CVSS: 9.3EPSS: 0%CPEs: 136EXPL: 0CVE-2012-3607
https://notcve.org/view.php?id=CVE-2012-3607
13 Sep 2012 — WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. WebKit, como se utiliza en Apple iTunes anterior a v10.7, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de un sitio web diseñado, una vul... • http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 1%CPEs: 136EXPL: 0CVE-2012-3687
https://notcve.org/view.php?id=CVE-2012-3687
13 Sep 2012 — WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. WebKit, como se utiliza en Apple iTunes anterior a v10.7, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de un sitio web diseñado, una vul... • http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 136EXPL: 0CVE-2012-3632
https://notcve.org/view.php?id=CVE-2012-3632
13 Sep 2012 — WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. WebKit, como se utiliza en Apple iTunes anterior a v10.7, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de un sitio web diseñado, una vul... • http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 118EXPL: 0CVE-2012-2870 – libxslt: Use-after-free when processing an invalid XPath expression
https://notcve.org/view.php?id=CVE-2012-2870
31 Aug 2012 — libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/pattern.c and (2) the xsltGenerateIdFunction function in libxslt/functions.c. libxslt v1.1.26 y anteriores, tal como se utiliza en Google Chrome anterior a v21.0.11... • http://code.google.com/p/chromium/issues/detail?id=138672 • CWE-399: Resource Management Errors CWE-416: Use After Free •
CVSS: 9.8EPSS: 1%CPEs: 101EXPL: 0CVE-2012-2871 – libxslt: Heap-buffer overflow caused by bad cast in XSL transforms
https://notcve.org/view.php?id=CVE-2012-2871
31 Aug 2012 — libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h. libxml2 v2.9.0-rc1 y anteriores, tal como se utiliza en Google Chrome antes de v21.0.1180.89, no admite correctamente un conversión de una variable no espec... • http://code.google.com/p/chromium/issues/detail?id=138673 • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.8EPSS: 1%CPEs: 57EXPL: 0CVE-2012-2857
https://notcve.org/view.php?id=CVE-2012-2857
06 Aug 2012 — Use-after-free vulnerability in the Cascading Style Sheets (CSS) DOM implementation in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. Vulnerabilidad de uso después de liberación (use-after-free) en las Hojas de Estilo en Cascada (CSS) en la implementación DOM Google Chrome anteriores a v21.0.1180.57 en Mac OS X y Linux, y anteri... • http://code.google.com/p/chromium/issues/detail?id=136235 • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 2%CPEs: 46EXPL: 0CVE-2012-2824
https://notcve.org/view.php?id=CVE-2012-2824
27 Jun 2012 — Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG painting. Vulnerabilidad de uso después de la liberación en Google Chrome anterior a v20.0.1132.43 permite a atacantes remotos producir una denegación de servicio (caída de aplicación) o posiblemente tener otro impacto no especificado mediante vectores lacionados con "SVG painting" • http://code.google.com/p/chromium/issues/detail?id=125374 • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 4%CPEs: 92EXPL: 0CVE-2012-2807 – (64-bit): Multiple integer overflows, leading to DoS or possibly other unspecified impact
https://notcve.org/view.php?id=CVE-2012-2807
27 Jun 2012 — Multiple integer overflows in libxml2, as used in Google Chrome before 20.0.1132.43 and other products, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Múltiples desbordamientos de enteros en libxml2, como aparece en Google Chrome anterior a v20.0.1132.43, en plataformas de 64 bits de Linux permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vecto... • http://code.google.com/p/chromium/issues/detail?id=129930 • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 4%CPEs: 49EXPL: 0CVE-2011-3102 – libxml: An off-by-one out-of-bounds write by XPointer part evaluation
https://notcve.org/view.php?id=CVE-2011-3102
16 May 2012 — Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors. Error de superación de límite (off-by-one) en libxml2, como el usado en Google Chrome anteriores a v19.0.1084.46, permite a atacantes remotos provocar una denegación de servicio (escritura fuera del límite) y posiblemente tener otros impactos no determinados a través de vectores ... • http://code.google.com/p/chromium/issues/detail?id=125462 • CWE-189: Numeric Errors CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 2%CPEs: 40EXPL: 0CVE-2012-0672
https://notcve.org/view.php?id=CVE-2012-0672
08 May 2012 — WebKit in Apple iOS before 5.1.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. WebKit en Apple iOS anteriores a 5.1.1 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de un sitio web modificado. • http://lists.apple.com/archives/security-announce/2012/Jun/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •