CVSS: 9.8EPSS: 0%CPEs: 114EXPL: 0CVE-2013-0831 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0831
15 Jan 2013 — Directory traversal vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to have an unspecified impact by leveraging access to an extension process. Vulnerabilidad de salto de directorio en Google Chrome antes de v24.0.1312.52 permite a atacantes remotos tener un impacto no especificado, aprovechando el acceso al proceso de ampliación. Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions less than 29.0.1457.57 are... • http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 0%CPEs: 122EXPL: 0CVE-2013-0838 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0838
15 Jan 2013 — Google Chrome before 24.0.1312.52 on Linux uses weak permissions for shared memory segments, which has unspecified impact and attack vectors. Google Chrome antes de v24.0.1312.52 en Linux utiliza permisos débiles para el segmento de memoria compartida, lo que tiene un impacto y vectores de ataque no especificados. Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions less than 29.0.1457.57 are affected. • http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 0%CPEs: 124EXPL: 0CVE-2013-0830 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0830
15 Jan 2013 — The IPC layer in Google Chrome before 24.0.1312.52 on Windows omits a NUL character required for termination of an unspecified data structure, which has unknown impact and attack vectors. La capa IPC en Google Chrome en Windows antes de v24.0.1312.52 omite un carácter NUL necesario para la terminación de una estructura de datos sin especificar, lo cual tiene un impacto y vectores de ataque desconocidos. Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbi... • http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 122EXPL: 0CVE-2012-5155
https://notcve.org/view.php?id=CVE-2012-5155
15 Jan 2013 — Google Chrome before 24.0.1312.52 on Mac OS X does not use an appropriate sandboxing approach for worker processes, which makes it easier for remote attackers to bypass intended access restrictions via unspecified vectors. Google Chrome anterior a v24.0.1312.52 en Mac OS X no utiliza de forma apropiada el sandbox, haciendo fácil para usuarios remotos eludir las restricciones de acceso mediante vectores no especificados. • http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.5EPSS: 0%CPEs: 123EXPL: 0CVE-2012-5152 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2012-5152
15 Jan 2013 — Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving seek operations on video data. Google Chrome anterior a v24.0.1312.52 permite a atacantes remotos causar una denegación de servicio (lectura fuera de los límites) mediante vectores que comprenden operaciones de búsqueda de datos de vídeo. Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions less than 29.0.14... • http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 70EXPL: 0CVE-2012-5142 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2012-5142
12 Dec 2012 — Google Chrome before 23.0.1271.97 does not properly handle history navigation, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. Google Chrome antes de v23.0.1271.97 no controla correctamente el historial de navegación, que permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (caída de aplicación) a través de vectores no especificados. Multiple vulnerabilities have been reported in Chromium ... • http://googlechromereleases.blogspot.com/2012/12/stable-channel-update.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 0%CPEs: 70EXPL: 0CVE-2012-5141 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2012-5141
12 Dec 2012 — Google Chrome before 23.0.1271.97 does not properly restrict instantiation of the Chromoting client plug-in, which has unspecified impact and attack vectors. Google Chrome antes de 23.0.1271.97 no restringe correctamente creación de instancias del complemento cliente Chromoting, lo que tiene un impacto y vectores de ataque no especificados. Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions less than 29.0.1457.57 are affected. • http://googlechromereleases.blogspot.com/2012/12/stable-channel-update.html •
CVSS: 10.0EPSS: 1%CPEs: 88EXPL: 0CVE-2012-5144 – Gentoo Linux Security Advisory 201406-28
https://notcve.org/view.php?id=CVE-2012-5144
12 Dec 2012 — Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via vectors related to "an off-by-one overwrite when switching to LTP profile from MAIN." Google Chrome antes 23.0.1271.97 no realiza correctamente la decodificación AAC, que permite a atacantes remotos provocar una denegación de servicio (corrupción de pila ... • http://googlechromereleases.blogspot.com/2012/12/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 70EXPL: 0CVE-2012-5139 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2012-5139
12 Dec 2012 — Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to visibility events. Google Chrome antes de v23.0.1271.97 permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con la visibilidad de eventos. Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow executi... • http://googlechromereleases.blogspot.com/2012/12/stable-channel-update.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 70EXPL: 0CVE-2012-5140 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2012-5140
12 Dec 2012 — Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the URL loader. Vulnerabilidad de uso después de liberación en Google Chrome antes de 23.0.1271.97 permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con el gestor de URL. Multiple vulnerabilities have been reported in Chromium and V... • http://googlechromereleases.blogspot.com/2012/12/stable-channel-update.html • CWE-416: Use After Free •