CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7924 – chromium-browser: use-after-free in IndexedDB
https://notcve.org/view.php?id=CVE-2014-7924
22 Jan 2015 — Use-after-free vulnerability in the IndexedDB implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering duplicate BLOB references, related to content/browser/indexed_db/indexed_db_callbacks.cc and content/browser/indexed_db/indexed_db_dispatcher_host.cc. Vulnerabilidad de uso después de liberación en la implementación IndexedDB en Google Chrome anterior a 40.0.2214.91 permite a atacantes remotos causar una... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 1%CPEs: 10EXPL: 0CVE-2014-7943 – chromium-browser: out-of-bounds read in Skia
https://notcve.org/view.php?id=CVE-2014-7943
22 Jan 2015 — Skia, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. Skia, utilizado en Google Chrome anterior a 40.0.2214.91, permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango) a través de vectores no especificados. Several memory corruption bugs were discovered in ICU. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a d... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7931 – chromium-browser: memory corruption in V8
https://notcve.org/view.php?id=CVE-2014-7931
22 Jan 2015 — factory.cc in Google V8, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code that triggers improper maintenance of backing-store pointers. factory.cc en Google V8, utilizado en Google Chrome anterior a 40.0.2214.91, permite a atacantes remotos causar una denegación de servicio (corrupción de memoria) o posiblemente tener otro impacto no especificado a través de código Java... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html • CWE-17: DEPRECATED: Code •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2014-7934 – chromium-browser: use-after-free in DOM
https://notcve.org/view.php?id=CVE-2014-7934
22 Jan 2015 — Use-after-free vulnerability in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unexpected absence of document data structures. Vulnerabilidad de uso después de liberación en la implementación DOM en Blink, utilizado en Google Chrome anterior a 40.0.2214.91, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no espec... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html • CWE-416: Use After Free •
CVSS: 6.5EPSS: 2%CPEs: 1EXPL: 0CVE-2014-7947 – chromium-browser: out-of-bounds read in PDFium
https://notcve.org/view.php?id=CVE-2014-7947
22 Jan 2015 — OpenJPEG before r2944, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document, related to j2k.c, jp2.c, pi.c, t1.c, t2.c, and tcd.c. OpenJPEG anterior a r2944, usado en PDFium en Google Chrome anterior a 40.0.2214.91, permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango) a través de un documento PDF modificado, relacionado con j2k.c, jp2.c, pi.c, t1.c, t2.c, y tcd.c. Chromiu... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 1%CPEs: 12EXPL: 0CVE-2014-7926 – ICU: regexp engine incorrect handling of a zero length quantifier
https://notcve.org/view.php?id=CVE-2014-7926
22 Jan 2015 — The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a zero-length quantifier. El paquete Regular Expressions en International Components for Unicode (ICU) 52 anterior a la versión SVN 292944, como es usado en Google Chrome anterior a la versión 40.0.2214.91, permite a lo... • http://advisories.mageia.org/MGASA-2015-0047.html • CWE-17: DEPRECATED: Code CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2015-1346 – chromium-browser: unspecified vulnerability in Google V8
https://notcve.org/view.php?id=CVE-2015-1346
22 Jan 2015 — Multiple unspecified vulnerabilities in Google V8 before 3.30.33.15, as used in Google Chrome before 40.0.2214.91, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google V8 anterior a 3.30.33.15,usado en Google Chrome anterior a 40.0.2214.91, permite a atacantes causar una denegación de servicio o la posibilidad de tener otro impacto a través de vectores no conocidos. Several memory corruption bugs were discovered... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7927 – chromium-browser: memory corruption in V8
https://notcve.org/view.php?id=CVE-2014-7927
22 Jan 2015 — The SimplifiedLowering::DoLoadBuffer function in compiler/simplified-lowering.cc in Google V8, as used in Google Chrome before 40.0.2214.91, does not properly choose an integer data type, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code. La función SimplifiedLowering::DoLoadBuffer en compiler/simplified-lowering.cc en Google V8, utilizado en Google Chrome anterior a 40.0.2214.91, no elige correctamente un tip... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html • CWE-189: Numeric Errors •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7928 – chromium-browser: memory corruption in V8
https://notcve.org/view.php?id=CVE-2014-7928
22 Jan 2015 — hydrogen.cc in Google V8, as used Google Chrome before 40.0.2214.91, does not properly handle arrays with holes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code that triggers an array copy. hydrogen.cc en Google V8, utilizado en Google Chrome anterior a 40.0.2214.91, no maneja correctamente los arrays con agujeros, lo que permite a atacantes remotos causar una denegación de servicio (corrupción de memoria) o... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html • CWE-19: Data Processing Errors •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2014-7933 – chromium-browser: use-after-free in FFmpeg
https://notcve.org/view.php?id=CVE-2014-7933
22 Jan 2015 — Use-after-free vulnerability in the matroska_read_seek function in libavformat/matroskadec.c in FFmpeg before 2.5.1, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska file that triggers improper maintenance of tracks data. Vulnerabilidad de uso después de liberación en la función matroska_read_seek en libavformat/matroskadec.c en FFmpeg anterior a 2.5.1, utilizado en Google Chrome anterior a 40.... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=490a3ebf36821b81f73e34ad3f554cb523dd2682 • CWE-416: Use After Free •