CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2011-1439
https://notcve.org/view.php?id=CVE-2011-1439
03 May 2011 — Google Chrome before 11.0.696.57 on Linux does not properly isolate renderer processes, which has unspecified impact and remote attack vectors. Google Chrome anterior a v11.0.696.57 en Linux no aisla adecuadamente los procesos de renderizado, teniendo un impacto no especificado y vectores de ataque remotos. • http://code.google.com/p/chromium/issues/detail?id=74763 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2011-1441
https://notcve.org/view.php?id=CVE-2011-1441
03 May 2011 — Google Chrome before 11.0.696.57 does not properly perform a cast of an unspecified variable during handling of floating select lists, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted HTML document. Google Chrome antes de v11.0.696.57 no realiza adecuadamente la conversión de una variable no especificada durante la manipulación de listas de selección flotante, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente t... • http://code.google.com/p/chromium/issues/detail?id=75347 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2011-1452
https://notcve.org/view.php?id=CVE-2011-1452
03 May 2011 — Google Chrome before 11.0.696.57 allows user-assisted remote attackers to spoof the URL bar via vectors involving a redirect and a manual reload. Google Chrome antes v11.0.696.57 permite a atacantes remotos asistidos por el usuario falsificar la barra de direcciones a través de vectores que implican redirección y recarga manual. • http://code.google.com/p/chromium/issues/detail?id=77786 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 8%CPEs: 16EXPL: 0CVE-2011-1300
https://notcve.org/view.php?id=CVE-2011-1300
15 Apr 2011 — The Program::getActiveUniformMaxLength function in libGLESv2/Program.cpp in libGLESv2.dll in the WebGLES library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox 4.x before 4.0.1 on Windows and in the GPU process in Google Chrome before 10.0.648.205 on Windows, allows remote attackers to execute arbitrary code via unspecified vectors, related to an "off-by-three" error. La función Program::getActiveUniformMaxLength en el archivo libGLESv2/Program.cpp en la biblioteca libGLESv2.dll ... • http://code.google.com/p/angleproject/source/detail?r=611 • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 11%CPEs: 1EXPL: 1CVE-2011-1301
https://notcve.org/view.php?id=CVE-2011-1301
15 Apr 2011 — Use-after-free vulnerability in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors. Vulnerabilidad de tipo usar-después-de-liberar en el proceso GPU de Google Chrome en versiones anteriores a la 10.0.648.205 permite a atacantes remotos ejecutar código arbitrario a partir de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=75629 • CWE-416: Use After Free •
CVSS: 9.3EPSS: 40%CPEs: 1EXPL: 0CVE-2011-1302
https://notcve.org/view.php?id=CVE-2011-1302
15 Apr 2011 — Heap-based buffer overflow in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors. Desbordamiento de buffer en la memoria dinámica en el proceso GPU de Google Chrome en versiones anteriores a la 10.0.648.205 permite a atacantes remotos ejecutar código arbitrario a través de vectores de ataque desconocidos. • http://code.google.com/p/chromium/issues/detail?id=78524 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 2CVE-2011-1691
https://notcve.org/view.php?id=CVE-2011-1691
15 Apr 2011 — The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in the Cascading Style Sheets (CSS) implementation in WebCore in WebKit before r82222, as used in Google Chrome before 11.0.696.43 and other products, does not properly handle access to the (1) counterIncrement and (2) counterReset attributes of CSSStyleDeclaration data provided by a getComputedStyle method call, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript ... • http://code.google.com/p/chromium/issues/detail?id=77665 • CWE-476: NULL Pointer Dereference •
CVSS: 9.3EPSS: 95%CPEs: 28EXPL: 5CVE-2011-0611 – Adobe Flash Player Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0611
13 Apr 2011 — Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.4.4 and 10.x before 10.0.3 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via craf... • https://www.exploit-db.com/exploits/17473 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2011-1291
https://notcve.org/view.php?id=CVE-2011-1291
25 Mar 2011 — Google Chrome before 10.0.648.204 does not properly handle base strings, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, related to a "buffer error." Google Chrome antes de v10.0.648.204 no controla correctamente las tipos cadena, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos, relacionados con un "error de protocolo ". • http://code.google.com/p/chromium/issues/detail?id=72517 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1CVE-2011-1292
https://notcve.org/view.php?id=CVE-2011-1292
25 Mar 2011 — Use-after-free vulnerability in the frame-loader implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Vulnerabilidad de uso después de liberación en el marco de la aplicación del cargador en Google Chrome antes de v10.0.648.204 permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=73216 • CWE-416: Use After Free •