CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-1724
https://notcve.org/view.php?id=CVE-2014-1724
09 Apr 2014 — Use-after-free vulnerability in Free(b)soft Laboratory Speech Dispatcher 0.7.1, as used in Google Chrome before 34.0.1847.116, allows remote attackers to cause a denial of service (application hang) or possibly have unspecified other impact via a text-to-speech request. Vulnerabilidad de uso después de liberación en Free(b)soft Laboratory Speech Dispatcher 0.7.1, utilizado en Google Chrome anterior a 34.0.1847.116, permite a atacantes remotos causar una denegación de servicio (cuelgue de aplicación) o posib... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html • CWE-399: Resource Management Errors •
CVSS: 6.5EPSS: 1%CPEs: 1EXPL: 0CVE-2014-1725
https://notcve.org/view.php?id=CVE-2014-1725
09 Apr 2014 — The base64DecodeInternal function in wtf/text/Base64.cpp in Blink, as used in Google Chrome before 34.0.1847.116, does not properly handle string data composed exclusively of whitespace characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via a window.atob method call. La función base64DecodeInternal en wtf/text/Base64.cpp en Blink, utilizado en Google Chrome anterior a 34.0.1847.116, no maneja debidamente cadenas de datos compuestas exclusivamente de caracteres en bla... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-1726
https://notcve.org/view.php?id=CVE-2014-1726
09 Apr 2014 — The drag implementation in Google Chrome before 34.0.1847.116 allows user-assisted remote attackers to bypass the Same Origin Policy and forge local pathnames by leveraging renderer access. La implementación de arrastrar en Google Chrome anterior a 34.0.1847.116 permite a atacantes remotos asistidos por usuario evadir Same Origin Policy y falsificar nombres de ruta locales mediante el aprovechamiento de acceso de renderizador. • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-1727
https://notcve.org/view.php?id=CVE-2014-1727
09 Apr 2014 — Use-after-free vulnerability in content/renderer/renderer_webcolorchooser_impl.h in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to forms. Vulnerabilidad de uso después de liberación en content/renderer/renderer_webcolorchooser_impl.h en Google Chrome anterior a 34.0.1847.116 permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vector... • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-1728
https://notcve.org/view.php?id=CVE-2014-1728
09 Apr 2014 — Multiple unspecified vulnerabilities in Google Chrome before 34.0.1847.116 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome anterior a 34.0.1847.116 permiten a atacantes causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-1729
https://notcve.org/view.php?id=CVE-2014-1729
09 Apr 2014 — Multiple unspecified vulnerabilities in Google V8 before 3.24.35.22, as used in Google Chrome before 34.0.1847.116, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google V8 anterior a 3.24.35.22, utilizado en Google Chrome anterior a 34.0.1847.116, permiten a atacantes causar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html •
CVSS: 8.8EPSS: 1%CPEs: 107EXPL: 0CVE-2014-1700
https://notcve.org/view.php?id=CVE-2014-1700
16 Mar 2014 — Use-after-free vulnerability in modules/speech/SpeechSynthesis.cpp in Blink, as used in Google Chrome before 33.0.1750.149, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of a certain utterance data structure. Vulnerabilidad de uso después de liberación en modules/speech/SpeechSynthesis.cpp en Blink, utilizado en Google Chrome anterior a 33.0.1750.149, permite a atacantes remotos causar una denegación de servicio o posiblemente ... • http://googlechromereleases.blogspot.com/2014/03/stable-channel-update_11.html • CWE-399: Resource Management Errors •
CVSS: 6.1EPSS: 0%CPEs: 107EXPL: 0CVE-2014-1701
https://notcve.org/view.php?id=CVE-2014-1701
16 Mar 2014 — The GenerateFunction function in bindings/scripts/code_generator_v8.pm in Blink, as used in Google Chrome before 33.0.1750.149, does not implement a certain cross-origin restriction for the EventTarget::dispatchEvent function, which allows remote attackers to conduct Universal XSS (UXSS) attacks via vectors involving events. La función GenerateFunction en bindings/scripts/code_generator_v8.pm en Blink, utilizado en Google Chrome anterior a 33.0.1750.149, no implementa cierta restricción cross-origin para la... • http://googlechromereleases.blogspot.com/2014/03/stable-channel-update_11.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 1%CPEs: 107EXPL: 0CVE-2014-1702
https://notcve.org/view.php?id=CVE-2014-1702
16 Mar 2014 — Use-after-free vulnerability in the DatabaseThread::cleanupDatabaseThread function in modules/webdatabase/DatabaseThread.cpp in the web database implementation in Blink, as used in Google Chrome before 33.0.1750.149, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of scheduled tasks during shutdown of a thread. Vulnerabilidad de uso después de liberación en la función DatabaseThread::cleanupDatabaseThread en modules/webdatabase/D... • http://googlechromereleases.blogspot.com/2014/03/stable-channel-update_11.html • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 1%CPEs: 107EXPL: 0CVE-2014-1703
https://notcve.org/view.php?id=CVE-2014-1703
16 Mar 2014 — Use-after-free vulnerability in the WebSocketDispatcherHost::SendOrDrop function in content/browser/renderer_host/websocket_dispatcher_host.cc in the Web Sockets implementation in Google Chrome before 33.0.1750.149 might allow remote attackers to bypass the sandbox protection mechanism by leveraging an incorrect deletion in a certain failure case. Vulnerabilidad de uso después de liberación en la función WebSocketDispatcherHost::SendOrDrop en content/browser/renderer_host/websocket_dispatcher_host.cc en la ... • http://googlechromereleases.blogspot.com/2014/03/stable-channel-update_11.html • CWE-399: Resource Management Errors •