CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2013-0894 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0894
23 Feb 2013 — Buffer overflow in the vorbis_parse_setup_hdr_floors function in the Vorbis decoder in vorbisdec.c in libavcodec in FFmpeg through 1.1.3, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds array access) or possibly have unspecified other impact via vectors involving a zero value for a bark map size. Desbordamiento de búfer en la función vorbis_par... • http://git.chromium.org/gitweb/?p=chromium/deps/ffmpeg.git%3Ba=commit%3Bh=e1e70d9bb9852b7d099379afc95531a632a20ba5 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.8EPSS: 0%CPEs: 178EXPL: 0CVE-2013-2268
https://notcve.org/view.php?id=CVE-2013-2268
23 Feb 2013 — Unspecified vulnerability in the MathML implementation in WebKit in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, has unknown impact and remote attack vectors, related to a "high severity security issue." Vulnerabilidad no especificada en la aplicación MathML en WebKit en Google Chrome antes v25.0.1364.97 en Windows y Linux, y antes v25.0.1364.99 en Mac OS X, tiene un impacto desconocido y vectores de ataque a distancia, relacionado con un "problema de segurida... • http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html •
CVSS: 9.8EPSS: 0%CPEs: 116EXPL: 0CVE-2013-0841 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0841
24 Jan 2013 — Array index error in the content-blocking functionality in Google Chrome before 24.0.1312.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Errores índice de array en la funcionalidad de bloqueo de contenido de Google Chrome antes v24.0.1312.56 que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos. Multiple vulnerabilities have been reported in ... • http://googlechromereleases.blogspot.com/2013/01/stable-channel-update_22.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 116EXPL: 0CVE-2013-0839 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0839
24 Jan 2013 — Use-after-free vulnerability in Google Chrome before 24.0.1312.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of fonts in CANVAS elements. Vulnerabilidad de uso después de la liberación en Google Chrome antes de v24.0.1312.56 que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con el manejador de fuentes en elemetos CANVAS Mu... • http://googlechromereleases.blogspot.com/2013/01/stable-channel-update_22.html • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 0%CPEs: 116EXPL: 0CVE-2013-0840 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0840
24 Jan 2013 — Google Chrome before 24.0.1312.56 does not validate URLs during the opening of new windows, which has unspecified impact and remote attack vectors. Google Chrome anterior a v24.0.1312.56 no valida URLs durante la apertura de nuevas ventanas, lo que tiene un impacto no especificado y vectores de ataque. Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions less than 29.0.1457.57 are affected. • http://googlechromereleases.blogspot.com/2013/01/stable-channel-update_22.html •
CVSS: 10.0EPSS: 0%CPEs: 116EXPL: 0CVE-2013-0842 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0842
24 Jan 2013 — Google Chrome before 24.0.1312.56 does not properly handle %00 characters in pathnames, which has unspecified impact and attack vectors. Google Chrome anterior a v24.0.1312.56 no maneja correctamente caracteres %00 en nombres de ruta, lo que tiene un impacto no especificado y vectores de ataque. Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions less than 29.0.1457.57 are affected. • http://googlechromereleases.blogspot.com/2013/01/stable-channel-update_22.html •
CVSS: 8.8EPSS: 0%CPEs: 123EXPL: 0CVE-2012-5153 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2012-5153
15 Jan 2013 — Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.52, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds access to stack memory. Google V8 anterior a v3.14.5.3 usado en Google Chrome anterior a 24.0.1312.52, permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto a través de un código JavaScript que provoca un acceso fuera de rango en la pila de ... • http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 112EXPL: 0CVE-2013-0828 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0828
15 Jan 2013 — The PDF functionality in Google Chrome before 24.0.1312.52 does not properly perform a cast of an unspecified variable during processing of the root of the structure tree, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. La funcionalidad PDF en Google Chrome anterior a v24.0.1312.52 no lleva a cabo debidamente una conversión de una variable no especificada durante el procesamiento de la raíz del árbol de la estructura, lo que permite a ... • http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 0%CPEs: 122EXPL: 0CVE-2012-5155
https://notcve.org/view.php?id=CVE-2012-5155
15 Jan 2013 — Google Chrome before 24.0.1312.52 on Mac OS X does not use an appropriate sandboxing approach for worker processes, which makes it easier for remote attackers to bypass intended access restrictions via unspecified vectors. Google Chrome anterior a v24.0.1312.52 en Mac OS X no utiliza de forma apropiada el sandbox, haciendo fácil para usuarios remotos eludir las restricciones de acceso mediante vectores no especificados. • http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.5EPSS: 0%CPEs: 114EXPL: 0CVE-2013-0834 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0834
15 Jan 2013 — Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving glyphs. Google Chrome antes de v24.0.1312.52 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de vectores que involucran glifos. Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions less than 29.0.1457.57 are affected. • http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •