CVSS: 9.8EPSS: 6%CPEs: 9EXPL: 0CVE-2014-1705 – Google Chrome V8 Arbitrary Memory Read/Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-1705
16 Mar 2014 — Google V8, as used in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. Google V8, utilizado en Google Chrome anterior a 33.0.1750.152 en OS X y Linux y anterior a 33.0.1750.154 en Windows, permite a atacantes remotos causar una denegación de servicio (corrupción de memoria) o posiblemente tener otro impacto no especificado a través d... • http://googlechromereleases.blogspot.com/2014/03/stable-channel-update-for-chrome-os_14.html • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2014-1715 – Google Chrome Directory Traversal Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2014-1715
16 Mar 2014 — Directory traversal vulnerability in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows has unspecified impact and attack vectors. Vulnerabilidad de salto de directorio en Google Chrome anterior a 33.0.1750.152 en OS X y Linux y anterior a 33.0.1750.154 en Windows tiene vectores de impacto y ataque no especificados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Chrome. User interaction is required to exploit t... • http://googlechromereleases.blogspot.com/2014/03/stable-channel-update_14.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 1%CPEs: 107EXPL: 0CVE-2014-1702 – Gentoo Linux Security Advisory 201408-16
https://notcve.org/view.php?id=CVE-2014-1702
16 Mar 2014 — Use-after-free vulnerability in the DatabaseThread::cleanupDatabaseThread function in modules/webdatabase/DatabaseThread.cpp in the web database implementation in Blink, as used in Google Chrome before 33.0.1750.149, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of scheduled tasks during shutdown of a thread. Vulnerabilidad de uso después de liberación en la función DatabaseThread::cleanupDatabaseThread en modules/webdatabase/D... • http://googlechromereleases.blogspot.com/2014/03/stable-channel-update_11.html • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 1%CPEs: 5EXPL: 0CVE-2014-1714 – Google Chrome Clipboard Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2014-1714
16 Mar 2014 — The ScopedClipboardWriter::WritePickledData function in ui/base/clipboard/scoped_clipboard_writer.cc in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows does not verify a certain format value, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the clipboard. La función ScopedClipboardWriter::WritePickledData en ui/base/clipboard/scoped_clipboard_writer.cc en Google Chrome anterior a 33.0.1750.152... • http://archives.neohapsis.com/archives/bugtraq/2014-03/0143.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 106EXPL: 0CVE-2013-6664 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-6664
05 Mar 2014 — Use-after-free vulnerability in the FormAssociatedElement::formRemovedFromTree function in core/html/FormAssociatedElement.cpp in Blink, as used in Google Chrome before 33.0.1750.146, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving FORM elements, as demonstrated by use of the speech-recognition feature. Vulnerabilidad de uso después de liberación en la función FormAssociatedElement::formRemovedFromTree en core/html/FormAssociatedElement.cp... • http://googlechromereleases.blogspot.com/2014/03/stable-channel-update.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 2%CPEs: 106EXPL: 0CVE-2013-6663 – Apple Security Advisory 2014-09-17-4
https://notcve.org/view.php?id=CVE-2013-6663
05 Mar 2014 — Use-after-free vulnerability in the SVGImage::setContainerSize function in core/svg/graphics/SVGImage.cpp in the SVG implementation in Blink, as used in Google Chrome before 33.0.1750.146, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the resizing of a view. Vulnerabilidad de uso después de liberación en la función SVGImage::setContainerSize en core/svg/graphics/SVGImage.cpp en la implementación SVG en Blink, utilizado en Google Chrome ... • http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html • CWE-399: Resource Management Errors •
CVSS: 8.1EPSS: 0%CPEs: 106EXPL: 0CVE-2013-6666 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-6666
05 Mar 2014 — The PepperFlashRendererHost::OnNavigate function in renderer/pepper/pepper_flash_renderer_host.cc in Google Chrome before 33.0.1750.146 does not verify that all headers are Cross-Origin Resource Sharing (CORS) simple headers before proceeding with a PPB_Flash.Navigate operation, which might allow remote attackers to bypass intended CORS restrictions via an inappropriate header. La función PepperFlashRendererHost::OnNavigate en renderer/pepper/pepper_flash_renderer_host.cc en Google Chrome anterior a 33.0.17... • http://googlechromereleases.blogspot.com/2014/03/stable-channel-update.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 1%CPEs: 145EXPL: 1CVE-2013-6668 – v8: multiple vulnerabilities fixed in Google Chrome version 33.0.1750.146
https://notcve.org/view.php?id=CVE-2013-6668
05 Mar 2014 — Multiple unspecified vulnerabilities in Google V8 before 3.24.35.10, as used in Google Chrome before 33.0.1750.146, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google V8 anterior a 3.24.35.10, utilizado en Google Chrome anterior a 33.0.1750.146, permiten a atacantes causar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. A memory corruption vulnerability, which re... • https://github.com/sdneon/CveTest •
CVSS: 8.8EPSS: 0%CPEs: 106EXPL: 0CVE-2013-6665 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-6665
05 Mar 2014 — Heap-based buffer overflow in the ResourceProvider::InitializeSoftware function in cc/resources/resource_provider.cc in Google Chrome before 33.0.1750.146 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large texture size that triggers improper memory allocation in the software renderer. Desbordamiento de buffer basado en memoria dinámica en la función ResourceProvider::InitializeSoftware en cc/resources/resource_provider.cc en Google Chrome anterior a 33... • http://googlechromereleases.blogspot.com/2014/03/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 106EXPL: 0CVE-2013-6667 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-6667
05 Mar 2014 — Multiple unspecified vulnerabilities in Google Chrome before 33.0.1750.146 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome anterior a 33.0.1750.146 permiten a atacantes causar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. Multiple vulnerabilities have been reported in Chromium and V8, worst of which may allow execution of arbitrary code. Versions less... • http://googlechromereleases.blogspot.com/2014/03/stable-channel-update.html •