Vulnerabilidades em Google
5.244 resultadosAnálise Vexday
Com 4.763 CVEs catalogadas e 77 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Google é 3,6 vezes superior à média geral do catálogo, sinalizando risco operacional elevado para organizações que dependem desse ecossistema. O volume de 1.225 CVEs surgidas nos últimos 90 dias indica cadência intensa de descobertas, exigindo ciclos de patching ágeis. O tipo de falha mais recorrente é CWE-416 (use-after-free), classe de vulnerabilidade que frequentemente viabiliza execução de código arbitrário e escalada de privilégios. Destaque especial para CVE-2023-4863, com EPSS de 0,9974 — valor próximo ao máximo possível —, indicando probabilidade altíssima de exploração ativa e merecendo tratamento prioritário imediato.
CVE-2024-11624HIGHthere is a possible to add apps to bypass VPN due to Undeclared Permission . This could lead to local escalation of privilege with no additiEPSS 0.1%CVE-2024-47041HIGHIn valid_address of syscall.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation EPSS 0.1%CVE-2024-47024HIGHIn vring_size of external/headers/include/virtio/virtio_ring.h, there is a possible out of bounds write due to an integer overflow. This couEPSS 0.1%CVE-2024-44093HIGHIn ppmp_unprotect_buf of drm/code/drm_fw.c, there is a possible memory corruption due to a logic error in the code. This could lead to localEPSS 0.1%CVE-2024-32914MEDIUMIn tpu_get_int_state of tpu.c, there is a possible information disclosure due to uninitialized data. This could lead to local information diEPSS 0.1%CVE-2025-26449MEDIUMIn multiple locations, there is a possible permanent denial of service due to resource exhaustion. This could lead to local denial of servicEPSS 0.1%CVE-2017-13309MEDIUMIn readEncryptedData of ConscryptEngine.java, there is a possible plaintext leak due to improperly used crypto. This could lead to local infEPSS 0.1%CVE-2024-47015MEDIUMIn ProtocolMiscHwConfigChangeAdapter::GetData() of protocolmiscadapter.cpp, there is a possible out-of-bounds read due to a missing bounds cEPSS 0.1%CVE-2024-32910MEDIUMIn handle_msg_shm_map_req of trusty/user/base/lib/spi/srv/tipc/tipc.c, there is a possible stack data disclosure due to uninitialized data. EPSS 0.1%CVE-2024-44095HIGHIn ppmp_protect_mfcfw_buf of code/drm_fw.c, there is a possible corrupt memory due to a logic error in the code. This could lead to local esEPSS 0.1%CVE-2025-26434MEDIUMIn libxml2, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additioEPSS 0.1%CVE-2025-22419HIGHIn multiple locations, there is a possible way to mislead the user into enabling malicious phone calls forwarding due to a tapjacking/overlaEPSS 0.1%CVE-2025-26461LOWIn Permission Manager, there is a possible way for the microphone privacy indicator to remain activated even after the user attempts to closEPSS 0.1%CVE-2025-48577HIGHIn multiple functions of KeyguardViewMediator.java, there is a possible lockscreen bypass due to a race condition. This could lead to local EPSS 0.1%CVE-2018-9410MEDIUMIn analyzeAxes of FontUtils.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information EPSS 0.1%CVE-2024-53840HIGHthere is a possible biometric bypass due to an unusual root cause. This could lead to local escalation of privilege with no additional execuEPSS 0.1%CVE-2025-48542MEDIUMIn multiple functions of AccountManagerService.java, there is a possible permanent denial of service due to resource exhaustion. This could EPSS 0.1%CVE-2025-26432MEDIUMIn multiple locations, there is a possible way to persistently DoS the device due to a missing length check. This could lead to local denialEPSS 0.1%CVE-2024-53835HIGHthere is a possible biometric bypass due to an unusual root cause. This could lead to local escalation of privilege with no additional execuEPSS 0.1%CVE-2025-26450HIGHIn onInputEvent of IInputMethodSessionWrapper.java, there is a possible way for an untrusted app to inject key and motion events to the defaEPSS 0.1%