CVSS: 7.5EPSS: 0%CPEs: 64EXPL: 0CVE-2013-2876
https://notcve.org/view.php?id=CVE-2013-2876
10 Jul 2013 — browser/extensions/api/tabs/tabs_api.cc in Google Chrome before 28.0.1500.71 does not properly enforce restrictions on the capture of screenshots by extensions, which allows remote attackers to obtain sensitive information about the content of a previous page via vectors involving an interstitial page. browser/extensions/api/tabs/tabs_api.cc en Google Chrome anterior 28.0.1500.71 no refuerza adecuadamente las restricciones en las capturas de pantalla a través de extensiones, lo que permite a atacantes remot... • http://git.chromium.org/gitweb/?p=chromium/chromium.git%3Ba=commit%3Bh=ac41418e77bf9d82a6e7875c504fad5fd2ba1f7f • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 4%CPEs: 189EXPL: 0CVE-2013-2877 – libxml2: Out-of-bounds read via a document that ends abruptly
https://notcve.org/view.php?id=CVE-2013-2877
10 Jul 2013 — parser.c in libxml2 before 2.9.0, as used in Google Chrome before 28.0.1500.71 and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a document that ends abruptly, related to the lack of certain checks for the XML_PARSER_EOF state. parser.c en libxml2 anterior a 2.9.0 utilizada en Google Chrome anterior a 28.0.1500.71 y otros productos, permite a atacantes remotos provocar una denegación de servicio (lectura fuera de rango) a través de un documento que finaliza de... • ftp://xmlsoft.org/libxml2/libxml2-2.9.0.tar.gz • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 64EXPL: 0CVE-2013-2878
https://notcve.org/view.php?id=CVE-2013-2878
10 Jul 2013 — Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the handling of text. Google Chrome anterior a 28.0.1500.71 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de vectores relacionados con el manejo de texto. • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.1EPSS: 0%CPEs: 64EXPL: 0CVE-2013-2879
https://notcve.org/view.php?id=CVE-2013-2879
10 Jul 2013 — Google Chrome before 28.0.1500.71 does not properly determine the circumstances in which a renderer process can be considered a trusted process for sign-in and subsequent sync operations, which makes it easier for remote attackers to conduct phishing attacks via a crafted web site. Google Chrome anterior a 28.0.1500.71 no determina adecuadamente las circunstancias en las que un proceso de renderizado debe considerarse como confiable para suscribirse y posteriormente realizar operaciones de sincronización, l... • http://git.chromium.org/gitweb/?p=chromium/chromium.git%3Ba=commit%3Bh=8a8eb83276778c9fbcf9ebcd4436077269b73074 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 63EXPL: 0CVE-2013-2880
https://notcve.org/view.php?id=CVE-2013-2880
10 Jul 2013 — Multiple unspecified vulnerabilities in Google Chrome before 28.0.1500.71 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades sin especificar en Google Chrome anterior a 28.0.1500.71, permite a atacantes provocar una denegación de servicio u otro impacto a través de vectores no especificados. • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update.html •
CVSS: 6.5EPSS: 0%CPEs: 88EXPL: 0CVE-2013-2866
https://notcve.org/view.php?id=CVE-2013-2866
19 Jun 2013 — The Flash plug-in in Google Chrome before 27.0.1453.116, as used on Google Chrome OS before 27.0.1453.116 and separately, does not properly determine whether a user wishes to permit camera or microphone access by a Flash application, which allows remote attackers to obtain sensitive information from a machine's physical environment via a clickjacking attack, as demonstrated by an attack using a crafted Cascading Style Sheets (CSS) opacity property. El plugin Flash en Google Chrome anterior 27.0.1453.116 no ... • http://googlechromereleases.blogspot.com/2013/06/stable-channel-update-for-chrome-os.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 0%CPEs: 82EXPL: 0CVE-2013-2854
https://notcve.org/view.php?id=CVE-2013-2854
05 Jun 2013 — Google Chrome before 27.0.1453.110 on Windows provides an incorrect handle to a renderer process in unspecified circumstances, which allows remote attackers to cause a denial of service or possibly have other impact via unknown vectors. Google Chrome anterior a v27.0.1453.110 en Windows proporciona un identificador incorrecto a un proceso de render en circunstancias no especificadas, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto a través de vectores... • http://googlechromereleases.blogspot.com/2013/06/stable-channel-update.html •
CVSS: 9.8EPSS: 0%CPEs: 83EXPL: 0CVE-2013-2855
https://notcve.org/view.php?id=CVE-2013-2855
05 Jun 2013 — The Developer Tools API in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. Las Developer Tools API en Google Chrome anterior a v27.0.1453.110 permite a atacantes remotos causar una denegación de servicio (corrupción de memoria) o posiblemnte tener otro impacto no específico mediante vectores desconocidos. • http://googlechromereleases.blogspot.com/2013/06/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 83EXPL: 0CVE-2013-2856
https://notcve.org/view.php?id=CVE-2013-2856
05 Jun 2013 — Use-after-free vulnerability in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of input. Vulnerabilidad de tipo "usar después de liberar" en Google Chrome anterior a 27.0.1453.110 permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado mediante vectores relacionados con el manejo de la entrada. • http://googlechromereleases.blogspot.com/2013/06/stable-channel-update.html • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 83EXPL: 0CVE-2013-2857
https://notcve.org/view.php?id=CVE-2013-2857
05 Jun 2013 — Use-after-free vulnerability in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of images. Vulnerabilidad de tipo "usar después de liberar" en Google Chrome anterior a 27.0.1453.110 permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado mediante vectores relacionados con el manejo de imágenes. • http://googlechromereleases.blogspot.com/2013/06/stable-channel-update.html • CWE-416: Use After Free •