CVSS: 6.5EPSS: 2%CPEs: 1EXPL: 0CVE-2014-7945 – chromium-browser: out-of-bounds read in PDFium
https://notcve.org/view.php?id=CVE-2014-7945
22 Jan 2015 — OpenJPEG before r2908, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document, related to j2k.c, jp2.c, and t2.c. OpenJPEG anterior a r2908, utilizado en PDFium en Google Chrome anterior a 40.0.2214.91, permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango) a través dfe un documento PDF manipulado, relacionado con j2k.c, jp2.c, y t2.c. Chromium is an open-source web browser, ... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7930 – chromium-browser: use-after-free in DOM
https://notcve.org/view.php?id=CVE-2014-7930
22 Jan 2015 — Use-after-free vulnerability in core/events/TreeScopeEventContext.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers improper maintenance of TreeScope data. Vulnerabilidad de uso después de liberación en core/events/TreeScopeEventContext.cpp en la implementación DOM en Blink, utilizado en Google Chrome anterior a 40.0.2214.91, permite a a... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html • CWE-416: Use After Free •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7938 – chromium-browser: memory corruption in Fonts
https://notcve.org/view.php?id=CVE-2014-7938
22 Jan 2015 — The Fonts implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. La implementación Fonts en Google Chrome anterior a 40.0.2214.91 permite a atacantes remotos causar una denegación de servicio (corrupción de memoria) o la posibilidad de tener otro impacto no especificado a través de vectores desconocidos. Several memory corruption bugs were discovered in ICU. If a user were tri... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7935 – chromium-browser: use-after-free in Speech
https://notcve.org/view.php?id=CVE-2014-7935
22 Jan 2015 — Use-after-free vulnerability in browser/speech/tts_message_filter.cc in the Speech implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving utterances from a closed tab. Vulnerabilidad de uso después de liberación en browser/speech/tts_message_filter.cc en la implementación Speech en Google Chrome anterior a 40.0.2214.91 permite a atacantes remotos causar una denagación de servicio o la posibilida... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2015-1205 – chromium-browser: multiple unspecified vulnerabilities
https://notcve.org/view.php?id=CVE-2015-1205
22 Jan 2015 — Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.91 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome anterior a 40.0.2214.91 permite a atacantes causar una denegación de servicio o la posibilidad de tener otro impacto a través de vectores desconocidos Several memory corruption bugs were discovered in ICU. If a user were tricked in to opening a specially crafted website, an attack... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html •
CVSS: 9.8EPSS: 4%CPEs: 2EXPL: 0CVE-2014-7940 – ICU: uninitialized value use in the collation component
https://notcve.org/view.php?id=CVE-2014-7940
22 Jan 2015 — The collator implementation in i18n/ucol.cpp in International Components for Unicode (ICU) 52 through SVN revision 293126, as used in Google Chrome before 40.0.2214.91, does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted character sequence. La implementación collator en i18n/ucol.cpp en International Components for Unicode (ICU) 52 hasta la revisión SVN 293126, utilizada en Google Chrome anterior ... • http://advisories.mageia.org/MGASA-2015-0047.html • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7929 – chromium-browser: use-after-free in DOM
https://notcve.org/view.php?id=CVE-2014-7929
22 Jan 2015 — Use-after-free vulnerability in the HTMLScriptElement::didMoveToNewDocument function in core/html/HTMLScriptElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving movement of a SCRIPT element across documents. Vulnerabilidad de uso después de liberación en la función HTMLScriptElement::didMoveToNewDocument en core/html/HTMLScriptElement.cpp en la impleme... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html • CWE-17: DEPRECATED: Code CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7936 – chromium-browser: use-after-free in Views
https://notcve.org/view.php?id=CVE-2014-7936
22 Jan 2015 — Use-after-free vulnerability in the ZoomBubbleView::Close function in browser/ui/views/location_bar/zoom_bubble_view.cc in the Views implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document that triggers improper maintenance of a zoom bubble. Vulnerabilidad uso después de liberación en la función ZoomBubbleView::Close en browser/ui/views/location_bar/zoom_bubble_view.cc en la implementación Views... • http://googlechromereleases.blogspot.com/2015/01/stable-update.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-1794
https://notcve.org/view.php?id=CVE-2011-1794
26 Dec 2014 — Integer overflow in the FilterEffect::copyImageBytes function in platform/graphics/filters/FilterEffect.cpp in the SVG filter implementation in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted dimensions. Desbordamiento de enteros en la función FilterEffect::copyImageBytes en platform/graphics/filters/FilterEffect.cpp en la implementación SVG filter en WebCore en WebKit en Goog... • http://crbug.com/78327 • CWE-189: Numeric Errors •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-1793
https://notcve.org/view.php?id=CVE-2011-1793
26 Dec 2014 — rendering/svg/RenderSVGResourceFilter.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted SVG document that leads to a "stale pointer." rendering/svg/RenderSVGResourceFilter.cpp en WebCore en WebKit en Google Chrome anterior a 11.0.696.65 permite a atacantes remotos causar una denegación de servicio (caída de la aplicación) o la posibilidad de tener otro impacto no especi... • http://crbug.com/67923 • CWE-20: Improper Input Validation •