CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7932 – chromium-browser: use-after-free in DOM
https://notcve.org/view.php?id=CVE-2014-7932
22 Jan 2015 — Use-after-free vulnerability in the Element::detach function in core/dom/Element.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving pending updates of detached elements. Vulnerabilidad de uso después de liberación en la función Element::detach en core/dom/Element.cpp en la implementación DOM en Blink, utilizado en Google Chrome anterior a 40.0.2214.91, permi... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html • CWE-416: Use After Free •
CVSS: 9.8EPSS: 1%CPEs: 12EXPL: 0CVE-2014-7923 – ICU: regexp engine missing look-behind expression range check
https://notcve.org/view.php?id=CVE-2014-7923
22 Jan 2015 — The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a look-behind expression. El paquete Regular Expressions en International Components for Unicode (ICU) 52 anterior a la versión SVN 292944, como es usada en Google Chrome anterior a la versión 40.0.2214.91, permite a lo... • http://advisories.mageia.org/MGASA-2015-0047.html • CWE-17: DEPRECATED: Code CWE-122: Heap-based Buffer Overflow •
CVSS: 6.5EPSS: 2%CPEs: 1EXPL: 0CVE-2014-7945 – chromium-browser: out-of-bounds read in PDFium
https://notcve.org/view.php?id=CVE-2014-7945
22 Jan 2015 — OpenJPEG before r2908, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document, related to j2k.c, jp2.c, and t2.c. OpenJPEG anterior a r2908, utilizado en PDFium en Google Chrome anterior a 40.0.2214.91, permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango) a través dfe un documento PDF manipulado, relacionado con j2k.c, jp2.c, y t2.c. Chromium is an open-source web browser, ... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7930 – chromium-browser: use-after-free in DOM
https://notcve.org/view.php?id=CVE-2014-7930
22 Jan 2015 — Use-after-free vulnerability in core/events/TreeScopeEventContext.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers improper maintenance of TreeScope data. Vulnerabilidad de uso después de liberación en core/events/TreeScopeEventContext.cpp en la implementación DOM en Blink, utilizado en Google Chrome anterior a 40.0.2214.91, permite a a... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html • CWE-416: Use After Free •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7938 – chromium-browser: memory corruption in Fonts
https://notcve.org/view.php?id=CVE-2014-7938
22 Jan 2015 — The Fonts implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. La implementación Fonts en Google Chrome anterior a 40.0.2214.91 permite a atacantes remotos causar una denegación de servicio (corrupción de memoria) o la posibilidad de tener otro impacto no especificado a través de vectores desconocidos. Several memory corruption bugs were discovered in ICU. If a user were tri... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7935 – chromium-browser: use-after-free in Speech
https://notcve.org/view.php?id=CVE-2014-7935
22 Jan 2015 — Use-after-free vulnerability in browser/speech/tts_message_filter.cc in the Speech implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving utterances from a closed tab. Vulnerabilidad de uso después de liberación en browser/speech/tts_message_filter.cc en la implementación Speech en Google Chrome anterior a 40.0.2214.91 permite a atacantes remotos causar una denagación de servicio o la posibilida... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2015-1205 – chromium-browser: multiple unspecified vulnerabilities
https://notcve.org/view.php?id=CVE-2015-1205
22 Jan 2015 — Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.91 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome anterior a 40.0.2214.91 permite a atacantes causar una denegación de servicio o la posibilidad de tener otro impacto a través de vectores desconocidos Several memory corruption bugs were discovered in ICU. If a user were tricked in to opening a specially crafted website, an attack... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html •
CVSS: 9.8EPSS: 4%CPEs: 2EXPL: 0CVE-2014-7940 – ICU: uninitialized value use in the collation component
https://notcve.org/view.php?id=CVE-2014-7940
22 Jan 2015 — The collator implementation in i18n/ucol.cpp in International Components for Unicode (ICU) 52 through SVN revision 293126, as used in Google Chrome before 40.0.2214.91, does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted character sequence. La implementación collator en i18n/ucol.cpp en International Components for Unicode (ICU) 52 hasta la revisión SVN 293126, utilizada en Google Chrome anterior ... • http://advisories.mageia.org/MGASA-2015-0047.html • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7929 – chromium-browser: use-after-free in DOM
https://notcve.org/view.php?id=CVE-2014-7929
22 Jan 2015 — Use-after-free vulnerability in the HTMLScriptElement::didMoveToNewDocument function in core/html/HTMLScriptElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving movement of a SCRIPT element across documents. Vulnerabilidad de uso después de liberación en la función HTMLScriptElement::didMoveToNewDocument en core/html/HTMLScriptElement.cpp en la impleme... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html • CWE-17: DEPRECATED: Code CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7936 – chromium-browser: use-after-free in Views
https://notcve.org/view.php?id=CVE-2014-7936
22 Jan 2015 — Use-after-free vulnerability in the ZoomBubbleView::Close function in browser/ui/views/location_bar/zoom_bubble_view.cc in the Views implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document that triggers improper maintenance of a zoom bubble. Vulnerabilidad uso después de liberación en la función ZoomBubbleView::Close en browser/ui/views/location_bar/zoom_bubble_view.cc en la implementación Views... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html • CWE-416: Use After Free •