CVSS: 6.5EPSS: 2%CPEs: 59EXPL: 0CVE-2013-2920 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-2920
02 Oct 2013 — The DoResolveRelativeHost function in url/url_canon_relative.cc in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service (out-of-bounds read) via a relative URL containing a hostname, as demonstrated by a protocol-relative URL beginning with a //www.google.com/ substring. La función DoResolveRelativeHost en url/url_canon_relative.cc en Google Chrome anteriores a 30.0.1599.66 permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango) a través de un... • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 59EXPL: 0CVE-2013-2916 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-2916
02 Oct 2013 — Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to spoof the address bar via vectors involving a response with a 204 (aka No Content) status code, in conjunction with a delay in notifying the user of an attempted spoof. Blink, tal como se utiliza en Google Chrome anterior a la versión 30.0.1599.66, permite a atacantes remotos falsificar la barra de direcciones a través de vectores que involucren una respuesta con un código de estado 204, en conjunción con un retraso en la notifi... • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html •
CVSS: 9.8EPSS: 1%CPEs: 59EXPL: 0CVE-2013-2909 – Apple Security Advisory 2013-12-16-1
https://notcve.org/view.php?id=CVE-2013-2909
02 Oct 2013 — Use-after-free vulnerability in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to inline-block rendering for bidirectional Unicode text in an element isolated from its siblings. Vulnerabilidad de uso después de liberación en Blink, tal como se utiliza en Google Chrome anterior a la versión 30.0.1599.66, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otr... • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 1%CPEs: 59EXPL: 0CVE-2013-2907 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-2907
02 Oct 2013 — The Window.prototype object implementation in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. La implementación del objeto Window.prototype en Google Chrome anterior a 30.0.1599.66 permite a atacantes remotos causar una denegación de servicio (lectura fuera de límites) a través de vectores sin especificar. Multiple vulnerabilities have been reported in Chromium and V8, worst of which may allow execution of arbitrary code. V... • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 52EXPL: 0CVE-2013-2902 – Debian Security Advisory 2741-1
https://notcve.org/view.php?id=CVE-2013-2902
21 Aug 2013 — Use-after-free vulnerability in the XSLT ProcessingInstruction implementation in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to an applyXSLTransform call involving (1) an HTML document or (2) an xsl:processing-instruction element that is still in the process of loading. Vulnerabilidad de uso después de liberación en la implementación XSLT ProcessingInstruction en Blink, como es utiliza... • http://crbug.com/260105 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 52EXPL: 0CVE-2013-2905 – Debian Security Advisory 2741-1
https://notcve.org/view.php?id=CVE-2013-2905
21 Aug 2013 — The SharedMemory::Create function in memory/shared_memory_posix.cc in Google Chrome before 29.0.1547.57 uses weak permissions under /dev/shm/, which allows attackers to obtain sensitive information via direct access to a POSIX shared-memory file. La función SharedMemory::Create en memory/shared_memory_posix.cc en Google Chrome anterior a v29.0.1547.57 utiliza permisos débiles en /dev/shm/, lo que permite a atacantes obtener información sensible a través de un acceso directo a un fichero POSIX de memoria com... • http://crbug.com/254159 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.1EPSS: 1%CPEs: 53EXPL: 0CVE-2013-2900 – Debian Security Advisory 2741-1
https://notcve.org/view.php?id=CVE-2013-2900
21 Aug 2013 — The FilePath::ReferencesParent function in files/file_path.cc in Google Chrome before 29.0.1547.57 on Windows does not properly handle pathname components composed entirely of . (dot) and whitespace characters, which allows remote attackers to conduct directory traversal attacks via a crafted directory name. La funcion FilePath::ReferencesParent en files/file_path.cc en Google Chrome anterior a v29.0.1547.57 en Windows no maneja adecuadamente las rutas de los componentes compuestos en su totalidad de. (punt... • http://crbug.com/181617 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.8EPSS: 1%CPEs: 52EXPL: 0CVE-2013-2904 – Debian Security Advisory 2741-1
https://notcve.org/view.php?id=CVE-2013-2904
21 Aug 2013 — Use-after-free vulnerability in the Document::finishedParsing function in core/dom/Document.cpp in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via an onload event that changes an IFRAME element so that its src attribute is no longer an XML document, leading to unintended garbage collection of this document. Vulnerabilidad de uso después de liberación en la función Document::finishedParsing en core/dom/Doc... • http://crbug.com/260428 • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 0%CPEs: 51EXPL: 0CVE-2013-2887 – Debian Security Advisory 2741-1
https://notcve.org/view.php?id=CVE-2013-2887
21 Aug 2013 — Multiple unspecified vulnerabilities in Google Chrome before 29.0.1547.57 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome anterior a v29.0.1547.57 permite a atacantes provocar una denegación de servicio o posiblemente tener otro impacto a través de vectores no especificados. Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions l... • http://crbug.com/116128 •
CVSS: 8.8EPSS: 1%CPEs: 52EXPL: 0CVE-2013-2903 – Debian Security Advisory 2741-1
https://notcve.org/view.php?id=CVE-2013-2903
21 Aug 2013 — Use-after-free vulnerability in the HTMLMediaElement::didMoveToNewDocument function in core/html/HTMLMediaElement.cpp in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving moving a (1) AUDIO or (2) VIDEO element between documents. Vulnerabilidad de uso después de liberación en la función HTMLMediaElement::didMoveToNewDocument en core/html/HTMLMediaElement.cpp en Blink, como es usado en Goog... • http://crbug.com/260156 • CWE-399: Resource Management Errors •