CVSS: 7.5EPSS: 0%CPEs: 64EXPL: 0CVE-2013-2872
https://notcve.org/view.php?id=CVE-2013-2872
10 Jul 2013 — Google Chrome before 28.0.1500.71 on Mac OS X does not ensure a sufficient source of entropy for renderer processes, which might make it easier for remote attackers to defeat cryptographic protection mechanisms in third-party components via unspecified vectors. Google Chrome anterior a v28.0.1500.71 en Mac OS X no asegura una suficiente fuente de entropía en los procesos "renderer", lo que puede hacer que sea más fácil para los atacantes remotos vencer los mecanismos de protección criptográfica de los compo... • http://git.chromium.org/gitweb/?p=chromium/chromium.git%3Ba=commit%3Bh=5e3678ea33ab00b5977bde219cd9ec6f1768d78a •
CVSS: 7.5EPSS: 0%CPEs: 64EXPL: 0CVE-2013-2876 – Debian Security Advisory 2724-1
https://notcve.org/view.php?id=CVE-2013-2876
10 Jul 2013 — browser/extensions/api/tabs/tabs_api.cc in Google Chrome before 28.0.1500.71 does not properly enforce restrictions on the capture of screenshots by extensions, which allows remote attackers to obtain sensitive information about the content of a previous page via vectors involving an interstitial page. browser/extensions/api/tabs/tabs_api.cc en Google Chrome anterior 28.0.1500.71 no refuerza adecuadamente las restricciones en las capturas de pantalla a través de extensiones, lo que permite a atacantes remot... • http://git.chromium.org/gitweb/?p=chromium/chromium.git%3Ba=commit%3Bh=ac41418e77bf9d82a6e7875c504fad5fd2ba1f7f • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 0%CPEs: 63EXPL: 0CVE-2013-2880 – Debian Security Advisory 2724-1
https://notcve.org/view.php?id=CVE-2013-2880
10 Jul 2013 — Multiple unspecified vulnerabilities in Google Chrome before 28.0.1500.71 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades sin especificar en Google Chrome anterior a 28.0.1500.71, permite a atacantes provocar una denegación de servicio u otro impacto a través de vectores no especificados. Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions less than 29.0.1457.5... • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update.html •
CVSS: 6.5EPSS: 0%CPEs: 64EXPL: 0CVE-2013-2869 – Debian Security Advisory 2724-1
https://notcve.org/view.php?id=CVE-2013-2869
10 Jul 2013 — Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted JPEG2000 image. Google Chrome anterior a v28.0.1500.71 permite a atacantes remotos causar una denegación de servicio (fuera de los límites de lectura) mediante una imagen JPEG2000 especialmente diseñada. Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions less than 29.0.1457.57 are affected. • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 64EXPL: 0CVE-2013-2867 – Debian Security Advisory 2724-1
https://notcve.org/view.php?id=CVE-2013-2867
10 Jul 2013 — Google Chrome before 28.0.1500.71 does not properly prevent pop-under windows, which allows remote attackers to have an unspecified impact via a crafted web site. Google Chrome anterior a 28.0.1500.71 no previene adecuadamente las ventanas pop-under, lo que permite a atacantes remotos provocar un impacto no especificado a través de un sitio web manipulado. Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions less than 29.0.1457.57 are ... • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update.html •
CVSS: 6.5EPSS: 0%CPEs: 88EXPL: 0CVE-2013-2866
https://notcve.org/view.php?id=CVE-2013-2866
19 Jun 2013 — The Flash plug-in in Google Chrome before 27.0.1453.116, as used on Google Chrome OS before 27.0.1453.116 and separately, does not properly determine whether a user wishes to permit camera or microphone access by a Flash application, which allows remote attackers to obtain sensitive information from a machine's physical environment via a clickjacking attack, as demonstrated by an attack using a crafted Cascading Style Sheets (CSS) opacity property. El plugin Flash en Google Chrome anterior 27.0.1453.116 no ... • http://googlechromereleases.blogspot.com/2013/06/stable-channel-update-for-chrome-os.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 0%CPEs: 82EXPL: 0CVE-2013-2865 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-2865
05 Jun 2013 — Multiple unspecified vulnerabilities in Google Chrome before 27.0.1453.110 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome anterior a v27.0.1453.110 permite que los atacantes puedan provocar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code.... • http://googlechromereleases.blogspot.com/2013/06/stable-channel-update.html •
CVSS: 9.8EPSS: 0%CPEs: 83EXPL: 0CVE-2013-2861 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-2861
05 Jun 2013 — Use-after-free vulnerability in the SVG implementation in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Vulnerabilidad de tipo "usar después de liberar" en la implementación SVG de Google Chrome anterior a 27.0.1453.110 permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado mediante vectores desconocidos. Multiple vulnerabilities have been reported... • http://googlechromereleases.blogspot.com/2013/06/stable-channel-update.html • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 0%CPEs: 83EXPL: 0CVE-2013-2859 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-2859
05 Jun 2013 — Google Chrome before 27.0.1453.110 allows remote attackers to bypass the Same Origin Policy and trigger namespace pollution via unspecified vectors. Google Chrome anterior a v27.0.1453.110 permite a atacantes remotos eludir la política del mismo origen (Same Origin Policy9 y generar "namespace pollution" mediante vectores no especificados. Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions less than 29.0.1457.57 are affected. • http://googlechromereleases.blogspot.com/2013/06/stable-channel-update.html •
CVSS: 10.0EPSS: 1%CPEs: 82EXPL: 0CVE-2013-2863 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-2863
05 Jun 2013 — Google Chrome before 27.0.1453.110 does not properly handle SSL sockets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. Google Chrome anterior a v27.0.1453.110 no controla correctamente sockets SSL, lo que permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (por corrupción de memoria) a través de vectores no especificados. Multiple vulnerabilities have been reported in Chromium and V... • http://googlechromereleases.blogspot.com/2013/06/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •