CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-1794
https://notcve.org/view.php?id=CVE-2011-1794
26 Dec 2014 — Integer overflow in the FilterEffect::copyImageBytes function in platform/graphics/filters/FilterEffect.cpp in the SVG filter implementation in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted dimensions. Desbordamiento de enteros en la función FilterEffect::copyImageBytes en platform/graphics/filters/FilterEffect.cpp en la implementación SVG filter en WebCore en WebKit en Goog... • http://crbug.com/78327 • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2011-1798
https://notcve.org/view.php?id=CVE-2011-1798
26 Dec 2014 — rendering/svg/RenderSVGText.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 does not properly perform a cast of an unspecified variable during an attempt to handle a block child, which allows remote attackers to cause a denial of service (application crash) or possibly have unknown other impact via a crafted text element in an SVG document. rendering/svg/RenderSVGText.cpp en WebCore en WebKit en Google Chrome anterior a 11.0.696.65 no lleva a cabo correctamente una conversión de datos de una va... • http://crbug.com/79595 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-1795
https://notcve.org/view.php?id=CVE-2011-1795
26 Dec 2014 — Integer underflow in the HTMLFormElement::removeFormElement function in html/HTMLFormElement.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document containing a FORM element. Subdesbordamiento de enteros en la función HTMLFormElement::removeFormElement function en html/HTMLFormElement.cpp en WebCore en WebKit en Google Chrome anterior a 11.0.696.65 permite a at... • http://crbug.com/78948 • CWE-189: Numeric Errors •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2014-7905
https://notcve.org/view.php?id=CVE-2014-7905
19 Nov 2014 — Google Chrome before 39.0.2171.65 on Android does not prevent navigation to a URL in cases where an intent for the URL lacks CATEGORY_BROWSABLE, which allows remote attackers to bypass intended access restrictions via a crafted web site. Google Chrome anterior a 39.0.2171.65 para Android no previene la navegación a una URL en los casos donde una intento para la URL no tiene CATEGORY_BROWSABLE, lo que permite a atacantes remotos evadir las restricciones de acceso a través de un sitio web manipulado. • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html • CWE-284: Improper Access Control •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7901 – Gentoo Linux Security Advisory 201412-13
https://notcve.org/view.php?id=CVE-2014-7901
19 Nov 2014 — Integer overflow in the opj_t2_read_packet_data function in fxcodec/fx_libopenjpeg/libopenjpeg20/t2.c in OpenJPEG in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long segment in a JPEG image. Desbordamiento de enteros en la función opj_t2_read_packer en fxcodec/fx_ligopenjpeg/libopenjpeg20/t2.c en OpenJPEG en PDFium, usado en Google Chrome anterior a 39.0.2171.65, permite a atacantes remotos causar ... • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html • CWE-189: Numeric Errors •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7908 – chromium-browser: Integer overflow in media
https://notcve.org/view.php?id=CVE-2014-7908
19 Nov 2014 — Multiple integer overflows in the CheckMov function in media/base/container_names.cc in Google Chrome before 39.0.2171.65 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a large atom in (1) MPEG-4 or (2) QuickTime .mov data. Múltiples desbordamientos de enteros en la función CheckMov ubicada en media/base/container_names.cc en Google Chorme anterior a 39.0.2171.65 permiten a atacantes remotos causar una denegación de servicio o posiblemente tener otro impact... • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 3%CPEs: 1EXPL: 0CVE-2014-7909 – chromium-browser: Uninitialized memory read in Skia
https://notcve.org/view.php?id=CVE-2014-7909
19 Nov 2014 — effects/SkDashPathEffect.cpp in Skia, as used in Google Chrome before 39.0.2171.65, computes a hash key using uninitialized integer values, which might allow remote attackers to cause a denial of service by rendering crafted data. effects/SkDashPathEffect.cpp en Skia, usado en Google Chrome anterior a 39.0.2171.65, calcula una clave de hash usando valores de enteros sin inicializar, lo que podría permitir a atacantes remotos causar una denegación de servicio mediante la renderización de datos manipulados. A... • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html • CWE-189: Numeric Errors •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7900 – Gentoo Linux Security Advisory 201412-13
https://notcve.org/view.php?id=CVE-2014-7900
19 Nov 2014 — Use-after-free vulnerability in the CPDF_Parser::IsLinearizedFile function in fpdfapi/fpdf_parser/fpdf_parser_parser.cpp in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document. Una vulnerabilidad de uso después de liberación en la función CPDF_Parser::IsLinearizedFile ubicada en fpdfapi/fpdf_parser/fpdf_parser_parser.cpp en PDFium, usada en Google Chrome anterior 39.0.2171.65, permite ... • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 2%CPEs: 1EXPL: 0CVE-2014-7906 – chromium-browser: Use-after-free in pepper plugins
https://notcve.org/view.php?id=CVE-2014-7906
19 Nov 2014 — Use-after-free vulnerability in the Pepper plugins in Google Chrome before 39.0.2171.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted Flash content that triggers an attempted PepperMediaDeviceManager access outside of the object's lifetime. Vulnerabilidad de uso después de liberación en los plugins Pepper en Google Chrome anterior a 39.0.2171.65 permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no espe... • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html • CWE-399: Resource Management Errors CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7903 – Gentoo Linux Security Advisory 201412-13
https://notcve.org/view.php?id=CVE-2014-7903
19 Nov 2014 — Buffer overflow in OpenJPEG before r2911 in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted JPEG image. Desbordamiento de buffer en OpenJPEG anterior a r2911 en PDFium, usado en Google Chrome anterior a 39.0.2171.65, permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto a través de una imagen JPEG manipulada. Multiple vulnerabilities have been found i... • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •