CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2013-0894 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0894
23 Feb 2013 — Buffer overflow in the vorbis_parse_setup_hdr_floors function in the Vorbis decoder in vorbisdec.c in libavcodec in FFmpeg through 1.1.3, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds array access) or possibly have unspecified other impact via vectors involving a zero value for a bark map size. Desbordamiento de búfer en la función vorbis_par... • http://git.chromium.org/gitweb/?p=chromium/deps/ffmpeg.git%3Ba=commit%3Bh=e1e70d9bb9852b7d099379afc95531a632a20ba5 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.8EPSS: 0%CPEs: 178EXPL: 0CVE-2013-2268
https://notcve.org/view.php?id=CVE-2013-2268
23 Feb 2013 — Unspecified vulnerability in the MathML implementation in WebKit in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, has unknown impact and remote attack vectors, related to a "high severity security issue." Vulnerabilidad no especificada en la aplicación MathML en WebKit en Google Chrome antes v25.0.1364.97 en Windows y Linux, y antes v25.0.1364.99 en Mac OS X, tiene un impacto desconocido y vectores de ataque a distancia, relacionado con un "problema de segurida... • http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html •
CVSS: 9.8EPSS: 0%CPEs: 116EXPL: 0CVE-2013-0841 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0841
24 Jan 2013 — Array index error in the content-blocking functionality in Google Chrome before 24.0.1312.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Errores índice de array en la funcionalidad de bloqueo de contenido de Google Chrome antes v24.0.1312.56 que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos. Multiple vulnerabilities have been reported in ... • http://googlechromereleases.blogspot.com/2013/01/stable-channel-update_22.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 116EXPL: 0CVE-2013-0839 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0839
24 Jan 2013 — Use-after-free vulnerability in Google Chrome before 24.0.1312.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of fonts in CANVAS elements. Vulnerabilidad de uso después de la liberación en Google Chrome antes de v24.0.1312.56 que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con el manejador de fuentes en elemetos CANVAS Mu... • http://googlechromereleases.blogspot.com/2013/01/stable-channel-update_22.html • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 0%CPEs: 116EXPL: 0CVE-2013-0840 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0840
24 Jan 2013 — Google Chrome before 24.0.1312.56 does not validate URLs during the opening of new windows, which has unspecified impact and remote attack vectors. Google Chrome anterior a v24.0.1312.56 no valida URLs durante la apertura de nuevas ventanas, lo que tiene un impacto no especificado y vectores de ataque. Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions less than 29.0.1457.57 are affected. • http://googlechromereleases.blogspot.com/2013/01/stable-channel-update_22.html •
CVSS: 10.0EPSS: 0%CPEs: 116EXPL: 0CVE-2013-0842 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0842
24 Jan 2013 — Google Chrome before 24.0.1312.56 does not properly handle %00 characters in pathnames, which has unspecified impact and attack vectors. Google Chrome anterior a v24.0.1312.56 no maneja correctamente caracteres %00 en nombres de ruta, lo que tiene un impacto no especificado y vectores de ataque. Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions less than 29.0.1457.57 are affected. • http://googlechromereleases.blogspot.com/2013/01/stable-channel-update_22.html •
CVSS: 8.8EPSS: 0%CPEs: 121EXPL: 0CVE-2012-5156
https://notcve.org/view.php?id=CVE-2012-5156
15 Jan 2013 — Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving PDF fields. Vulnerabilidad de uso después de la liberación en Google Chrome anterior a v24.0.1312.52 permite a atacantes remotos producir una denegación de servicio (caída de aplicación) o tener otro impacto no especificado mediante vectores que comprenden los campos de un PDF. • http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html • CWE-399: Resource Management Errors •
CVSS: 9.1EPSS: 0%CPEs: 112EXPL: 0CVE-2013-0829 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0829
15 Jan 2013 — Google Chrome before 24.0.1312.52 does not properly maintain database metadata, which allows remote attackers to bypass intended file-access restrictions via unspecified vectors. Google Chrome antes de v24.0.1312.52 no mantiene adecuadamente los metadatos de base de datos, lo que permite a atacantes remotos evitar las restricciones de acceso a archivos a través de vectores no especificados. Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. V... • http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 0%CPEs: 114EXPL: 0CVE-2012-5146 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2012-5146
15 Jan 2013 — Google Chrome before 24.0.1312.52 allows remote attackers to bypass the Same Origin Policy via a malformed URL. Google Chrome anterior a v24.0.1312.52 permite a atacantes remotos eludir el "Same Origin Policy" mediante una URL malformada. Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions less than 29.0.1457.57 are affected. • http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 0%CPEs: 114EXPL: 0CVE-2013-0837 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0837
15 Jan 2013 — Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of extension tabs. Google Chrome antes de v24.0.1312.52 permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con el manejo de las pestañas de extensión. Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of ... • http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html • CWE-20: Improper Input Validation •