Vulnerabilidades em google
5.229 resultadosCVE-2026-14047MEDIUMInsufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a EPSS 0.2%CVE-2026-11252MEDIUMInsufficient policy enforcement in Content Settings in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass discretionarEPSS 0.2%CVE-2026-11274MEDIUMInappropriate implementation in DOM Distiller in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass navigation EPSS 0.2%CVE-2023-40133—In multiple locations of DialogFillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead EPSS 0.2%CVE-2024-3173HIGHInsufficient data validation in Updater in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to perform OS-level privilege escaEPSS 0.2%CVE-2026-11143MEDIUMOut of bounds read in Extensions in Google Chrome on Linux prior to 149.0.7827.53 allowed an attacker who convinced a user to install a maliEPSS 0.2%CVE-2026-8587HIGHUse after free in Extensions in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a maliciousEPSS 0.2%CVE-2025-9479MEDIUMOut of bounds read in V8 in Google Chrome prior to 133.0.6943.141 allowed a remote attacker to potentially exploit heap corruption via a craEPSS 0.2%CVE-2026-12014HIGHUse after free in Cast in Google Chrome prior to 149.0.7827.115 allowed an attacker on the local network segment to potentially perform a saEPSS 0.2%CVE-2026-13963LOWInappropriate implementation in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage inEPSS 0.2%CVE-2026-13944LOWInappropriate implementation in DataTransfer in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who convinced a user tEPSS 0.2%CVE-2023-21246—In ShortcutInfo of ShortcutInfo.java, there is a possible way for an app to retain notification listening access due to an uncaught exceptioEPSS 0.2%CVE-2025-13636MEDIUMInappropriate implementation in Split View in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who convinced a user to engage EPSS 0.2%CVE-2023-21285—In setMetadata of MediaSessionRecord.java, there is a possible way to view another user's images due to a confused deputy. This could lead tEPSS 0.2%CVE-2026-9990HIGHUse after free in WebAppInstalls in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage inEPSS 0.2%CVE-2018-9440MEDIUMIn parse of M3UParser.cpp there is a possible resource exhaustion due to improper input validation. This could lead to denial of service witEPSS 0.2%CVE-2023-35683—In bindSelection of DatabaseUtils.java, there is a possible way to access files from other applications due to SQL injection. This could leaEPSS 0.2%CVE-2026-14142MEDIUMInappropriate implementation in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the rendereEPSS 0.2%CVE-2025-12444MEDIUMIncorrect security UI in Fullscreen UI in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in sEPSS 0.2%CVE-2026-10001HIGHUse after free in PerformanceManager in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer proEPSS 0.2%