CVSS: 7.8EPSS: 1%CPEs: 89EXPL: 0CVE-2014-3178 – Gentoo Linux Security Advisory 201409-06
https://notcve.org/view.php?id=CVE-2014-3178
10 Sep 2014 — Use-after-free vulnerability in core/dom/Node.cpp in Blink, as used in Google Chrome before 37.0.2062.120, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of render-tree inconsistencies. Vulnerabilidad de uso después de liberación en core/dom/Node.cpp en Blink, utilizado en Google Chrome anterior a 37.0.2062.120, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado median... • http://googlechromereleases.blogspot.com/2014/09/stable-channel-update_9.html •
CVSS: 9.1EPSS: 0%CPEs: 82EXPL: 0CVE-2014-3172 – Debian Security Advisory 3039-1
https://notcve.org/view.php?id=CVE-2014-3172
27 Aug 2014 — The Debugger extension API in browser/extensions/api/debugger/debugger_api.cc in Google Chrome before 37.0.2062.94 does not validate a tab's URL before an attach operation, which allows remote attackers to bypass intended access limitations via an extension that uses a restricted URL, as demonstrated by a chrome:// URL. La Api de extensión Debugger en browser/extensions/api/debugger/debugger_api.cc en Google Chrome anterior a 37.0.2062.94 no valida la URL de una pestaña antes de una operación de adjuntar, l... • http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 0%CPEs: 82EXPL: 0CVE-2014-3175 – Debian Security Advisory 3039-1
https://notcve.org/view.php?id=CVE-2014-3175
27 Aug 2014 — Multiple unspecified vulnerabilities in Google Chrome before 37.0.2062.94 allow attackers to cause a denial of service or possibly have other impact via unknown vectors, related to the load_truetype_glyph function in truetype/ttgload.c in FreeType and other functions in other components. Múltiples vulnerabilidades no especificadas en Google Chrome anterior a 37.0.2062.94 permiten a atacantes causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores desconocidos... • http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html •
CVSS: 10.0EPSS: 6%CPEs: 82EXPL: 0CVE-2014-3176 – Debian Security Advisory 3039-1
https://notcve.org/view.php?id=CVE-2014-3176
27 Aug 2014 — Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3177. Google Chrome anterior a 37.0.2062.94 no maneja debidamente la interacción de las extensiones, IPC, la API sync y Google V8, lo que permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados, una vulnerabilidad diferente a CVE-... • http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 6%CPEs: 82EXPL: 0CVE-2014-3177 – Debian Security Advisory 3039-1
https://notcve.org/view.php?id=CVE-2014-3177
27 Aug 2014 — Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3176. Google Chrome anterior a 37.0.2062.94 no maneja debidamente la interacción de las extensiones, IPC, la API sync, y Google V8, lo que permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados, una vulnerabilidad diferente a CVE... • http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 3%CPEs: 85EXPL: 0CVE-2014-3169 – Debian Security Advisory 3039-1
https://notcve.org/view.php?id=CVE-2014-3169
27 Aug 2014 — Use-after-free vulnerability in core/dom/ContainerNode.cpp in the DOM implementation in Blink, as used in Google Chrome before 37.0.2062.94, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging script execution that occurs before notification of node removal. Vulnerabilidad de uso después de liberación en core/dom/ContainerNode.cpp en la implementación DOM en Blink, utilizado en Google Chrome anterior a 37.0.2062.94, permite a atacantes remotos causar ... • http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html •
CVSS: 7.5EPSS: 0%CPEs: 82EXPL: 0CVE-2014-3170 – Debian Security Advisory 3039-1
https://notcve.org/view.php?id=CVE-2014-3170
27 Aug 2014 — extensions/common/url_pattern.cc in Google Chrome before 37.0.2062.94 does not prevent use of a '\0' character in a host name, which allows remote attackers to spoof the extension permission dialog by relying on truncation after this character. extensions/common/url_pattern.cc en Google Chrome anterior a 37.0.2062.94 no previene el uso de un caracter '\0' en un nombre de anfitrión, lo que permite a atacantes remotos falsificar el dialogo del permiso de extensión mediante la dependencia en el truncado despué... • http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 1%CPEs: 82EXPL: 0CVE-2014-3174 – Debian Security Advisory 3039-1
https://notcve.org/view.php?id=CVE-2014-3174
27 Aug 2014 — modules/webaudio/BiquadDSPKernel.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 37.0.2062.94, does not properly consider concurrent threads during attempts to update biquad filter coefficients, which allows remote attackers to cause a denial of service (read of uninitialized memory) via crafted API calls. modules/webaudio/BiquadDSPKernel.cpp en la implementación Web Audio API en Blink, utilizado en Google Chrome anterior a 37.0.2062.94, no considera debidamente los hilos c... • http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 1%CPEs: 82EXPL: 0CVE-2014-3173 – Debian Security Advisory 3039-1
https://notcve.org/view.php?id=CVE-2014-3173
27 Aug 2014 — The WebGL implementation in Google Chrome before 37.0.2062.94 does not ensure that clear calls interact properly with the state of a draw buffer, which allows remote attackers to cause a denial of service (read of uninitialized memory) via a crafted CANVAS element, related to gpu/command_buffer/service/framebuffer_manager.cc and gpu/command_buffer/service/gles2_cmd_decoder.cc. La implementación WebGL en Google Chrome anterior a 37.0.2062.94 no asegura que llamadas claras interactúan debidamente con el estad... • http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 2%CPEs: 85EXPL: 0CVE-2014-3168 – Debian Security Advisory 3039-1
https://notcve.org/view.php?id=CVE-2014-3168
27 Aug 2014 — Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 37.0.2062.94, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper caching associated with animation. Vulnerabilidad de uso después de liberación en la implementación SVG en Blink, utilizado en Google Chrome anterior a 37.0.2062.94, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado media... • http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html •