CVSS: 6.5EPSS: 1%CPEs: 8EXPL: 0CVE-2014-7941 – chromium-browser: out-of-bounds read in UI
https://notcve.org/view.php?id=CVE-2014-7941
22 Jan 2015 — The SelectionOwner::ProcessTarget function in ui/base/x/selection_owner.cc in the UI implementation in Google Chrome before 40.0.2214.91 uses an incorrect data type for a certain length value, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted X11 data. La función SelectionOwner::ProcessTarget en ui/base/x/selection_owner.cc en la implementación UI en Google Chrome anterior a 40.0.2214.91 utiliza un tipo de datos incorrecto para cierto valor de longitud, lo que permi... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 1%CPEs: 10EXPL: 0CVE-2014-7943 – chromium-browser: out-of-bounds read in Skia
https://notcve.org/view.php?id=CVE-2014-7943
22 Jan 2015 — Skia, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. Skia, utilizado en Google Chrome anterior a 40.0.2214.91, permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango) a través de vectores no especificados. Several memory corruption bugs were discovered in ICU. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a d... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7938 – chromium-browser: memory corruption in Fonts
https://notcve.org/view.php?id=CVE-2014-7938
22 Jan 2015 — The Fonts implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. La implementación Fonts en Google Chrome anterior a 40.0.2214.91 permite a atacantes remotos causar una denegación de servicio (corrupción de memoria) o la posibilidad de tener otro impacto no especificado a través de vectores desconocidos. Several memory corruption bugs were discovered in ICU. If a user were tri... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 2%CPEs: 1EXPL: 0CVE-2014-7945 – chromium-browser: out-of-bounds read in PDFium
https://notcve.org/view.php?id=CVE-2014-7945
22 Jan 2015 — OpenJPEG before r2908, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document, related to j2k.c, jp2.c, and t2.c. OpenJPEG anterior a r2908, utilizado en PDFium en Google Chrome anterior a 40.0.2214.91, permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango) a través dfe un documento PDF manipulado, relacionado con j2k.c, jp2.c, y t2.c. Chromium is an open-source web browser, ... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 2%CPEs: 1EXPL: 0CVE-2014-7947 – chromium-browser: out-of-bounds read in PDFium
https://notcve.org/view.php?id=CVE-2014-7947
22 Jan 2015 — OpenJPEG before r2944, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document, related to j2k.c, jp2.c, pi.c, t1.c, t2.c, and tcd.c. OpenJPEG anterior a r2944, usado en PDFium en Google Chrome anterior a 40.0.2214.91, permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango) a través de un documento PDF modificado, relacionado con j2k.c, jp2.c, pi.c, t1.c, t2.c, y tcd.c. Chromiu... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2014-7905
https://notcve.org/view.php?id=CVE-2014-7905
19 Nov 2014 — Google Chrome before 39.0.2171.65 on Android does not prevent navigation to a URL in cases where an intent for the URL lacks CATEGORY_BROWSABLE, which allows remote attackers to bypass intended access restrictions via a crafted web site. Google Chrome anterior a 39.0.2171.65 para Android no previene la navegación a una URL en los casos donde una intento para la URL no tiene CATEGORY_BROWSABLE, lo que permite a atacantes remotos evadir las restricciones de acceso a través de un sitio web manipulado. • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html • CWE-284: Improper Access Control •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7901 – Gentoo Linux Security Advisory 201412-13
https://notcve.org/view.php?id=CVE-2014-7901
19 Nov 2014 — Integer overflow in the opj_t2_read_packet_data function in fxcodec/fx_libopenjpeg/libopenjpeg20/t2.c in OpenJPEG in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long segment in a JPEG image. Desbordamiento de enteros en la función opj_t2_read_packer en fxcodec/fx_ligopenjpeg/libopenjpeg20/t2.c en OpenJPEG en PDFium, usado en Google Chrome anterior a 39.0.2171.65, permite a atacantes remotos causar ... • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html • CWE-189: Numeric Errors •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7908 – chromium-browser: Integer overflow in media
https://notcve.org/view.php?id=CVE-2014-7908
19 Nov 2014 — Multiple integer overflows in the CheckMov function in media/base/container_names.cc in Google Chrome before 39.0.2171.65 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a large atom in (1) MPEG-4 or (2) QuickTime .mov data. Múltiples desbordamientos de enteros en la función CheckMov ubicada en media/base/container_names.cc en Google Chorme anterior a 39.0.2171.65 permiten a atacantes remotos causar una denegación de servicio o posiblemente tener otro impact... • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 3%CPEs: 1EXPL: 0CVE-2014-7909 – chromium-browser: Uninitialized memory read in Skia
https://notcve.org/view.php?id=CVE-2014-7909
19 Nov 2014 — effects/SkDashPathEffect.cpp in Skia, as used in Google Chrome before 39.0.2171.65, computes a hash key using uninitialized integer values, which might allow remote attackers to cause a denial of service by rendering crafted data. effects/SkDashPathEffect.cpp en Skia, usado en Google Chrome anterior a 39.0.2171.65, calcula una clave de hash usando valores de enteros sin inicializar, lo que podría permitir a atacantes remotos causar una denegación de servicio mediante la renderización de datos manipulados. A... • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html • CWE-189: Numeric Errors •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7900 – Gentoo Linux Security Advisory 201412-13
https://notcve.org/view.php?id=CVE-2014-7900
19 Nov 2014 — Use-after-free vulnerability in the CPDF_Parser::IsLinearizedFile function in fpdfapi/fpdf_parser/fpdf_parser_parser.cpp in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document. Una vulnerabilidad de uso después de liberación en la función CPDF_Parser::IsLinearizedFile ubicada en fpdfapi/fpdf_parser/fpdf_parser_parser.cpp en PDFium, usada en Google Chrome anterior 39.0.2171.65, permite ... • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html • CWE-399: Resource Management Errors •