSS 0.1%CVE-2024-40654HIGHIn multiple locations, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege withEPSS 0.1%CVE-2024-53833HIGHIn prepare_response_locked of lwis_transaction.c, there is a possible out of bounds write due to improper input validation. This could leadEPSS 0.1%CVE-2026-11103HIGHInappropriate implementation in Installer in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perform OS-level prEPSS 0.1%CVE-2023-21362—In Usage, there is a possible permanent DoS due to resource exhaustion. This could lead to local denial of service with no additional executEPSS 0.1%CVE-2018-9417HIGHIn f_hidg_read and hidg_disable of f_hid.c, there is a possible use-after-free due to improper locking. This could lead to local escalation EPSS 0.1%CVE-2024-49738HIGHIn writeInplace of Parcel.cpp, there is a possible out of bounds write. This could lead to local escalation of privilege with no additional EPSS 0.1%CVE-2024-56192HIGHIn wl_notify_gscan_event of wl_cfgscan.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local esEPSS 0.1%CVE-2025-32319MEDIUMIn ensureBound of RemotePrintService.java, there is a possible way for a background app to keep foreground permissions due to a permissions EPSS 0.1%CVE-2025-36902MEDIUMIn syna_cdev_ioctl_store_pid() of syna_tcm2_sysfs.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead EPSS 0.1%CVE-2024-49733MEDIUMIn reload of ServiceListing.java , there is a possible way to allow a malicious app to hide an NLS from Settings due to a logic error in theEPSS 0.1%CVE-2024-53838HIGHIn Exynos_parsing_user_data_registered_itu_t_t35 of VendorVideoAPI.cpp, there is a possible out of bounds write due to an incorrect bounds cEPSS 0.1%CVE-2024-53837HIGHIn prepare_response of lwis_periodic_io.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escaEPSS 0.1%CVE-2024-40655HIGHIn bindAndGetCallIdentification of CallScreeningServiceHelper.java, there is a possible way to maintain a while-in-use permission in the bacEPSS 0.1%CVE-2025-48586HIGHIn onActivityResult of EditFdnContactScreen.java, there is a possible way to leak contacts from the work profile due to a confused deputy. TEPSS 0.1%CVE-2024-49745HIGHIn growData of Parcel.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of EPSS 0.1%CVE-2025-13437MEDIUMArbitrary node_modules Directory Deletion in Google zxEPSS 0.1%CVE-2025-48529MEDIUMIn setRingtoneUri of VoicemailNotificationSettingsUtil.java , there is a possible cross user data leak due to a confused deputy. This could EPSS 0.1%CVE-2024-27210HIGHIn policy_check of fvp.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privEPSS 0.1%