CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 0CVE-2014-1732
https://notcve.org/view.php?id=CVE-2014-1732
26 Apr 2014 — Use-after-free vulnerability in browser/ui/views/speech_recognition_bubble_views.cc in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via an INPUT element that triggers the presence of a Speech Recognition Bubble window for an incorrect duration. Vulnerabilidad de uso después de liberación en browser/ui/views/speech_recognition_bubble_views.cc en Google Chrome anterior a 3... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2014-1730
https://notcve.org/view.php?id=CVE-2014-1730
26 Apr 2014 — Google V8, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly store internationalization metadata, which allows remote attackers to bypass intended access restrictions by leveraging "type confusion" and reading property values, related to i18n.js and runtime.cc. Google V8, utilizado en Google Chrome anterior a 34.0.1847.131 en Windows y OS X y anterior a 34.0.1847.132 en Linux, no almacena debidamente metadatos de internacionalización, lo q... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2014-1718
https://notcve.org/view.php?id=CVE-2014-1718
09 Apr 2014 — Integer overflow in the SoftwareFrameManager::SwapToNewFrame function in content/browser/renderer_host/software_frame_manager.cc in the software compositor in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted mapping of a large amount of renderer memory. Desbordamiento de enteros en la función SoftwareFrameManager::SwapToNewFrame en content/browser/renderer_host/software_frame_manager.cc en ... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2014-1724
https://notcve.org/view.php?id=CVE-2014-1724
09 Apr 2014 — Use-after-free vulnerability in Free(b)soft Laboratory Speech Dispatcher 0.7.1, as used in Google Chrome before 34.0.1847.116, allows remote attackers to cause a denial of service (application hang) or possibly have unspecified other impact via a text-to-speech request. Vulnerabilidad de uso después de liberación en Free(b)soft Laboratory Speech Dispatcher 0.7.1, utilizado en Google Chrome anterior a 34.0.1847.116, permite a atacantes remotos causar una denegación de servicio (cuelgue de aplicación) o posib... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html • CWE-399: Resource Management Errors •
CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0CVE-2014-1725
https://notcve.org/view.php?id=CVE-2014-1725
09 Apr 2014 — The base64DecodeInternal function in wtf/text/Base64.cpp in Blink, as used in Google Chrome before 34.0.1847.116, does not properly handle string data composed exclusively of whitespace characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via a window.atob method call. La función base64DecodeInternal en wtf/text/Base64.cpp en Blink, utilizado en Google Chrome anterior a 34.0.1847.116, no maneja debidamente cadenas de datos compuestas exclusivamente de caracteres en bla... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2014-1726
https://notcve.org/view.php?id=CVE-2014-1726
09 Apr 2014 — The drag implementation in Google Chrome before 34.0.1847.116 allows user-assisted remote attackers to bypass the Same Origin Policy and forge local pathnames by leveraging renderer access. La implementación de arrastrar en Google Chrome anterior a 34.0.1847.116 permite a atacantes remotos asistidos por usuario evadir Same Origin Policy y falsificar nombres de ruta locales mediante el aprovechamiento de acceso de renderizador. • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2014-1717
https://notcve.org/view.php?id=CVE-2014-1717
09 Apr 2014 — Google V8, as used in Google Chrome before 34.0.1847.116, does not properly use numeric casts during handling of typed arrays, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code. Google V8, utilizado en Google Chrome anterior a 34.0.1847.116, no utiliza debidamente conversiones numéricas durante el manejo de arrays tipo, lo que permite a atacantes remotos causar una denegación de servicio (acceso a arr... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-1729
https://notcve.org/view.php?id=CVE-2014-1729
09 Apr 2014 — Multiple unspecified vulnerabilities in Google V8 before 3.24.35.22, as used in Google Chrome before 34.0.1847.116, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google V8 anterior a 3.24.35.22, utilizado en Google Chrome anterior a 34.0.1847.116, permiten a atacantes causar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2014-1721
https://notcve.org/view.php?id=CVE-2014-1721
09 Apr 2014 — Google V8, as used in Google Chrome before 34.0.1847.116, does not properly implement lazy deoptimization, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code, as demonstrated by improper handling of a heap allocation of a number outside the Small Integer (aka smi) range. Google V8, utilizado en Google Chrome anterior a 34.0.1847.116, no implementa debidamente la recomposición perezosa (lazy deoptimization), lo ... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2014-1719
https://notcve.org/view.php?id=CVE-2014-1719
09 Apr 2014 — Use-after-free vulnerability in the WebSharedWorkerStub::OnTerminateWorkerContext function in content/worker/websharedworker_stub.cc in the Web Workers implementation in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors that trigger a SharedWorker termination during script loading. Vulnerabilidad de uso después de liberación en la función WebSharedWorkerStub::OnTerminateWorkerContext en conte... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html • CWE-399: Resource Management Errors •