CVSS: 5.0EPSS: 0%CPEs: 106EXPL: 0CVE-2013-0909 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0909
04 Mar 2013 — The XSS Auditor in Google Chrome before 25.0.1364.152 allows remote attackers to obtain sensitive HTTP Referer information via unspecified vectors. El XSS Auditor en Google Chrome anterior a v25.0.1364.152 permite a atacantes remotos obtener informacion sensible de HTTP Referer a través de vectores no especificados. Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions less than 29.0.1457.57 are affected. • http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_4.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 106EXPL: 0CVE-2013-0905 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0905
04 Mar 2013 — Use-after-free vulnerability in Google Chrome before 25.0.1364.152 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving an SVG animation. Vulnerabilidad en la gestión de recursos en Google Chrome anterior a v25.0.1364.152 permite causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores que implican una animación SVG. Multiple vulnerabilities have been reported in Chromium and V8, some of which may a... • http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_4.html • CWE-399: Resource Management Errors •
CVSS: 8.1EPSS: 0%CPEs: 106EXPL: 0CVE-2013-0907 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0907
04 Mar 2013 — Race condition in Google Chrome before 25.0.1364.152 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of media threads. Condición de carrera en Google Chrome anterior a v25.0.1364.152 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través vectores relacionados con el manejo de hilos multimedia. Multiple vulnerabilities have been reported in Chromium and V8, some o... • http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_4.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2013-0891 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0891
23 Feb 2013 — Integer overflow in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a blob. Desbordamiento de entero en Google Chrome v25.0.1364.97 sobre Windows y Linux, y anterior a v25.0.1364.99 sobre Mac OS X, permite a atacantes remotos provocar una denegación de servicio u otro impacto a través de vectores desconocidos. Multiple vulnerabilities have been reported in Chromium ... • http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2013-0895 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0895
23 Feb 2013 — Google Chrome before 25.0.1364.97 on Linux, and before 25.0.1364.99 on Mac OS X, does not properly handle pathnames during copy operations, which might make it easier for remote attackers to execute arbitrary programs via unspecified vectors. Google Chrome antes de v25.0.1364.97 para Linux, y antes de v25.0.1364.99 para Mac OS X, no maneja correctamente las rutas durante la operaciones de copia, lo que podría hacer que sea más fácil para los atacantes remotos ejecutar programas arbitrarios a través de vecto... • http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2013-0898 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0898
23 Feb 2013 — Use-after-free vulnerability in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a URL. Vulnerabilidad de uso después de la liberación en Google Chrome anterior a v25.0.1364.97 en Windows y Linux, y anterior a v25.0.1364.99 en Mac OS X, permite a atacantes remotos producir una denegación de servicio (caída de la aplicación) o posiblemente tener otro... • http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2013-0897 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0897
23 Feb 2013 — Off-by-one error in the PDF functionality in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service via a crafted document. Vulnerabilidad "off-by-one" en la funcionalidad PDF de Google Chrome v25.0.1364.97 sobre Windows y Linux, y anterior a v25.0.1364.99 sobre Mac OS X, permite a atacantes remotos provocar una denegación de servicio a través de un documento especialmente manipulado. Multiple vulnerabilities have bee... • http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html • CWE-193: Off-by-one Error •
CVSS: 7.5EPSS: 2%CPEs: 12EXPL: 0CVE-2013-0899 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0899
23 Feb 2013 — Integer overflow in the padding implementation in the opus_packet_parse_impl function in src/opus_decoder.c in Opus before 1.0.2, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a long packet. Desbordamiento de entero en la aplicación de relleno en la función opus_packet_parse_impl en src / opus_decoder.c en el Opus antes de v1.0.2, tal como se utiliza en Go... • http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2013-0889 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0889
23 Feb 2013 — Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly enforce a user gesture requirement before proceeding with a file download, which might make it easier for remote attackers to execute arbitrary code via a crafted file. Google Chrome v25.0.1364.97 sobre Windows y Linux, y anterior a v25.0.1364.99 sobre Mac OS X, no fuerza al usuario adecuadamente antes de proceder con la descarga de un archivo, lo que podría facilitar a atacantes remotos la ejecuci... • http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html • CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2013-0894 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0894
23 Feb 2013 — Buffer overflow in the vorbis_parse_setup_hdr_floors function in the Vorbis decoder in vorbisdec.c in libavcodec in FFmpeg through 1.1.3, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds array access) or possibly have unspecified other impact via vectors involving a zero value for a bark map size. Desbordamiento de búfer en la función vorbis_par... • http://git.chromium.org/gitweb/?p=chromium/deps/ffmpeg.git%3Ba=commit%3Bh=e1e70d9bb9852b7d099379afc95531a632a20ba5 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •