CVSS: 8.8EPSS: 1%CPEs: 59EXPL: 0CVE-2013-2906 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-2906
02 Oct 2013 — Multiple race conditions in the Web Audio implementation in Blink, as used in Google Chrome before 30.0.1599.66, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to threading in core/html/HTMLMediaElement.cpp, core/platform/audio/AudioDSPKernelProcessor.cpp, core/platform/audio/HRTFElevation.cpp, and modules/webaudio/ConvolverNode.cpp. Condiciones de carrera múltiple en la implementación Web Audio en Blink, tal como se utiliza en Google Chrome... • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.8EPSS: 1%CPEs: 64EXPL: 0CVE-2013-2919 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-2919
02 Oct 2013 — Google V8, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. Google V8, tal como se utiliza en Google Chrome anterior a la versión 30.0.1599.66, permite a atacantes remotos causar una denegación de servicio (corrupción de memoria) o posiblemente tener otro impacto sin especificar a través de vectores desconocidos. Multiple vulnerabilities have been reported in Chromium and V8, ... • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 1%CPEs: 59EXPL: 0CVE-2013-2917 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-2917
02 Oct 2013 — The ReverbConvolverStage::ReverbConvolverStage function in core/platform/audio/ReverbConvolverStage.cpp in the Web Audio implementation in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the impulseResponse array. La función ReverbConvolverStage::ReverbConvolverStage en core/platform/audio/ReverbConvolverStage.cpp en la implementación Web Audio en Blink, tal como se utiliza en Google Chrome anterior a la ve... • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 59EXPL: 0CVE-2013-2910 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-2910
02 Oct 2013 — Use-after-free vulnerability in modules/webaudio/AudioScheduledSourceNode.cpp in the Web Audio implementation in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Vulnerabilidad de uso después de liberación en modules/webaudio/AudioScheduledSourceNode.cpp en la implementación Web Audio en Blink, tal como se utiliza en Google Chrome anterior a la versión 30.0.1599.66, permite a atacantes rem... • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 52EXPL: 0CVE-2013-2905 – Debian Security Advisory 2741-1
https://notcve.org/view.php?id=CVE-2013-2905
21 Aug 2013 — The SharedMemory::Create function in memory/shared_memory_posix.cc in Google Chrome before 29.0.1547.57 uses weak permissions under /dev/shm/, which allows attackers to obtain sensitive information via direct access to a POSIX shared-memory file. La función SharedMemory::Create en memory/shared_memory_posix.cc en Google Chrome anterior a v29.0.1547.57 utiliza permisos débiles en /dev/shm/, lo que permite a atacantes obtener información sensible a través de un acceso directo a un fichero POSIX de memoria com... • http://crbug.com/254159 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 1%CPEs: 52EXPL: 0CVE-2013-2902 – Debian Security Advisory 2741-1
https://notcve.org/view.php?id=CVE-2013-2902
21 Aug 2013 — Use-after-free vulnerability in the XSLT ProcessingInstruction implementation in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to an applyXSLTransform call involving (1) an HTML document or (2) an xsl:processing-instruction element that is still in the process of loading. Vulnerabilidad de uso después de liberación en la implementación XSLT ProcessingInstruction en Blink, como es utiliza... • http://crbug.com/260105 • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 1%CPEs: 52EXPL: 0CVE-2013-2901 – Debian Security Advisory 2741-1
https://notcve.org/view.php?id=CVE-2013-2901
21 Aug 2013 — Multiple integer overflows in (1) libGLESv2/renderer/Renderer9.cpp and (2) libGLESv2/renderer/Renderer11.cpp in Almost Native Graphics Layer Engine (ANGLE), as used in Google Chrome before 29.0.1547.57, allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Múltiples desbordamientos de enteros en (1) libGLESv2/renderer/Renderer9.cpp y (2) libGLESv2/renderer/Renderer11.cpp ien Almost Native Graphics Layer Engine (ANGLE), como es usado en Google Chro... • http://code.google.com/p/angleproject/issues/detail?id=444 • CWE-189: Numeric Errors •
CVSS: 8.1EPSS: 1%CPEs: 53EXPL: 0CVE-2013-2900 – Debian Security Advisory 2741-1
https://notcve.org/view.php?id=CVE-2013-2900
21 Aug 2013 — The FilePath::ReferencesParent function in files/file_path.cc in Google Chrome before 29.0.1547.57 on Windows does not properly handle pathname components composed entirely of . (dot) and whitespace characters, which allows remote attackers to conduct directory traversal attacks via a crafted directory name. La funcion FilePath::ReferencesParent en files/file_path.cc en Google Chrome anterior a v29.0.1547.57 en Windows no maneja adecuadamente las rutas de los componentes compuestos en su totalidad de. (punt... • http://crbug.com/181617 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.8EPSS: 1%CPEs: 52EXPL: 0CVE-2013-2904 – Debian Security Advisory 2741-1
https://notcve.org/view.php?id=CVE-2013-2904
21 Aug 2013 — Use-after-free vulnerability in the Document::finishedParsing function in core/dom/Document.cpp in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via an onload event that changes an IFRAME element so that its src attribute is no longer an XML document, leading to unintended garbage collection of this document. Vulnerabilidad de uso después de liberación en la función Document::finishedParsing en core/dom/Doc... • http://crbug.com/260428 • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 0%CPEs: 51EXPL: 0CVE-2013-2887 – Debian Security Advisory 2741-1
https://notcve.org/view.php?id=CVE-2013-2887
21 Aug 2013 — Multiple unspecified vulnerabilities in Google Chrome before 29.0.1547.57 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome anterior a v29.0.1547.57 permite a atacantes provocar una denegación de servicio o posiblemente tener otro impacto a través de vectores no especificados. Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions l... • http://crbug.com/116128 •