NotCVE - vendor:"Google" product:"Chrome" version:"

Page 238 of 3367 results (0.016 seconds)

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2014-7902 – Gentoo Linux Security Advisory 201412-13

https://notcve.org/view.php?id=CVE-2014-7902

19 Nov 2014 — Use-after-free vulnerability in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document. Una vulnerabilidad de uso después de liberación en PDFium, usada en Google Chrome anterior 39.0.2171.65, permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto no especificado a través de un documento PDF manipulado. Multiple vulnerabilities have been found in... • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html • CWE-17: DEPRECATED: Code •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2014-7899 – chromium-browser: Address bar spoofing

https://notcve.org/view.php?id=CVE-2014-7899

19 Nov 2014 — Google Chrome before 38.0.2125.101 allows remote attackers to spoof the address bar by placing a blob: substring at the beginning of the URL, followed by the original URI scheme and a long username string. Google Chrome anterior a 38.0.2125.101 permite a atacantes remotos falsificar la barra de direcciones mediante la colocación de un blob, es decir, una subcadena al principio de la dirección URL, seguido por el esquema original URI y una cadena con un largo nombre de usuario. Chromium is an open-source web... • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html • CWE-20: Improper Input Validation CWE-451: User Interface (UI) Misrepresentation of Critical Information •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2014-3201

https://notcve.org/view.php?id=CVE-2014-3201

10 Oct 2014 — core/rendering/compositing/RenderLayerCompositor.cpp in Blink, as used in Google Chrome before 38.0.2125.102 on Android, does not properly handle a certain IFRAME overflow condition, which allows remote attackers to spoof content via a crafted web site that interferes with the scrollbar. core/rendering/compositing/RenderLayerCompositor.cpp en Blink, utilizado en Google Chrome anterior a 38.0.2125.102 en Android, no maneja debidamente cierta condición de desbordamiento de IFRAME, lo que permite a atacantes r... • http://googlechromereleases.blogspot.com/2014/10/chrome-for-android-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 1%CPEs: 5EXPL: 0

CVE-2014-3200 – chromium: multiple unspecified issues fixed in Chrome 38.0.2125.101

https://notcve.org/view.php?id=CVE-2014-3200

08 Oct 2014 — Multiple unspecified vulnerabilities in Google Chrome before 38.0.2125.101 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificados en Google Chrome anterior a 38.0.2125.101 permiten a atacantes causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores desconocidos. Multiple use-after-free issues were discovered in Blink. If a user were tricked in to opening a specially crafted w... • http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2014-7967 – Ubuntu Security Notice USN-2345-1

https://notcve.org/view.php?id=CVE-2014-7967

08 Oct 2014 — Multiple unspecified vulnerabilities in Google V8 before 3.28.71.15, as used in Google Chrome before 38.0.2125.101, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google V8 anterior a 3.28.71.15, utilizado en Google Chrome anterior a 38.0.2125.101, permiten a atacantes causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores desconocidos. Multiple use-after-free iss... • http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html •

CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0

CVE-2014-3193 – chromium: multiple security fixes in Chrome 38.0.2125.101

https://notcve.org/view.php?id=CVE-2014-3193

08 Oct 2014 — The SessionService::GetLastSession function in browser/sessions/session_service.cc in Google Chrome before 38.0.2125.101 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors that leverage "type confusion" for callback processing. La función SessionService::GetLastSession en browser/sessions/session_service.cc en Google Chrome anterior a 38.0.2125.101 permite a atacantes remotos causar una denegación de servicio (uso después de liberación... • http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html • CWE-416: Use After Free •

CVSS: 6.8EPSS: 0%CPEs: 55EXPL: 0

CVE-2014-3187

https://notcve.org/view.php?id=CVE-2014-3187

08 Oct 2014 — Google Chrome before 37.0.2062.60 and 38.x before 38.0.2125.59 on iOS does not properly restrict processing of (1) facetime:// and (2) facetime-audio:// URLs, which allows remote attackers to obtain video and audio data from a device via a crafted web site. Google Chrome anterior a 37.0.2062.60 y 38.x anterior a 38.0.2125.59 en iOS no restringe debidamente el procesamiento de las URLs (1) facetime:// y (2) facetime-audio://, lo que permite a atacantes remotos obtener datos de vídeo y audio de un dispositivo... • http://googlechromereleases.blogspot.com/2014/10/chrome-for-ios-update.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0

CVE-2014-3191 – chromium: multiple security fixes in Chrome 38.0.2125.101

https://notcve.org/view.php?id=CVE-2014-3191

08 Oct 2014 — Use-after-free vulnerability in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers a widget-position update that improperly interacts with the render tree, related to the FrameView::updateLayoutAndStyleForPainting function in core/frame/FrameView.cpp and the RenderLayerScrollableArea::setScrollOffset function in core/rendering/RenderLayerScrollableArea.cpp. Vulnerabilid... • http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html • CWE-416: Use After Free •

CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0

CVE-2014-3197 – chromium: information leak in XSS Auditor fixed in Chrome 38.0.2125.101

https://notcve.org/view.php?id=CVE-2014-3197

08 Oct 2014 — The NavigationScheduler::schedulePageBlock function in core/loader/NavigationScheduler.cpp in Blink, as used in Google Chrome before 38.0.2125.101, does not properly provide substitute data for pages blocked by the XSS auditor, which allows remote attackers to obtain sensitive information via a crafted web site. La función NavigationScheduler::schedulePageBlock en core/loader/NavigationScheduler.cpp en Blink, utilizado en Google Chrome anterior a 38.0.2125.101, no proporciona debidamente los datos de sustit... • http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0

CVE-2014-3194 – chromium: use-after-free issue in Web Workers fixed in Chrome 38.0.2125.101

https://notcve.org/view.php?id=CVE-2014-3194

08 Oct 2014 — Use-after-free vulnerability in the Web Workers implementation in Google Chrome before 38.0.2125.101 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Vulnerabilidad de uso después de liberación en la implementación Web Workers en Google Chrome anterior a 38.0.2125.101 permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores desconocidos. Multiple use-after-free issue... • http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html • CWE-416: Use After Free •

1...236 237 238 239 240