CVSS: 8.1EPSS: 1%CPEs: 53EXPL: 0CVE-2013-2900 – Debian Security Advisory 2741-1
https://notcve.org/view.php?id=CVE-2013-2900
21 Aug 2013 — The FilePath::ReferencesParent function in files/file_path.cc in Google Chrome before 29.0.1547.57 on Windows does not properly handle pathname components composed entirely of . (dot) and whitespace characters, which allows remote attackers to conduct directory traversal attacks via a crafted directory name. La funcion FilePath::ReferencesParent en files/file_path.cc en Google Chrome anterior a v29.0.1547.57 en Windows no maneja adecuadamente las rutas de los componentes compuestos en su totalidad de. (punt... • http://crbug.com/181617 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.8EPSS: 1%CPEs: 52EXPL: 0CVE-2013-2904 – Debian Security Advisory 2741-1
https://notcve.org/view.php?id=CVE-2013-2904
21 Aug 2013 — Use-after-free vulnerability in the Document::finishedParsing function in core/dom/Document.cpp in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via an onload event that changes an IFRAME element so that its src attribute is no longer an XML document, leading to unintended garbage collection of this document. Vulnerabilidad de uso después de liberación en la función Document::finishedParsing en core/dom/Doc... • http://crbug.com/260428 • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 0%CPEs: 51EXPL: 0CVE-2013-2887 – Debian Security Advisory 2741-1
https://notcve.org/view.php?id=CVE-2013-2887
21 Aug 2013 — Multiple unspecified vulnerabilities in Google Chrome before 29.0.1547.57 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome anterior a v29.0.1547.57 permite a atacantes provocar una denegación de servicio o posiblemente tener otro impacto a través de vectores no especificados. Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions l... • http://crbug.com/116128 •
CVSS: 8.8EPSS: 1%CPEs: 52EXPL: 0CVE-2013-2903 – Debian Security Advisory 2741-1
https://notcve.org/view.php?id=CVE-2013-2903
21 Aug 2013 — Use-after-free vulnerability in the HTMLMediaElement::didMoveToNewDocument function in core/html/HTMLMediaElement.cpp in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving moving a (1) AUDIO or (2) VIDEO element between documents. Vulnerabilidad de uso después de liberación en la función HTMLMediaElement::didMoveToNewDocument en core/html/HTMLMediaElement.cpp en Blink, como es usado en Goog... • http://crbug.com/260156 • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 1%CPEs: 70EXPL: 0CVE-2013-2883 – Debian Security Advisory 2732-1
https://notcve.org/view.php?id=CVE-2013-2883
30 Jul 2013 — Use-after-free vulnerability in Google Chrome before 28.0.1500.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to deleting the registration of a MutationObserver object. Vulnerabilidad de uso después de liberación en Google Chrome anterior a 28.0.1500.95, permite a atacantes remotos provocar una denegación de servicio y causar otro tipo de impacto a través de vectores relacionados con la eliminación del registro de un objeto MutationObser... • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update_30.html • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 1%CPEs: 70EXPL: 0CVE-2013-2884 – Debian Security Advisory 2732-1
https://notcve.org/view.php?id=CVE-2013-2884
30 Jul 2013 — Use-after-free vulnerability in the DOM implementation in Google Chrome before 28.0.1500.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to improper tracking of which document owns an Attr object. Vulnerabilidad de uso después de liberación en la implementación DOM en Google Chrome anterior a 28.0.1500.95, permite a atacantes remotos provocar una denegación de servicio y causar otro tipo de impacto a través de vectores relacionado con un ... • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update_30.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 2%CPEs: 70EXPL: 0CVE-2013-2885 – Debian Security Advisory 2732-1
https://notcve.org/view.php?id=CVE-2013-2885
30 Jul 2013 — Use-after-free vulnerability in Google Chrome before 28.0.1500.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to not properly considering focus during the processing of JavaScript events in the presence of a multiple-fields input type. Vulnerabilidad de uso después de liberación en Google Chrome anterior a 28.0.1500.95, permite a atacantes remotos provocar una denegación de servicio o posiblemente causar otro impacto a través de vectores... • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update_30.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 0%CPEs: 70EXPL: 0CVE-2013-2886 – Debian Security Advisory 2732-1
https://notcve.org/view.php?id=CVE-2013-2886
30 Jul 2013 — Multiple unspecified vulnerabilities in Google Chrome before 28.0.1500.95 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades sin especificar en Google Chrome anterior a 28.0.1500.95 permite a atacantes provocar una denegación de servicio o posiblemente tener otro impacto a través de vectores no especificados. Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions les... • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update_30.html •
CVSS: 8.8EPSS: 0%CPEs: 70EXPL: 0CVE-2013-2881 – Debian Security Advisory 2732-1
https://notcve.org/view.php?id=CVE-2013-2881
30 Jul 2013 — Google Chrome before 28.0.1500.95 does not properly handle frames, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. Google Chrome anterior a 28.0.1500.95, no maneja adecuadamente frames, lo que permite a atacantes remotos evitar la Same Origyn Policy a través de un sitio web manipulado. Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions less than 29.0.1457.57 are affected. • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update_30.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 1%CPEs: 72EXPL: 0CVE-2013-2882 – v8: remote DoS or unspecified other impact via type confusion
https://notcve.org/view.php?id=CVE-2013-2882
30 Jul 2013 — Google V8, as used in Google Chrome before 28.0.1500.95, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion." Google V8, usado en Google Chrome anterior a 28.0.1500.95, permite a atacantes remotos provocar una denegación de servicio y causar otro tipo de impacto a través de vectores que aprovechan "la confusión de tipos". V8 is Google's open source JavaScript engine. A type confusion issue was found in the V8 JavaScript en... • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update_30.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •