CVSS: 9.8EPSS: 2%CPEs: 59EXPL: 0CVE-2013-2912 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-2912
02 Oct 2013 — Use-after-free vulnerability in the PepperInProcessRouter::SendToHost function in content/renderer/pepper/pepper_in_process_router.cc in the Pepper Plug-in API (PPAPI) in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a resource-destruction message. Vulnerabilidad de uso después de liberación en la función PepperInProcessRouter::SendToHost en el Pepper Plug-in API (PPAPI) en Google Chrome anterior a la ve... • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 2%CPEs: 59EXPL: 0CVE-2013-2921 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-2921
02 Oct 2013 — Double free vulnerability in the ResourceFetcher::didLoadResource function in core/fetch/ResourceFetcher.cpp in the resource loader in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering certain callback processing during the reporting of a resource entry. Vulnerabilidad de doble liberación en la función ResourceFetcher::didLoadResource en core/fetch/ResourceFetcher.cpp del cargador de recursos en B... • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 1%CPEs: 59EXPL: 0CVE-2013-2906 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-2906
02 Oct 2013 — Multiple race conditions in the Web Audio implementation in Blink, as used in Google Chrome before 30.0.1599.66, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to threading in core/html/HTMLMediaElement.cpp, core/platform/audio/AudioDSPKernelProcessor.cpp, core/platform/audio/HRTFElevation.cpp, and modules/webaudio/ConvolverNode.cpp. Condiciones de carrera múltiple en la implementación Web Audio en Blink, tal como se utiliza en Google Chrome... • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.8EPSS: 1%CPEs: 64EXPL: 0CVE-2013-2919 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-2919
02 Oct 2013 — Google V8, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. Google V8, tal como se utiliza en Google Chrome anterior a la versión 30.0.1599.66, permite a atacantes remotos causar una denegación de servicio (corrupción de memoria) o posiblemente tener otro impacto sin especificar a través de vectores desconocidos. Multiple vulnerabilities have been reported in Chromium and V8, ... • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 1%CPEs: 59EXPL: 0CVE-2013-2917 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-2917
02 Oct 2013 — The ReverbConvolverStage::ReverbConvolverStage function in core/platform/audio/ReverbConvolverStage.cpp in the Web Audio implementation in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the impulseResponse array. La función ReverbConvolverStage::ReverbConvolverStage en core/platform/audio/ReverbConvolverStage.cpp en la implementación Web Audio en Blink, tal como se utiliza en Google Chrome anterior a la ve... • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 59EXPL: 0CVE-2013-2910 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-2910
02 Oct 2013 — Use-after-free vulnerability in modules/webaudio/AudioScheduledSourceNode.cpp in the Web Audio implementation in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Vulnerabilidad de uso después de liberación en modules/webaudio/AudioScheduledSourceNode.cpp en la implementación Web Audio en Blink, tal como se utiliza en Google Chrome anterior a la versión 30.0.1599.66, permite a atacantes rem... • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 52EXPL: 0CVE-2013-2905 – Debian Security Advisory 2741-1
https://notcve.org/view.php?id=CVE-2013-2905
21 Aug 2013 — The SharedMemory::Create function in memory/shared_memory_posix.cc in Google Chrome before 29.0.1547.57 uses weak permissions under /dev/shm/, which allows attackers to obtain sensitive information via direct access to a POSIX shared-memory file. La función SharedMemory::Create en memory/shared_memory_posix.cc en Google Chrome anterior a v29.0.1547.57 utiliza permisos débiles en /dev/shm/, lo que permite a atacantes obtener información sensible a través de un acceso directo a un fichero POSIX de memoria com... • http://crbug.com/254159 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 1%CPEs: 52EXPL: 0CVE-2013-2902 – Debian Security Advisory 2741-1
https://notcve.org/view.php?id=CVE-2013-2902
21 Aug 2013 — Use-after-free vulnerability in the XSLT ProcessingInstruction implementation in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to an applyXSLTransform call involving (1) an HTML document or (2) an xsl:processing-instruction element that is still in the process of loading. Vulnerabilidad de uso después de liberación en la implementación XSLT ProcessingInstruction en Blink, como es utiliza... • http://crbug.com/260105 • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 1%CPEs: 52EXPL: 0CVE-2013-2901 – Debian Security Advisory 2741-1
https://notcve.org/view.php?id=CVE-2013-2901
21 Aug 2013 — Multiple integer overflows in (1) libGLESv2/renderer/Renderer9.cpp and (2) libGLESv2/renderer/Renderer11.cpp in Almost Native Graphics Layer Engine (ANGLE), as used in Google Chrome before 29.0.1547.57, allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Múltiples desbordamientos de enteros en (1) libGLESv2/renderer/Renderer9.cpp y (2) libGLESv2/renderer/Renderer11.cpp ien Almost Native Graphics Layer Engine (ANGLE), como es usado en Google Chro... • http://code.google.com/p/angleproject/issues/detail?id=444 • CWE-189: Numeric Errors •
CVSS: 8.1EPSS: 1%CPEs: 53EXPL: 0CVE-2013-2900 – Debian Security Advisory 2741-1
https://notcve.org/view.php?id=CVE-2013-2900
21 Aug 2013 — The FilePath::ReferencesParent function in files/file_path.cc in Google Chrome before 29.0.1547.57 on Windows does not properly handle pathname components composed entirely of . (dot) and whitespace characters, which allows remote attackers to conduct directory traversal attacks via a crafted directory name. La funcion FilePath::ReferencesParent en files/file_path.cc en Google Chrome anterior a v29.0.1547.57 en Windows no maneja adecuadamente las rutas de los componentes compuestos en su totalidad de. (punt... • http://crbug.com/181617 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •