CVSS: 8.8EPSS: 0%CPEs: 120EXPL: 0CVE-2014-3167 – Ubuntu Security Notice USN-2320-1
https://notcve.org/view.php?id=CVE-2014-3167
13 Aug 2014 — Multiple unspecified vulnerabilities in Google Chrome before 36.0.1985.143 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome anterior a 36.0.1985.143 permiten a atacantes causar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. A use-after-free was discovered in the websockets implementation in Blink. If a user were tricked in to opening a specially crafted... • http://googlechromereleases.blogspot.com/2014/08/stable-channel-update.html •
CVSS: 7.8EPSS: 1%CPEs: 105EXPL: 0CVE-2014-3160 – Ubuntu Security Notice USN-2298-1
https://notcve.org/view.php?id=CVE-2014-3160
20 Jul 2014 — The ResourceFetcher::canRequest function in core/fetch/ResourceFetcher.cpp in Blink, as used in Google Chrome before 36.0.1985.125, does not properly restrict subresource requests associated with SVG files, which allows remote attackers to bypass the Same Origin Policy via a crafted file. La función ResourceFetcher::canRequest en core/fetch/ResourceFetcher.cpp en Blink, utilizado en Google Chrome anterior a 36.0.1985.125, no restringe debidamente las solicitudes de subrecursos asociados con ficheros SVG, lo... • http://googlechromereleases.blogspot.com/2014/07/stable-channel-update.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 0%CPEs: 101EXPL: 0CVE-2014-3161
https://notcve.org/view.php?id=CVE-2014-3161
20 Jul 2014 — The WebMediaPlayerAndroid::load function in content/renderer/media/android/webmediaplayer_android.cc in Google Chrome before 36.0.1985.122 on Android does not properly interact with redirects, which allows remote attackers to bypass the Same Origin Policy via a crafted web site that hosts a video stream. La función WebMediaPlayerAndroid::load en content/renderer/media/android/webmediaplayer_android.cc en Google Chrome anterior a 36.0.1985.122 en Android no interactúa debidamente con las redirecciones, lo qu... • http://googlechromereleases.blogspot.com/2014/07/chrome-for-android-update.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.5EPSS: 0%CPEs: 101EXPL: 0CVE-2014-3159
https://notcve.org/view.php?id=CVE-2014-3159
20 Jul 2014 — The WebContentsDelegateAndroid::OpenURLFromTab function in components/web_contents_delegate_android/web_contents_delegate_android.cc in Google Chrome before 36.0.1985.122 on Android does not properly restrict URL loading, which allows remote attackers to spoof the URL in the Omnibox via unspecified vectors. La función WebContentsDelegateAndroid::OpenURLFromTab en components/web_contents_delegate_android/web_contents_delegate_android.cc en Google Chrome anterior a 36.0.1985.122 en Android no restringe debida... • http://googlechromereleases.blogspot.com/2014/07/chrome-for-android-update.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 105EXPL: 0CVE-2014-3162 – Ubuntu Security Notice USN-2298-1
https://notcve.org/view.php?id=CVE-2014-3162
20 Jul 2014 — Multiple unspecified vulnerabilities in Google Chrome before 36.0.1985.125 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome anterior a 36.0.1985.125 permiten a atacantes causar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. A type confusion bug was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could pote... • http://googlechromereleases.blogspot.com/2014/07/stable-channel-update.html •
CVSS: 7.8EPSS: 3%CPEs: 104EXPL: 0CVE-2014-3155 – Debian Security Advisory 2959-1
https://notcve.org/view.php?id=CVE-2014-3155
11 Jun 2014 — net/spdy/spdy_write_queue.cc in the SPDY implementation in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service (out-of-bounds read) by leveraging incorrect queue maintenance. net/spdy/spdy_write_queue.cc en la implementación SPDY en Google Chrome anterior a 35.0.1916.153 permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango) mediante el aprovechamiento del mantenimiento incorrecto de colas. A type confusion bug was discovered in V8. If a us... • http://googlechromereleases.blogspot.com/2014/06/stable-channel-update.html •
CVSS: 8.8EPSS: 1%CPEs: 104EXPL: 0CVE-2014-3157 – Debian Security Advisory 2959-1
https://notcve.org/view.php?id=CVE-2014-3157
11 Jun 2014 — Heap-based buffer overflow in the FFmpegVideoDecoder::GetVideoBuffer function in media/filters/ffmpeg_video_decoder.cc in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging VideoFrame data structures that are too small for proper interaction with an underlying FFmpeg library. Desbordamiento de buffer basado en memoria dinámica en la función FFmpegVideoDecoder::GetVideoBuffer en media/filters/ffmpeg_video_decoder.cc ... • http://googlechromereleases.blogspot.com/2014/06/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 104EXPL: 0CVE-2014-3156 – Debian Security Advisory 2959-1
https://notcve.org/view.php?id=CVE-2014-3156
11 Jun 2014 — Buffer overflow in the clipboard implementation in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger unexpected bitmap data, related to content/renderer/renderer_clipboard_client.cc and content/renderer/webclipboard_impl.cc. Desbordamiento de buffer en la implementación de portapapeles en Google Chrome anterior a 35.0.1916.153 permite a atacantes remotos causar una denegación de servicio o posiblemente t... • http://googlechromereleases.blogspot.com/2014/06/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 1%CPEs: 104EXPL: 0CVE-2014-3154 – Debian Security Advisory 2959-1
https://notcve.org/view.php?id=CVE-2014-3154
11 Jun 2014 — Use-after-free vulnerability in the ChildThread::Shutdown function in content/child/child_thread.cc in the filesystem API in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to a Blink shutdown. Vulnerabilidad de uso después de liberación en la función ChildThread::Shutdown en content/child/child_thread.cc en la API del sistema de archivos en Google Chrome anterior a 35.0.1916.153 permite a atacantes remotos... • http://googlechromereleases.blogspot.com/2014/06/stable-channel-update.html •
CVSS: 8.8EPSS: 1%CPEs: 80EXPL: 0CVE-2014-1743 – Ubuntu Security Notice USN-2298-1
https://notcve.org/view.php?id=CVE-2014-1743
21 May 2014 — Use-after-free vulnerability in the StyleElement::removedFromDocument function in core/dom/StyleElement.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code that triggers tree mutation. Vulnerabilidad de uso después de liberación en la función StyleElement::removedFromDocument en core/dom/StyleElement.cpp en Blink, utilizado en Google Chrome anterior a 35.0.1... • http://googlechromereleases.blogspot.com/2014/05/stable-channel-update_20.html • CWE-399: Resource Management Errors •