CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 2CVE-2012-5656
https://notcve.org/view.php?id=CVE-2012-5656
18 Jan 2013 — The rasterization process in Inkscape before 0.48.4 allows local users to read arbitrary files via an external entity in a SVG file, aka an XML external entity (XXE) injection attack. El proceso de rasterización en Inkscape antes de v0.48.4 permite a los usuarios locales leer archivos de su elección a través de entidades externas en un archivo SVG. Se trata de un ataque también conocido como ataque de inyección XML a una entidad externa (XXE). • http://bazaar.launchpad.net/~inkscape.dev/inkscape/trunk/revision/11931 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 7.4EPSS: 0%CPEs: 8EXPL: 1CVE-2013-0420
https://notcve.org/view.php?id=CVE-2013-0420
17 Jan 2013 — Unspecified vulnerability in the VirtualBox component in Oracle Virtualization 4.0, 4.1, and 4.2 allows local users to affect integrity and availability via unknown vectors related to Core. NOTE: The previous information was obtained from the January 2013 Oracle CPU. Oracle has not commented on claims from another vendor that this issue is related to an incorrect comparison in the vga_draw_text function in Devices/Graphics/DevVGA.cpp, which can cause VirtualBox to "draw more lines than necessary." Una vulne... • http://lists.opensuse.org/opensuse-updates/2013-02/msg00000.html •
CVSS: 8.8EPSS: 0%CPEs: 123EXPL: 0CVE-2012-5153 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2012-5153
15 Jan 2013 — Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.52, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds access to stack memory. Google V8 anterior a v3.14.5.3 usado en Google Chrome anterior a 24.0.1312.52, permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto a través de un código JavaScript que provoca un acceso fuera de rango en la pila de ... • http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 114EXPL: 0CVE-2013-0834 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0834
15 Jan 2013 — Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving glyphs. Google Chrome antes de v24.0.1312.52 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de vectores que involucran glifos. Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions less than 29.0.1457.57 are affected. • http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 114EXPL: 0CVE-2012-5147 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2012-5147
15 Jan 2013 — Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM handling. Vulnerabilidad de liberación después de uso en Google Chrome anterior 24.0.1312.52, permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto sin especificar a través de vectores relacionados con el manejo de DOM. Multiple vulnerabilities have been reported in Chromium and ... • http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 0%CPEs: 114EXPL: 0CVE-2013-0831 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0831
15 Jan 2013 — Directory traversal vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to have an unspecified impact by leveraging access to an extension process. Vulnerabilidad de salto de directorio en Google Chrome antes de v24.0.1312.52 permite a atacantes remotos tener un impacto no especificado, aprovechando el acceso al proceso de ampliación. Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions less than 29.0.1457.57 are... • http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 0%CPEs: 123EXPL: 0CVE-2012-5148 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2012-5148
15 Jan 2013 — The hyphenation functionality in Google Chrome before 24.0.1312.52 does not properly validate file names, which has unspecified impact and attack vectors. La funcionalidad hyphenation en Google Chrome anterior a v24.0.1312.52 no valida correctamente nombres de ficheros, el cual tiene un impacto no especificado y vectores de ataques. Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions less than 29.0.1457.57 are affected. • http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 123EXPL: 0CVE-2013-0833 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0833
15 Jan 2013 — Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to printing. Google Chrome antes de v24.0.1312.52 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de vectores relacionados con la impresión. Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions less than 29.0.1457.57 are affected. • http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 221EXPL: 0CVE-2013-0836 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0836
15 Jan 2013 — Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.52, does not properly implement garbage collection, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code. Google V8 antes de v3.14.5.3, tal como se utiliza en Google Chrome antes v24.0.1312.52, no implementa correctamente la recolección de basura, lo que permite a atacantes remotos provocar una denegación de servicio (por caída de la aplicación)... • http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html • CWE-399: Resource Management Errors •
CVSS: 6.5EPSS: 0%CPEs: 123EXPL: 0CVE-2012-5152 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2012-5152
15 Jan 2013 — Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving seek operations on video data. Google Chrome anterior a v24.0.1312.52 permite a atacantes remotos causar una denegación de servicio (lectura fuera de los límites) mediante vectores que comprenden operaciones de búsqueda de datos de vídeo. Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions less than 29.0.14... • http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •