CVSS: 9.8EPSS: 1%CPEs: 54EXPL: 0CVE-2012-5116 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2012-5116
07 Nov 2012 — Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG filters. Una vulnerabilidad de uso después de liberación en Google Chrome antes v23.0.1271.64 permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con el manejo de filtros SVG. Multiple vulnerabilities have been rep... • http://googlechromereleases.blogspot.com/2012/11/stable-channel-release-and-beta-channel.html • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 55EXPL: 0CVE-2012-5118 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2012-5118
07 Nov 2012 — Google Chrome before 23.0.1271.64 on Mac OS X does not properly validate an integer value during the handling of GPU command buffers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Google Chrome antes v23.0.1271.64 en Mac OS X no valida correctamente un valor entero en el manejo de buffers de comandos GPU, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través d... • http://googlechromereleases.blogspot.com/2012/11/stable-channel-release-and-beta-channel.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 1%CPEs: 54EXPL: 0CVE-2012-5126 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2012-5126
07 Nov 2012 — Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of plug-in placeholders. Vulnerabilidad de uso después de liberación en Google Chrome antes de v23.0.1271.64 permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores relacionados con el manejo del complemento de marcadores de posición. M... • http://googlechromereleases.blogspot.com/2012/11/stable-channel-release-and-beta-channel.html • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 84EXPL: 0CVE-2012-5128 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2012-5128
07 Nov 2012 — Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.64, does not properly perform write operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Google V8 antes de v3.13.7.5, tal como se utiliza en Google Chrome antes de v23.0.1271.64, no lleva a cabo adecuadamente todas las operaciones de escritura, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especifica... • http://googlechromereleases.blogspot.com/2012/11/stable-channel-release-and-beta-channel.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 54EXPL: 0CVE-2012-5127 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2012-5127
07 Nov 2012 — Integer overflow in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted WebP image. Desbordamiento de entero en Google Chrome antes de v23.0.1271.64 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) o posiblemente tener un impacto no especificado a través de una imagen WebP manipulada. Multiple vulnerabilities have been reported in Chromium and V8, some of ... • http://googlechromereleases.blogspot.com/2012/11/stable-channel-release-and-beta-channel.html • CWE-189: Numeric Errors •
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 0CVE-2012-5376 – Gentoo Linux Security Advisory 201210-07
https://notcve.org/view.php?id=CVE-2012-5376
11 Oct 2012 — The Inter-process Communication (IPC) implementation in Google Chrome before 22.0.1229.94 allows remote attackers to bypass intended sandbox restrictions and write to arbitrary files by leveraging access to a renderer process, a different vulnerability than CVE-2012-5112. La implementación de Inter-process Communication (IPC) en Google Chrome anteriores a v22.0.1229.94 permite a atacantes remotos evitar las restricciones del entorno de ejecución seguro "sandbox" establecidos y escribir en ficheros aprovecha... • http://blog.chromium.org/2012/10/pwnium-2-results-and-wrap-up_10.html • CWE-269: Improper Privilege Management •
CVSS: 10.0EPSS: 4%CPEs: 58EXPL: 0CVE-2012-5112 – Apple Security Advisory 2012-11-01-2
https://notcve.org/view.php?id=CVE-2012-5112
11 Oct 2012 — Use-after-free vulnerability in the SVG implementation in WebKit, as used in Google Chrome before 22.0.1229.94, allows remote attackers to execute arbitrary code via unspecified vectors. Vulnerabilidad de uso después de la liberación en la implementación de SVG en WebKit, como el usado en Google Chrome anteriores a v22.0.1229.94, permite a atacantes remotos ejecutar código a través de vectores no determinados. iTunes 11.0.3 is now available and addresses multiple vulnerabilities. In versions prior to 11.0.3... • http://archives.neohapsis.com/archives/bugtraq/2012-11/0012.html • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 56EXPL: 0CVE-2012-5109
https://notcve.org/view.php?id=CVE-2012-5109
09 Oct 2012 — The International Components for Unicode (ICU) functionality in Google Chrome before 22.0.1229.92 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to a regular expression. La funcionalidad International Components for Unicode (ICU) en Google Chorme antes de v22.0.1229.92, permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de vectores relacionados con una expresión regular. • http://googlechromereleases.blogspot.com/2012/10/stable-channel-update.html • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 56EXPL: 0CVE-2012-2900 – Gentoo Linux Security Advisory 201210-07
https://notcve.org/view.php?id=CVE-2012-2900
09 Oct 2012 — Skia, as used in Google Chrome before 22.0.1229.92, does not properly render text, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors. Skia, como se usa en Google Chrome antes de v22.0.1229.92, no renderiza apropiadamente el texto, lo que permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) o posiblemente tener otros impactos a través de vectores no especificados. Multiple vulnerabil... • http://googlechromereleases.blogspot.com/2012/10/stable-channel-update.html •
CVSS: 9.3EPSS: 7%CPEs: 56EXPL: 0CVE-2012-5108 – Gentoo Linux Security Advisory 201210-07
https://notcve.org/view.php?id=CVE-2012-5108
09 Oct 2012 — Race condition in Google Chrome before 22.0.1229.92 allows remote attackers to execute arbitrary code via vectors related to audio devices. Condición de carrera en Google Chorme antes de v22.0.1229.92, permite a atacantes remotos ejecutar código de su elección a través de vectores relacionados con dispositivos de audio. Multiple vulnerabilities have been reported in Chromium, some of which may allow execution of arbitrary code. Versions less than 22.0.1229.94 are affected. • http://googlechromereleases.blogspot.com/2012/10/stable-channel-update.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •