CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2014-1734
https://notcve.org/view.php?id=CVE-2014-1734
26 Apr 2014 — Multiple unspecified vulnerabilities in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome anterior a 34.0.1847.131 en Windows y OS X y anterior a 34.0.1847.132 en Linux permiten a atacantes causar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2014-1735
https://notcve.org/view.php?id=CVE-2014-1735
26 Apr 2014 — Multiple unspecified vulnerabilities in Google V8 before 3.24.35.33, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google V8 anterior a 3.24.35.33, utilizado en Google Chrome anterior a 34.0.1847.131 en Windows y OS X y anterior a 34.0.1847.132 en Linux, permiten a atacantes causar una denegación de servicio o po... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2014-1716
https://notcve.org/view.php?id=CVE-2014-1716
09 Apr 2014 — Cross-site scripting (XSS) vulnerability in the Runtime_SetPrototype function in runtime.cc in Google V8, as used in Google Chrome before 34.0.1847.116, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)." Vulnerabilidad de XSS en la función Runtime_SetPrototype en runtime.cc en Google V8, utilizado en Google Chrome anterior a 34.0.1847.116, permite a atacantes remotos inyectar script Web o HTML arbitrarios a través de vectores no especificados,... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-1717
https://notcve.org/view.php?id=CVE-2014-1717
09 Apr 2014 — Google V8, as used in Google Chrome before 34.0.1847.116, does not properly use numeric casts during handling of typed arrays, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code. Google V8, utilizado en Google Chrome anterior a 34.0.1847.116, no utiliza debidamente conversiones numéricas durante el manejo de arrays tipo, lo que permite a atacantes remotos causar una denegación de servicio (acceso a arr... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html • CWE-189: Numeric Errors •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-1718
https://notcve.org/view.php?id=CVE-2014-1718
09 Apr 2014 — Integer overflow in the SoftwareFrameManager::SwapToNewFrame function in content/browser/renderer_host/software_frame_manager.cc in the software compositor in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted mapping of a large amount of renderer memory. Desbordamiento de enteros en la función SoftwareFrameManager::SwapToNewFrame en content/browser/renderer_host/software_frame_manager.cc en ... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-1719
https://notcve.org/view.php?id=CVE-2014-1719
09 Apr 2014 — Use-after-free vulnerability in the WebSharedWorkerStub::OnTerminateWorkerContext function in content/worker/websharedworker_stub.cc in the Web Workers implementation in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors that trigger a SharedWorker termination during script loading. Vulnerabilidad de uso después de liberación en la función WebSharedWorkerStub::OnTerminateWorkerContext en conte... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-1720
https://notcve.org/view.php?id=CVE-2014-1720
09 Apr 2014 — Use-after-free vulnerability in the HTMLBodyElement::insertedInto function in core/html/HTMLBodyElement.cpp in Blink, as used in Google Chrome before 34.0.1847.116, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving attributes. Vulnerabilidad de uso después de liberación en la función HTMLBodyElement::insertedInto en core/html/HTMLBodyElement.cpp en Blink, utilizado en Google Chrome anterior a 34.0.1847.116, permite a atacantes remotos causar... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-1721
https://notcve.org/view.php?id=CVE-2014-1721
09 Apr 2014 — Google V8, as used in Google Chrome before 34.0.1847.116, does not properly implement lazy deoptimization, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code, as demonstrated by improper handling of a heap allocation of a number outside the Small Integer (aka smi) range. Google V8, utilizado en Google Chrome anterior a 34.0.1847.116, no implementa debidamente la recomposición perezosa (lazy deoptimization), lo ... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-1722
https://notcve.org/view.php?id=CVE-2014-1722
09 Apr 2014 — Use-after-free vulnerability in the RenderBlock::addChildIgnoringAnonymousColumnBlocks function in core/rendering/RenderBlock.cpp in Blink, as used in Google Chrome before 34.0.1847.116, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving addition of a child node. Vulnerabilidad de uso después de liberación en la función RenderBlock::addChildIgnoringAnonymousColumnBlocks en core/rendering/RenderBlock.cpp en Blink, utilizado en Google Chrome an... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2014-1723
https://notcve.org/view.php?id=CVE-2014-1723
09 Apr 2014 — The UnescapeURLWithOffsetsImpl function in net/base/escape.cc in Google Chrome before 34.0.1847.116 does not properly handle bidirectional Internationalized Resource Identifiers (IRIs), which makes it easier for remote attackers to spoof URLs via crafted use of right-to-left (RTL) Unicode text. La función UnescapeURLWithOffsetsImpl en net/base/escape.cc en Google Chrome anterior a 34.0.1847.116 no maneja debidamente los Internationalized Resource Identifiers (IRIs) bidireccionales, lo que facilita a atacant... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html • CWE-20: Improper Input Validation •