Page 220 of 3273 results (0.013 seconds)

CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0

03 Dec 2015 — Use-after-free vulnerability in the AppCache implementation in Google Chrome before 47.0.2526.73 allows remote attackers with renderer access to cause a denial of service or possibly have unspecified other impact by leveraging incorrect AppCacheUpdateJob behavior associated with duplicate cache selection. Vulnerabilidad de uso después de liberación de memoria en la implementación de AppCache en Google Chrome en versiones anteriores a 47.0.2526.73 permite a atacantes remotos con acceso renderer causar una de... • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html • CWE-416: Use After Free •

CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0

03 Dec 2015 — Use-after-free vulnerability in content/browser/appcache/appcache_dispatcher_host.cc in the AppCache implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect pointer maintenance associated with certain callbacks. Vulnerabilidad de uso después de liberación de memoria en content/browser/appcache/appcache_dispatcher_host.cc en la implementación de AppCache en Google Chrome en versiones anteriores ... • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html • CWE-416: Use After Free •

CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0

03 Dec 2015 — The DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-6770. La implementación del DOM en Google Chrome en versiones anteriores a 47.0.2526.73 permite a atacantes remotos eludir la Same Origin Policy a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-6770. Multiple use-after-free bugs were discovered in the application cache implementation in Chromium. If... • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

03 Dec 2015 — The provisional-load commit implementation in WebKit/Source/bindings/core/v8/WindowProxy.cpp in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy by leveraging a delay in window proxy clearing. La implementación del envío de carga provisional en WebKit/Source/bindings/core/v8/WindowProxy.cpp en Google Chrome en versiones anteriores a 47.0.2526.73 permite a atacantes remotos eludir la Same Origin Policy mediante el aprovechamiento de un retraso en la desactivación del... • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0

03 Dec 2015 — The DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-6768. La implementación del DOM en Google Chrome en versiones anteriores a 47.0.2526.73 permite a atacantes remotos eludir la Same Origin Policy a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-6768. Multiple use-after-free bugs were discovered in the application cache implementation in Chromium. If... • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0

11 Nov 2015 — The PDF viewer in Google Chrome before 46.0.2490.86 does not properly restrict scripting messages and API exposure, which allows remote attackers to bypass the Same Origin Policy via an unintended embedder or unintended plugin loading, related to pdf.js and out_of_process_instance.cc. El visor PDF en Google Chrome en versiones anteriores a 46.0.2490.86 no restringe adecuadamente mensajes de programación de secuencias de comandos y la exposición de la API, lo que permite a atacantes remotos eludir la Same Or... • http://googlechromereleases.blogspot.com/2015/11/stable-channel-update.html • CWE-20: Improper Input Validation CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

15 Oct 2015 — Multiple unspecified vulnerabilities in Google V8 before 4.6.85.23, as used in Google Chrome before 46.0.2490.71, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google V8 en versiones anteriores a 4.6.85.23, como se utiliza en Google Chrome en versiones anteriores a 46.0.2490.71, permite a atacantes provocar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. USN-2770-1... • http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html •

CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0

15 Oct 2015 — The ContainerNode::parserInsertBefore function in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 46.0.2490.71, proceeds with a DOM tree insertion in certain cases where a parent node no longer contains a child node, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code. La función ContainerNode::parserInsertBefore en core/dom/ContainerNode.cpp en Blink, como se utiliza en Google Chrome en versiones anteriores a 46.0.2490.71, procede con una inserció... • http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html • CWE-264: Permissions, Privileges, and Access Controls CWE-345: Insufficient Verification of Data Authenticity •

CVSS: 8.8EPSS: 2%CPEs: 1EXPL: 0

15 Oct 2015 — Use-after-free vulnerability in the CPDFSDK_PageView implementation in fpdfsdk/src/fsdk_mgr.cpp in PDFium, as used in Google Chrome before 46.0.2490.71, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by leveraging mishandling of a focused annotation in a PDF document. Vulnerabilidad de uso después de liberación de memoria en la implementación CPDFSDK_PageView en fpdfsdk/src/fsdk_mgr.cpp en PDFium, como se utiliza en Google Chrome en ve... • http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html • CWE-416: Use After Free •

CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0

15 Oct 2015 — Use-after-free vulnerability in content/browser/service_worker/embedded_worker_instance.cc in the ServiceWorker implementation in Google Chrome before 46.0.2490.71 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging object destruction in a callback. Vulnerabilidad de uso después de liberación de memoria en content/browser/service_worker/embedded_worker_instance.cc en la implementación ServiceWorker en Google Chrome en versiones anteriores a 46.0.2490.... • http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html • CWE-416: Use After Free •