NotCVE - vendor:"Google" product:"Chrome" version:"19.0.1079.0"

Page 212 of 2778 results (0.016 seconds)

CVSS: 9.3EPSS: 2%CPEs: 7EXPL: 0

CVE-2016-1653 – chromium-browser: out-of-bounds write in V8

https://notcve.org/view.php?id=CVE-2016-1653

15 Apr 2016 — The LoadBuffer implementation in Google V8, as used in Google Chrome before 50.0.2661.75, mishandles data types, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds write operation, related to compiler/pipeline.cc and compiler/simplified-lowering.cc. La implementación LoadBuffer en Google V8, como se utiliza en Google Chrome en versiones anteriores a 50.0.2661.75, no maneja correctamente tipos de dato... • http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_13.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.5EPSS: 1%CPEs: 7EXPL: 0

CVE-2016-1654 – chromium-browser: uninitialized memory read in media

https://notcve.org/view.php?id=CVE-2016-1654

15 Apr 2016 — The media subsystem in Google Chrome before 50.0.2661.75 does not initialize an unspecified data structure, which allows remote attackers to cause a denial of service (invalid read operation) via unknown vectors. El subsistema media en Google Chrome en versiones anteriores a 50.0.2661.75 no inicializa una estructura de datos no especificada, lo que permite a atacantes remotos provocar una denegación de servicio (operación de lectura no válida) a través de vectores desconocidos. A use-after-free was discover... • http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_13.html • CWE-20: Improper Input Validation •

CVSS: 8.8EPSS: 2%CPEs: 7EXPL: 0

CVE-2016-1655 – chromium-browser: use-after-free related to extensions

https://notcve.org/view.php?id=CVE-2016-1655

15 Apr 2016 — Google Chrome before 50.0.2661.75 does not properly consider that frame removal may occur during callback execution, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted extension. Google Chrome en versiones anteriores a 50.0.2661.75 no considera correctamente que la eliminación de tramas pueda ocurrir durante la ejecución de una llamada de retorno, lo que permite a atacantes remotos provocar una denegación de servicio (uso despu... • http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_13.html •

CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0

CVE-2016-1657 – chromium-browser: address bar spoofing

https://notcve.org/view.php?id=CVE-2016-1657

15 Apr 2016 — The WebContentsImpl::FocusLocationBarByDefault function in content/browser/web_contents/web_contents_impl.cc in Google Chrome before 50.0.2661.75 mishandles focus for certain about:blank pages, which allows remote attackers to spoof the address bar via a crafted URL. La función WebContentsImpl::FocusLocationBarByDefault en content/browser/web_contents/web_contents_impl.cc en Google Chrome en versiones anteriores a 50.0.2661.75 no maneja correctamente el foco para ciertas páginas about:blank, lo que permite ... • http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_13.html • CWE-254: 7PK - Security Features •

CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0

CVE-2016-1658 – chromium-browser: potential leak of sensitive information to malicious extensions

https://notcve.org/view.php?id=CVE-2016-1658

15 Apr 2016 — The Extensions subsystem in Google Chrome before 50.0.2661.75 incorrectly relies on GetOrigin method calls for origin comparisons, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted extension. El subsistema Extensions en Google Chrome en versiones anteriores a 50.0.2661.75 confía incorrectamente en llamadas al método GetOrigin para comparaciones de origen, lo que permite a atacantes remotos eludir la Same Origin Policy y obtener información sensible... • http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_13.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •

CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0

CVE-2016-1659 – chromium-browser: various fixes from internal audits

https://notcve.org/view.php?id=CVE-2016-1659

15 Apr 2016 — Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.75 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome en versiones anteriores a 50.0.2661.75 permite a atacantes provocar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. A use-after-free was discovered when responding synchronously to permission requests. An attacker could potentially e... • http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_13.html •

CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0

CVE-2016-3679 – chromium-browser: multiple unspecified vulnerabilities

https://notcve.org/view.php?id=CVE-2016-3679

29 Mar 2016 — Multiple unspecified vulnerabilities in Google V8 before 4.9.385.33, as used in Google Chrome before 49.0.2623.108, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google V8 en versiones anteriores a 4.9.385.33, tal como se utiliza en Google Chrome en versiones anteriores a 49.0.2623.108, permiten a atacantes provocar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. A... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html •

CVSS: 9.3EPSS: 67%CPEs: 13EXPL: 1

CVE-2016-1646 – Google Chromium V8 Out-of-Bounds Read Vulnerability

https://notcve.org/view.php?id=CVE-2016-1646

27 Mar 2016 — The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted JavaScript code. La implementación de Array.prototype.concat en builtins.cc en Google V8, tal como se utiliza en Google Chrome en versiones anteriores a 49.0.2623.108, no considera adecuadamante los tipos de datos... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html • CWE-125: Out-of-bounds Read •

CVSS: 9.3EPSS: 1%CPEs: 6EXPL: 0

CVE-2016-1647 – chromium-browser: use-after-free in Navigation

https://notcve.org/view.php?id=CVE-2016-1647

27 Mar 2016 — Use-after-free vulnerability in the RenderWidgetHostImpl::Destroy function in content/browser/renderer_host/render_widget_host_impl.cc in the Navigation implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Vulnerabilidad de uso después de liberación de memoria en la función RenderWidgetHostImpl::Destroy en content/browser/renderer_host/render_widget_host_impl.cc en la implementación de Navigat... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html •

CVSS: 9.3EPSS: 2%CPEs: 3EXPL: 0

CVE-2016-1648 – chromium-browser: use-after-free in Extensions

https://notcve.org/view.php?id=CVE-2016-1648

27 Mar 2016 — Use-after-free vulnerability in the GetLoadTimes function in renderer/loadtimes_extension_bindings.cc in the Extensions implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code. Vulnerabilidad de uso después de liberación de memoria en la función GetLoadTimes en renderer/loadtimes_extension_bindings.cc en la implementación de Extensions en Google Chrome en versiones anteriores a 49.0.2623.1... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html •

1...210 211 212 213 214