CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2015-1346 – chromium-browser: unspecified vulnerability in Google V8
https://notcve.org/view.php?id=CVE-2015-1346
22 Jan 2015 — Multiple unspecified vulnerabilities in Google V8 before 3.30.33.15, as used in Google Chrome before 40.0.2214.91, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google V8 anterior a 3.30.33.15,usado en Google Chrome anterior a 40.0.2214.91, permite a atacantes causar una denegación de servicio o la posibilidad de tener otro impacto a través de vectores no conocidos. Several memory corruption bugs were discovered... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html •
CVSS: 9.8EPSS: 1%CPEs: 10EXPL: 0CVE-2014-7942 – chromium-browser: uninitialized-value in Fonts
https://notcve.org/view.php?id=CVE-2014-7942
22 Jan 2015 — The Fonts implementation in Google Chrome before 40.0.2214.91 does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. La implementación Fuentes en Google Chrome anterior a 40.0.2214.91 no inicializa la memoria para una estructura de datos, lo que permite a atacantes remotos causar una denegación de servicio o la posibilidad de tener otro impacto sin especificar a través de vectores no conocidos... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html • CWE-399: Resource Management Errors CWE-456: Missing Initialization of a Variable •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2015-1205 – chromium-browser: multiple unspecified vulnerabilities
https://notcve.org/view.php?id=CVE-2015-1205
22 Jan 2015 — Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.91 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome anterior a 40.0.2214.91 permite a atacantes causar una denegación de servicio o la posibilidad de tener otro impacto a través de vectores desconocidos Several memory corruption bugs were discovered in ICU. If a user were tricked in to opening a specially crafted website, an attack... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html •
CVSS: 9.8EPSS: 1%CPEs: 12EXPL: 0CVE-2014-7926 – ICU: regexp engine incorrect handling of a zero length quantifier
https://notcve.org/view.php?id=CVE-2014-7926
22 Jan 2015 — The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a zero-length quantifier. El paquete Regular Expressions en International Components for Unicode (ICU) 52 anterior a la versión SVN 292944, como es usado en Google Chrome anterior a la versión 40.0.2214.91, permite a lo... • http://advisories.mageia.org/MGASA-2015-0047.html • CWE-17: DEPRECATED: Code CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7930 – chromium-browser: use-after-free in DOM
https://notcve.org/view.php?id=CVE-2014-7930
22 Jan 2015 — Use-after-free vulnerability in core/events/TreeScopeEventContext.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers improper maintenance of TreeScope data. Vulnerabilidad de uso después de liberación en core/events/TreeScopeEventContext.cpp en la implementación DOM en Blink, utilizado en Google Chrome anterior a 40.0.2214.91, permite a a... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2014-7933 – chromium-browser: use-after-free in FFmpeg
https://notcve.org/view.php?id=CVE-2014-7933
22 Jan 2015 — Use-after-free vulnerability in the matroska_read_seek function in libavformat/matroskadec.c in FFmpeg before 2.5.1, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska file that triggers improper maintenance of tracks data. Vulnerabilidad de uso después de liberación en la función matroska_read_seek en libavformat/matroskadec.c en FFmpeg anterior a 2.5.1, utilizado en Google Chrome anterior a 40.... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=490a3ebf36821b81f73e34ad3f554cb523dd2682 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2014-7934 – chromium-browser: use-after-free in DOM
https://notcve.org/view.php?id=CVE-2014-7934
22 Jan 2015 — Use-after-free vulnerability in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unexpected absence of document data structures. Vulnerabilidad de uso después de liberación en la implementación DOM en Blink, utilizado en Google Chrome anterior a 40.0.2214.91, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no espec... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7931 – chromium-browser: memory corruption in V8
https://notcve.org/view.php?id=CVE-2014-7931
22 Jan 2015 — factory.cc in Google V8, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code that triggers improper maintenance of backing-store pointers. factory.cc en Google V8, utilizado en Google Chrome anterior a 40.0.2214.91, permite a atacantes remotos causar una denegación de servicio (corrupción de memoria) o posiblemente tener otro impacto no especificado a través de código Java... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html • CWE-17: DEPRECATED: Code •
CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 0CVE-2014-7937 – chromium-browser: use-after-free in FFmpeg
https://notcve.org/view.php?id=CVE-2014-7937
22 Jan 2015 — Multiple off-by-one errors in libavcodec/vorbisdec.c in FFmpeg before 2.4.2, as used in Google Chrome before 40.0.2214.91, allow remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted Vorbis I data. Múltiples errores de superación de límite (off-by-one) en libavcodec/vorbisdec.c en FFmpeg anterior a 2.4.2, utilizado en Google Chrome anterior a 40.0.2214.91, permiten a atacantes remotos causar una denegación de servicio (uso después de liberación)... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=8c50704ebf1777bee76772c4835d9760b3721057 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free •
CVSS: 9.8EPSS: 4%CPEs: 2EXPL: 0CVE-2014-7940 – ICU: uninitialized value use in the collation component
https://notcve.org/view.php?id=CVE-2014-7940
22 Jan 2015 — The collator implementation in i18n/ucol.cpp in International Components for Unicode (ICU) 52 through SVN revision 293126, as used in Google Chrome before 40.0.2214.91, does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted character sequence. La implementación collator en i18n/ucol.cpp en International Components for Unicode (ICU) 52 hasta la revisión SVN 293126, utilizada en Google Chrome anterior ... • http://advisories.mageia.org/MGASA-2015-0047.html • CWE-399: Resource Management Errors •