CVSS: 7.5EPSS: 0%CPEs: 44EXPL: 0CVE-2013-6630 – libjpeg: information leak (read of uninitialized memory)
https://notcve.org/view.php?id=CVE-2013-6630
12 Nov 2013 — The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. La función get_dht en jdmarker.c en libjpeg-turbo hasta la versión 1.3.0, tal y como se usa en Google Chrome ante... • http://advisories.mageia.org/MGASA-2013-0333.html • CWE-189: Numeric Errors CWE-456: Missing Initialization of a Variable •
CVSS: 9.8EPSS: 2%CPEs: 74EXPL: 0CVE-2013-2925 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-2925
16 Oct 2013 — Use-after-free vulnerability in core/xml/XMLHttpRequest.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger multiple conflicting uses of the same XMLHttpRequest object. Vulnerabilidad de uso después de liberación en core/xml/XMLHttpRequest.cpp de Blink, tal como se usa en Google Chrome anterior a la versión 30.0.1599.101, permite a atacantes remotos provocar una denegación de serv... • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update_15.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 2%CPEs: 74EXPL: 0CVE-2013-2926 – Apple Security Advisory 2014-04-01-1
https://notcve.org/view.php?id=CVE-2013-2926
16 Oct 2013 — Use-after-free vulnerability in the IndentOutdentCommand::tryIndentingAsListItem function in core/editing/IndentOutdentCommand.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to list elements. Vulnerabilidad de uso después de liberación en la función IndentOutdentCommand::tryIndentingAsListItem en core/editing/IndentOutdentCommand.cpp de Blink, tal como se usa en Goog... • http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 2%CPEs: 79EXPL: 0CVE-2013-2927 – Apple Security Advisory 2014-06-30-4
https://notcve.org/view.php?id=CVE-2013-2927
16 Oct 2013 — Use-after-free vulnerability in the HTMLFormElement::prepareForSubmission function in core/html/HTMLFormElement.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to submission for FORM elements. Vulnerabilidad de uso después de liberación en la función HTMLFormElement::prepareForSubmission en core/html/HTMLFormElement.cpp de Blink, tal como se usa en Google Chrome anterior a la versi... • http://archives.neohapsis.com/archives/bugtraq/2014-05/0128.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 0%CPEs: 74EXPL: 0CVE-2013-2928 – Apple Security Advisory 2014-04-01-1
https://notcve.org/view.php?id=CVE-2013-2928
16 Oct 2013 — Multiple unspecified vulnerabilities in Google Chrome before 30.0.1599.101 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades sin especificar en Google Chrome anterior a la versión 30.0.1599.101 permite a atacantes provocar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. Multiple vulnerabilities have been reported in Chromium and V8, worst of which may allow execution of arbitrary code. Ve... • http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html •
CVSS: 9.8EPSS: 2%CPEs: 59EXPL: 0CVE-2013-2911 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-2911
02 Oct 2013 — Use-after-free vulnerability in the XSLStyleSheet::compileStyleSheet function in core/xml/XSLStyleSheetLibxslt.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of post-failure recompilation in unspecified libxslt versions. Vulnerabilidad de uso después de liberación en la función XSLStyleSheet::compileStyleSheet en core/xml/XSLStyleSheetLibxslt.cpp en Blink, tal como se u... • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 2%CPEs: 59EXPL: 0CVE-2013-2913 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-2913
02 Oct 2013 — Use-after-free vulnerability in the XMLDocumentParser::append function in core/xml/parser/XMLDocumentParser.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving an XML document. Vulnerabilidad de uso después de liberación en la función XMLDocumentParser::append en core/xml/parser/XMLDocumentParser.cpp en Blink, tal y como se utiliza en Google Chrome anterior a la versión 30.0.1599.66, ... • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 1%CPEs: 59EXPL: 0CVE-2013-2909 – Apple Security Advisory 2013-12-16-1
https://notcve.org/view.php?id=CVE-2013-2909
02 Oct 2013 — Use-after-free vulnerability in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to inline-block rendering for bidirectional Unicode text in an element isolated from its siblings. Vulnerabilidad de uso después de liberación en Blink, tal como se utiliza en Google Chrome anterior a la versión 30.0.1599.66, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otr... • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 1%CPEs: 59EXPL: 0CVE-2013-2907 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-2907
02 Oct 2013 — The Window.prototype object implementation in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. La implementación del objeto Window.prototype en Google Chrome anterior a 30.0.1599.66 permite a atacantes remotos causar una denegación de servicio (lectura fuera de límites) a través de vectores sin especificar. Multiple vulnerabilities have been reported in Chromium and V8, worst of which may allow execution of arbitrary code. V... • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 2%CPEs: 59EXPL: 0CVE-2013-2922 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-2922
02 Oct 2013 — Use-after-free vulnerability in core/html/HTMLTemplateElement.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that operates on a TEMPLATE element. Vulnerabilidad de uso después de liberación en core/html/HTMLTemplateElement.cpp en Blink, tal como se utiliza en Google Chrome anterior a la versión 30.0.1599.66, permite a atacantes remotos causar una denegación de servicio o po... • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html • CWE-399: Resource Management Errors •