CVSS: 7.5EPSS: 0%CPEs: 52EXPL: 0CVE-2013-2905
https://notcve.org/view.php?id=CVE-2013-2905
21 Aug 2013 — The SharedMemory::Create function in memory/shared_memory_posix.cc in Google Chrome before 29.0.1547.57 uses weak permissions under /dev/shm/, which allows attackers to obtain sensitive information via direct access to a POSIX shared-memory file. La función SharedMemory::Create en memory/shared_memory_posix.cc en Google Chrome anterior a v29.0.1547.57 utiliza permisos débiles en /dev/shm/, lo que permite a atacantes obtener información sensible a través de un acceso directo a un fichero POSIX de memoria com... • http://crbug.com/254159 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 1%CPEs: 52EXPL: 0CVE-2013-2902
https://notcve.org/view.php?id=CVE-2013-2902
21 Aug 2013 — Use-after-free vulnerability in the XSLT ProcessingInstruction implementation in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to an applyXSLTransform call involving (1) an HTML document or (2) an xsl:processing-instruction element that is still in the process of loading. Vulnerabilidad de uso después de liberación en la implementación XSLT ProcessingInstruction en Blink, como es utiliza... • http://crbug.com/260105 • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 1%CPEs: 52EXPL: 0CVE-2013-2903
https://notcve.org/view.php?id=CVE-2013-2903
21 Aug 2013 — Use-after-free vulnerability in the HTMLMediaElement::didMoveToNewDocument function in core/html/HTMLMediaElement.cpp in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving moving a (1) AUDIO or (2) VIDEO element between documents. Vulnerabilidad de uso después de liberación en la función HTMLMediaElement::didMoveToNewDocument en core/html/HTMLMediaElement.cpp en Blink, como es usado en Goog... • http://crbug.com/260156 • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 1%CPEs: 52EXPL: 0CVE-2013-2904
https://notcve.org/view.php?id=CVE-2013-2904
21 Aug 2013 — Use-after-free vulnerability in the Document::finishedParsing function in core/dom/Document.cpp in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via an onload event that changes an IFRAME element so that its src attribute is no longer an XML document, leading to unintended garbage collection of this document. Vulnerabilidad de uso después de liberación en la función Document::finishedParsing en core/dom/Doc... • http://crbug.com/260428 • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 0%CPEs: 70EXPL: 0CVE-2013-2881
https://notcve.org/view.php?id=CVE-2013-2881
30 Jul 2013 — Google Chrome before 28.0.1500.95 does not properly handle frames, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. Google Chrome anterior a 28.0.1500.95, no maneja adecuadamente frames, lo que permite a atacantes remotos evitar la Same Origyn Policy a través de un sitio web manipulado. • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update_30.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 1%CPEs: 70EXPL: 0CVE-2013-2884
https://notcve.org/view.php?id=CVE-2013-2884
30 Jul 2013 — Use-after-free vulnerability in the DOM implementation in Google Chrome before 28.0.1500.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to improper tracking of which document owns an Attr object. Vulnerabilidad de uso después de liberación en la implementación DOM en Google Chrome anterior a 28.0.1500.95, permite a atacantes remotos provocar una denegación de servicio y causar otro tipo de impacto a través de vectores relacionado con un ... • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update_30.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 2%CPEs: 70EXPL: 0CVE-2013-2885
https://notcve.org/view.php?id=CVE-2013-2885
30 Jul 2013 — Use-after-free vulnerability in Google Chrome before 28.0.1500.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to not properly considering focus during the processing of JavaScript events in the presence of a multiple-fields input type. Vulnerabilidad de uso después de liberación en Google Chrome anterior a 28.0.1500.95, permite a atacantes remotos provocar una denegación de servicio o posiblemente causar otro impacto a través de vectores... • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update_30.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 0%CPEs: 70EXPL: 0CVE-2013-2886
https://notcve.org/view.php?id=CVE-2013-2886
30 Jul 2013 — Multiple unspecified vulnerabilities in Google Chrome before 28.0.1500.95 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades sin especificar en Google Chrome anterior a 28.0.1500.95 permite a atacantes provocar una denegación de servicio o posiblemente tener otro impacto a través de vectores no especificados. • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update_30.html •
CVSS: 9.8EPSS: 1%CPEs: 72EXPL: 0CVE-2013-2882 – v8: remote DoS or unspecified other impact via type confusion
https://notcve.org/view.php?id=CVE-2013-2882
30 Jul 2013 — Google V8, as used in Google Chrome before 28.0.1500.95, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion." Google V8, usado en Google Chrome anterior a 28.0.1500.95, permite a atacantes remotos provocar una denegación de servicio y causar otro tipo de impacto a través de vectores que aprovechan "la confusión de tipos". • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update_30.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.8EPSS: 1%CPEs: 70EXPL: 0CVE-2013-2883
https://notcve.org/view.php?id=CVE-2013-2883
30 Jul 2013 — Use-after-free vulnerability in Google Chrome before 28.0.1500.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to deleting the registration of a MutationObserver object. Vulnerabilidad de uso después de liberación en Google Chrome anterior a 28.0.1500.95, permite a atacantes remotos provocar una denegación de servicio y causar otro tipo de impacto a través de vectores relacionados con la eliminación del registro de un objeto MutationObser... • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update_30.html • CWE-399: Resource Management Errors •