google

Top products

The 15 most recently published vulnerabilities affecting google.

• CVE-2026-28573In AndroidManifest.xml, there is a possible persistent denial of service due to a missing permission check. This could lead to local denial of service with no additional execution privileges needed...5.5Jun 18, 2026
• CVE-2026-0063In setAllowedCarriers of PhoneInterfaceManager.java, there is a possible way to disable carrier restrictions due to a logic error in the code. This could lead to local escalation of privilege with ...7.8Jun 17, 2026
• CVE-2026-28587In MmsSmsProvider of MmsSmsProvider.java, there is a possible way to retrieve sensitive information due to a missing permission check. This could lead to local information disclosure with no additi...5.5Jun 17, 2026
• CVE-2026-28576In Contacts Provider, there is a possible way to access the contacts database due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. U...5.5Jun 17, 2026
• CVE-2026-28615In Telecomm, there is a possible way to initiate an unauthorized phone call due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges nee...7.8Jun 17, 2026
• CVE-2026-0083In Nfc::eventCallback() of Nfc.h, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User i...7.0Jun 17, 2026
• CVE-2026-0082In tryStartActivity of NfcDispatcher.java, there is a possible automatic special app access permission assignment due to an insecure default value. This could lead to local escalation of privilege ...7.8Jun 17, 2026
• CVE-2026-0081In NFC, there is a possible way to spoof an NFC event due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User intera...7.8Jun 17, 2026
• CVE-2026-0071In SettingsLib, there is a possible missing permission check due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User ...7.8Jun 17, 2026
• CVE-2026-28575In PackageInstaller.Session#transfer of frameworks/base/services/core/java/com/android/server/pm/PackageInstallerSession.java, there is a possible memory exhaustion attack due to a logic error in t...5.5Jun 17, 2026
• CVE-2026-0064In multiple places, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User inte...5.5Jun 17, 2026
• CVE-2026-0068In createSessionInternal of PackageInstallerService.java, there is a possible method to remove a DPC app from a managed device without DO consent due to desync from persistence. This could lead to ...7.8Jun 17, 2026
• CVE-2026-0057In Contacts Provider, there is a possible way to access an incoming call's phone number and associated metadata due to a missing permission check. This could lead to local information disclosure wi...3.3Jun 17, 2026
• CVE-2026-0019In SettingsLib, there is a possible way to disable system components due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges neede...7.8Jun 17, 2026
• CVE-2025-48643In multiple locations there is a possible provisioning bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User...7.8Jun 17, 2026