CVSS: 8.8EPSS: 2%CPEs: 5EXPL: 0CVE-2014-1731 – Apple Security Advisory 2014-06-30-4
https://notcve.org/view.php?id=CVE-2014-1731
26 Apr 2014 — core/html/HTMLSelectElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly check renderer state upon a focus event, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion" for SELECT elements. core/html/HTMLSelectElement.cpp en la implementación DOM en Blink, utilizado en Google Chrome anterior a 34.0.1847.131 ... • http://archives.neohapsis.com/archives/bugtraq/2014-05/0128.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-1719 – Gentoo Linux Security Advisory 201408-16
https://notcve.org/view.php?id=CVE-2014-1719
09 Apr 2014 — Use-after-free vulnerability in the WebSharedWorkerStub::OnTerminateWorkerContext function in content/worker/websharedworker_stub.cc in the Web Workers implementation in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors that trigger a SharedWorker termination during script loading. Vulnerabilidad de uso después de liberación en la función WebSharedWorkerStub::OnTerminateWorkerContext en conte... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-1720 – Gentoo Linux Security Advisory 201408-16
https://notcve.org/view.php?id=CVE-2014-1720
09 Apr 2014 — Use-after-free vulnerability in the HTMLBodyElement::insertedInto function in core/html/HTMLBodyElement.cpp in Blink, as used in Google Chrome before 34.0.1847.116, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving attributes. Vulnerabilidad de uso después de liberación en la función HTMLBodyElement::insertedInto en core/html/HTMLBodyElement.cpp en Blink, utilizado en Google Chrome anterior a 34.0.1847.116, permite a atacantes remotos causar... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-1718 – Gentoo Linux Security Advisory 201408-16
https://notcve.org/view.php?id=CVE-2014-1718
09 Apr 2014 — Integer overflow in the SoftwareFrameManager::SwapToNewFrame function in content/browser/renderer_host/software_frame_manager.cc in the software compositor in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted mapping of a large amount of renderer memory. Desbordamiento de enteros en la función SoftwareFrameManager::SwapToNewFrame en content/browser/renderer_host/software_frame_manager.cc en ... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html • CWE-189: Numeric Errors •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-1724 – Gentoo Linux Security Advisory 201408-16
https://notcve.org/view.php?id=CVE-2014-1724
09 Apr 2014 — Use-after-free vulnerability in Free(b)soft Laboratory Speech Dispatcher 0.7.1, as used in Google Chrome before 34.0.1847.116, allows remote attackers to cause a denial of service (application hang) or possibly have unspecified other impact via a text-to-speech request. Vulnerabilidad de uso después de liberación en Free(b)soft Laboratory Speech Dispatcher 0.7.1, utilizado en Google Chrome anterior a 34.0.1847.116, permite a atacantes remotos causar una denegación de servicio (cuelgue de aplicación) o posib... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html • CWE-399: Resource Management Errors •
CVSS: 6.5EPSS: 1%CPEs: 1EXPL: 0CVE-2014-1725 – Gentoo Linux Security Advisory 201408-16
https://notcve.org/view.php?id=CVE-2014-1725
09 Apr 2014 — The base64DecodeInternal function in wtf/text/Base64.cpp in Blink, as used in Google Chrome before 34.0.1847.116, does not properly handle string data composed exclusively of whitespace characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via a window.atob method call. La función base64DecodeInternal en wtf/text/Base64.cpp en Blink, utilizado en Google Chrome anterior a 34.0.1847.116, no maneja debidamente cadenas de datos compuestas exclusivamente de caracteres en bla... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-1717 – Gentoo Linux Security Advisory 201408-16
https://notcve.org/view.php?id=CVE-2014-1717
09 Apr 2014 — Google V8, as used in Google Chrome before 34.0.1847.116, does not properly use numeric casts during handling of typed arrays, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code. Google V8, utilizado en Google Chrome anterior a 34.0.1847.116, no utiliza debidamente conversiones numéricas durante el manejo de arrays tipo, lo que permite a atacantes remotos causar una denegación de servicio (acceso a arr... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2014-1716 – Gentoo Linux Security Advisory 201408-16
https://notcve.org/view.php?id=CVE-2014-1716
09 Apr 2014 — Cross-site scripting (XSS) vulnerability in the Runtime_SetPrototype function in runtime.cc in Google V8, as used in Google Chrome before 34.0.1847.116, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)." Vulnerabilidad de XSS en la función Runtime_SetPrototype en runtime.cc en Google V8, utilizado en Google Chrome anterior a 34.0.1847.116, permite a atacantes remotos inyectar script Web o HTML arbitrarios a través de vectores no especificados,... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-1722 – Gentoo Linux Security Advisory 201408-16
https://notcve.org/view.php?id=CVE-2014-1722
09 Apr 2014 — Use-after-free vulnerability in the RenderBlock::addChildIgnoringAnonymousColumnBlocks function in core/rendering/RenderBlock.cpp in Blink, as used in Google Chrome before 34.0.1847.116, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving addition of a child node. Vulnerabilidad de uso después de liberación en la función RenderBlock::addChildIgnoringAnonymousColumnBlocks en core/rendering/RenderBlock.cpp en Blink, utilizado en Google Chrome an... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-1726 – Gentoo Linux Security Advisory 201408-16
https://notcve.org/view.php?id=CVE-2014-1726
09 Apr 2014 — The drag implementation in Google Chrome before 34.0.1847.116 allows user-assisted remote attackers to bypass the Same Origin Policy and forge local pathnames by leveraging renderer access. La implementación de arrastrar en Google Chrome anterior a 34.0.1847.116 permite a atacantes remotos asistidos por usuario evadir Same Origin Policy y falsificar nombres de ruta locales mediante el aprovechamiento de acceso de renderizador. Multiple vulnerabilities have been found in Chromium, the worst of which can allo... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html •