CVSS: 9.8EPSS: 1%CPEs: 93EXPL: 0CVE-2014-1741
https://notcve.org/view.php?id=CVE-2014-1741
14 May 2014 — Multiple integer overflows in the replace-data functionality in the CharacterData interface implementation in core/dom/CharacterData.cpp in Blink, as used in Google Chrome before 34.0.1847.137, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to ranges. Múltiples desbordamientos de enteros en la funcionalidad replace-data en la implemenatción de interfaz CharacterData en core/dom/CharacterData.cpp en Blink, utilizado en Google Chrome anterior ... • http://googlechromereleases.blogspot.com/2014/05/stable-channel-update.html • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 1%CPEs: 93EXPL: 0CVE-2014-1742
https://notcve.org/view.php?id=CVE-2014-1742
14 May 2014 — Use-after-free vulnerability in the FrameSelection::updateAppearance function in core/editing/FrameSelection.cpp in Blink, as used in Google Chrome before 34.0.1847.137, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper RenderObject handling. Vulnerabilidad de uso después de liberación en la función FrameSelection::updateAppearance en core/editing/FrameSelection.cpp en Blink, utilizado en Google Chrome anterior a 34.0.1847.137, permite a at... • http://googlechromereleases.blogspot.com/2014/05/stable-channel-update.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 3%CPEs: 5EXPL: 0CVE-2014-1736 – Google Chrome ImageData Signedness Error Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-1736
06 May 2014 — Integer overflow in api.cc in Google V8, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large length value. Desbordamiento de enteros en api.cc en Google V8, utilizado en Google Chrome anterior a 34.0.1847.131 en Windows y OS X y anteriores 34.0.1847.132 en Linux, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impa... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2014-1730
https://notcve.org/view.php?id=CVE-2014-1730
26 Apr 2014 — Google V8, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly store internationalization metadata, which allows remote attackers to bypass intended access restrictions by leveraging "type confusion" and reading property values, related to i18n.js and runtime.cc. Google V8, utilizado en Google Chrome anterior a 34.0.1847.131 en Windows y OS X y anterior a 34.0.1847.132 en Linux, no almacena debidamente metadatos de internacionalización, lo q... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 2%CPEs: 5EXPL: 0CVE-2014-1731
https://notcve.org/view.php?id=CVE-2014-1731
26 Apr 2014 — core/html/HTMLSelectElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly check renderer state upon a focus event, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion" for SELECT elements. core/html/HTMLSelectElement.cpp en la implementación DOM en Blink, utilizado en Google Chrome anterior a 34.0.1847.131 ... • http://archives.neohapsis.com/archives/bugtraq/2014-05/0128.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 1%CPEs: 5EXPL: 0CVE-2014-1732
https://notcve.org/view.php?id=CVE-2014-1732
26 Apr 2014 — Use-after-free vulnerability in browser/ui/views/speech_recognition_bubble_views.cc in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via an INPUT element that triggers the presence of a Speech Recognition Bubble window for an incorrect duration. Vulnerabilidad de uso después de liberación en browser/ui/views/speech_recognition_bubble_views.cc en Google Chrome anterior a 3... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html • CWE-416: Use After Free •
CVSS: 9.8EPSS: 1%CPEs: 5EXPL: 0CVE-2014-1733
https://notcve.org/view.php?id=CVE-2014-1733
26 Apr 2014 — The PointerCompare function in codegen.cc in Seccomp-BPF, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly merge blocks, which might allow remote attackers to bypass intended sandbox restrictions by leveraging renderer access. La función PointerCompare en codegen.cc en Seccomp-BPF, utilizado en Google Chrome anterior a 34.0.1847.131 en Windows y OS X y anterior a 34.0.1847.132 en Linux, no fusiona debidamente bloques, lo que podría permit... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2014-1734
https://notcve.org/view.php?id=CVE-2014-1734
26 Apr 2014 — Multiple unspecified vulnerabilities in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome anterior a 34.0.1847.131 en Windows y OS X y anterior a 34.0.1847.132 en Linux permiten a atacantes causar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2014-1735
https://notcve.org/view.php?id=CVE-2014-1735
26 Apr 2014 — Multiple unspecified vulnerabilities in Google V8 before 3.24.35.33, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google V8 anterior a 3.24.35.33, utilizado en Google Chrome anterior a 34.0.1847.131 en Windows y OS X y anterior a 34.0.1847.132 en Linux, permiten a atacantes causar una denegación de servicio o po... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2014-1716
https://notcve.org/view.php?id=CVE-2014-1716
09 Apr 2014 — Cross-site scripting (XSS) vulnerability in the Runtime_SetPrototype function in runtime.cc in Google V8, as used in Google Chrome before 34.0.1847.116, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)." Vulnerabilidad de XSS en la función Runtime_SetPrototype en runtime.cc en Google V8, utilizado en Google Chrome anterior a 34.0.1847.116, permite a atacantes remotos inyectar script Web o HTML arbitrarios a través de vectores no especificados,... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •