CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2011-1798
https://notcve.org/view.php?id=CVE-2011-1798
26 Dec 2014 — rendering/svg/RenderSVGText.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 does not properly perform a cast of an unspecified variable during an attempt to handle a block child, which allows remote attackers to cause a denial of service (application crash) or possibly have unknown other impact via a crafted text element in an SVG document. rendering/svg/RenderSVGText.cpp en WebCore en WebKit en Google Chrome anterior a 11.0.696.65 no lleva a cabo correctamente una conversión de datos de una va... • http://crbug.com/79595 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-1796
https://notcve.org/view.php?id=CVE-2011-1796
26 Dec 2014 — Use-after-free vulnerability in the FrameView::calculateScrollbarModesForLayout function in page/FrameView.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code that calls the removeChild method during interaction with a FRAME element. Vulnerabilidad de uso después de liberación en la función FrameView::calculateScrollbarModesForLayout en page/FrameView.cpp en... • http://crbug.com/79055 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-1795
https://notcve.org/view.php?id=CVE-2011-1795
26 Dec 2014 — Integer underflow in the HTMLFormElement::removeFormElement function in html/HTMLFormElement.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document containing a FORM element. Subdesbordamiento de enteros en la función HTMLFormElement::removeFormElement function en html/HTMLFormElement.cpp en WebCore en WebKit en Google Chrome anterior a 11.0.696.65 permite a at... • http://crbug.com/78948 • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7907 – chromium-browser: Use-after-free in blink
https://notcve.org/view.php?id=CVE-2014-7907
19 Nov 2014 — Multiple use-after-free vulnerabilities in modules/screen_orientation/ScreenOrientationController.cpp in Blink, as used in Google Chrome before 39.0.2171.65, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger improper handling of a detached frame, related to the (1) lock and (2) unlock methods. Múltiples vulnerabilidades de uso después de liberación en modules/screen_orientation/ScreenOrientationController.cpp en Blink, usado en Google Chro... • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html • CWE-399: Resource Management Errors CWE-416: Use After Free •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2014-7905
https://notcve.org/view.php?id=CVE-2014-7905
19 Nov 2014 — Google Chrome before 39.0.2171.65 on Android does not prevent navigation to a URL in cases where an intent for the URL lacks CATEGORY_BROWSABLE, which allows remote attackers to bypass intended access restrictions via a crafted web site. Google Chrome anterior a 39.0.2171.65 para Android no previene la navegación a una URL en los casos donde una intento para la URL no tiene CATEGORY_BROWSABLE, lo que permite a atacantes remotos evadir las restricciones de acceso a través de un sitio web manipulado. • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html • CWE-284: Improper Access Control •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 14CVE-2014-7910 – GNU Bash - Environment Variable Command Injection
https://notcve.org/view.php?id=CVE-2014-7910
19 Nov 2014 — Multiple unspecified vulnerabilities in Google Chrome before 39.0.2171.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades sin especificar en Google Chrome anterior a 39.0.2171.65 permitirían a atacantes remotos causar una denegación de servicio o posiblemente otro impacto mediante vectores desconocidos. A buffer overflow was discovered in Skia. If a user were tricked in to opening a specially crafted website, an attacked could potent... • https://www.exploit-db.com/exploits/34777 •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7901 – Gentoo Linux Security Advisory 201412-13
https://notcve.org/view.php?id=CVE-2014-7901
19 Nov 2014 — Integer overflow in the opj_t2_read_packet_data function in fxcodec/fx_libopenjpeg/libopenjpeg20/t2.c in OpenJPEG in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long segment in a JPEG image. Desbordamiento de enteros en la función opj_t2_read_packer en fxcodec/fx_ligopenjpeg/libopenjpeg20/t2.c en OpenJPEG en PDFium, usado en Google Chrome anterior a 39.0.2171.65, permite a atacantes remotos causar ... • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 3%CPEs: 1EXPL: 0CVE-2014-7909 – chromium-browser: Uninitialized memory read in Skia
https://notcve.org/view.php?id=CVE-2014-7909
19 Nov 2014 — effects/SkDashPathEffect.cpp in Skia, as used in Google Chrome before 39.0.2171.65, computes a hash key using uninitialized integer values, which might allow remote attackers to cause a denial of service by rendering crafted data. effects/SkDashPathEffect.cpp en Skia, usado en Google Chrome anterior a 39.0.2171.65, calcula una clave de hash usando valores de enteros sin inicializar, lo que podría permitir a atacantes remotos causar una denegación de servicio mediante la renderización de datos manipulados. A... • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html • CWE-189: Numeric Errors •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7900 – Gentoo Linux Security Advisory 201412-13
https://notcve.org/view.php?id=CVE-2014-7900
19 Nov 2014 — Use-after-free vulnerability in the CPDF_Parser::IsLinearizedFile function in fpdfapi/fpdf_parser/fpdf_parser_parser.cpp in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document. Una vulnerabilidad de uso después de liberación en la función CPDF_Parser::IsLinearizedFile ubicada en fpdfapi/fpdf_parser/fpdf_parser_parser.cpp en PDFium, usada en Google Chrome anterior 39.0.2171.65, permite ... • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7903 – Gentoo Linux Security Advisory 201412-13
https://notcve.org/view.php?id=CVE-2014-7903
19 Nov 2014 — Buffer overflow in OpenJPEG before r2911 in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted JPEG image. Desbordamiento de buffer en OpenJPEG anterior a r2911 en PDFium, usado en Google Chrome anterior a 39.0.2171.65, permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto a través de una imagen JPEG manipulada. Multiple vulnerabilities have been found i... • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •