Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Google LLC — Vulnerabilities & Security Advisories 64

Browse all 64 CVE security advisories affecting Google LLC. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Google LLC operates as a multinational technology conglomerate specializing in internet-related services and products, including search engines, cloud computing, and online advertising. Its extensive software ecosystem, encompassing Android, Chrome, and Google Workspace, presents a broad attack surface that has historically been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities. With 64 recorded Common Vulnerabilities and Exposures, the company frequently addresses issues related to memory corruption and sandbox escape techniques. Notable security characteristics include rigorous automated patching and the widespread adoption of zero-trust principles across its infrastructure. While major public incidents are relatively rare due to proactive threat hunting, the sheer scale of its user base makes it a high-value target for state-sponsored actors and criminal syndicates seeking data exfiltration or persistent access.

Top products by Google LLC: Asylo Dart SDK guest-oslogin fscrypt libjxl Fuchsia Fuchsia Kernel AWS S3 Crypto SDK for GoLang Perfetto Dev Scripts protobuf-java Protobuf google/sa360-webquery-bigquery Data-Transfer-Project Google-oauth-java-client go-attestation Bazel Kubevirt Google Play Services SDK Play Services SDK Dart Drive for Desktop MacOS Protocolbuffers Google Exposure-notifications-verification-server SLO Generator Gerrit Google Cloud IoT Device SDK for Embedded C Bindiff VSCode-Bazel Exposure Notifications Verification Server Tink
CVE IDTitleCVSSSeverityPublished
CVE-2022-3095 Incorrect parsing of the backslash characters in Dart library — DartCWE-20 9.8 Critical2022-10-27
CVE-2022-3474 Bazel leaks user credentials through the remote assets API — BazelCWE-522 4.3 -2022-10-26
CVE-2022-3421 Privilege escalation in Google Drive for Desktop on MacOS — Drive for Desktop MacOSCWE-264 5.6 Medium2022-10-17
CVE-2022-3171 Memory handling vulnerability in ProtocolBuffers Java core and lite — ProtocolbuffersCWE-20 4.3 Medium2022-10-12
CVE-2022-1941 Out of Memory issue in ProtocolBuffers for cpp and python — protobuf-cppCWE-1286 7.5 -2022-09-22
CVE-2022-1798 Path Traversal vulnerability in Kubevirt — KubevirtCWE-20 8.7 High2022-09-15
CVE-2022-2390 Mutable pending intent in Google Play services SDK — Play Services SDKCWE-471 6.1 Medium2022-08-12
CVE-2022-1799 Incorrect signature verification on Google play-services-basement in Google Play SDK — Google Play Services SDKCWE-501 5.7 Medium2022-07-29
CVE-2022-0882 Illegal access to Kernel log in Fuchsia — Fuchsia KernelCWE-200 5.3 Medium2022-05-03
CVE-2021-22556 Integer Overflow in Fuchsia Kernel — Fuchsia KernelCWE-190 5.3 Medium2022-05-03
CVE-2021-22573 Incorrect signature verification on Google-oauth-java-client — Google-oauth-java-clientCWE-347 8.7 High2022-05-03
CVE-2022-0343 Local Priviledge escalation in Perfetto Dev scripts — Perfetto Dev ScriptsCWE-275 3.3 Low2022-03-29
CVE-2021-22572 Data-transfer-project information disclosure via tmp directory — Data-Transfer-ProjectCWE-377 5.5 Medium2022-03-29
CVE-2021-22571 Information Leak in SA360-webquery-bigquery through read on /tmp — google/sa360-webquery-bigqueryCWE-275 5.5 Medium2022-03-18
CVE-2022-0247 Write access to VMO data through copy-on-write in Fuchsia — FuchsiaCWE-732 7.5 High2022-02-25
CVE-2022-25328 Privilege escalation through command injection in fscrypt — fscryptCWE-78 5.0 Medium2022-02-25
CVE-2022-25327 Local Denial of Service in fscrypt PAM module — fscryptCWE-255 5.5 Medium2022-02-25
CVE-2022-25326 Denial of Service in fscrypt — fscryptCWE-400 5.5 Medium2022-02-25
CVE-2022-0451 Auth bypass in Dark SDK — Dart SDKCWE-305 6.5 Medium2022-02-18
CVE-2022-0317 Improper Input Validation in AKPublic.Verify in go-attestation — go-attestationCWE-20 4.0 Medium2022-02-04
CVE-2021-22570 Nullptr Dereference in Protobuf — ProtobufCWE-476 6.5 Medium2022-01-26
CVE-2021-22566 Incorrect mapping of Executable bits in Fuchsia Kernel — FuchsiaCWE-275 8.8 -2022-01-18
CVE-2021-22569 Denial of Service of protobuf-java parsing procedure — protobuf-javaCWE-696 7.5 High2022-01-07
CVE-2021-22567 Bidirectional Override in Dart SDK — Dart SDKCWE-284 4.6 Medium2022-01-05
CVE-2021-22568 Dart - Publishing to third-party package repositories may expose pub.dev credentials — Dart SDKCWE-255 8.8 High2021-12-09
CVE-2021-22565 Insufficient Granularity of Access Control in GAEN Notification Server — Google Exposure-notifications-verification-serverCWE-284 6.5 Medium2021-12-09
CVE-2021-22564 Out of bounds Copy in Libjxl in large image groups — libjxlCWE-122 4.5 Medium2021-11-01
CVE-2021-22563 Memory Overread in libjxl — libjxlCWE-126 4.5 Medium2021-11-01
CVE-2021-22557 Code execution in SLO Generator via YAML Payload — SLO GeneratorCWE-94 5.3 Medium2021-10-04
CVE-2021-22552 Memory overread secure enclave in Asylo 0.6.2 — AsyloCWE-126 5.3 Medium2021-08-02

This page lists every published CVE security advisory associated with Google LLC. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.