CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-1303
https://notcve.org/view.php?id=CVE-2011-1303
03 May 2011 — Google Chrome before 11.0.696.57 does not properly handle floating objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." Google Chrome anterior a v11.0.696.57 no maneja correctamente los objetos flotantes, permitiendo a atacantes remotos provocar una denegación de servicio o tener un impacto no especificado a través de vectores desconocidos que dar lugar a un "stale pointer." • http://code.google.com/p/chromium/issues/detail?id=61502 • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 1CVE-2011-1304
https://notcve.org/view.php?id=CVE-2011-1304
03 May 2011 — Unspecified vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to bypass the pop-up blocker via vectors related to plug-ins. Vulnerabilidad no especificada en Google Chrome anterior a v11.0.696.57 permite a atacantes remotos eludir el bloqueador de ventanas emergentes a través de vectores relacionados con plug-ins. • http://code.google.com/p/chromium/issues/detail?id=70538 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-1442
https://notcve.org/view.php?id=CVE-2011-1442
03 May 2011 — Google Chrome before 11.0.696.57 does not properly handle mutation events, which allows remote attackers to cause a denial of service (node tree corruption) or possibly have unspecified other impact via unknown vectors. Google Chrome antes de v11.0.696.57 no controla correctamente los eventos de mutación, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción del nodo del árbol) o posiblemente tener un impacto no especificado a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=75801 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 40%CPEs: 1EXPL: 0CVE-2011-1302
https://notcve.org/view.php?id=CVE-2011-1302
15 Apr 2011 — Heap-based buffer overflow in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors. Desbordamiento de buffer en la memoria dinámica en el proceso GPU de Google Chrome en versiones anteriores a la 10.0.648.205 permite a atacantes remotos ejecutar código arbitrario a través de vectores de ataque desconocidos. • http://code.google.com/p/chromium/issues/detail?id=78524 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 8%CPEs: 16EXPL: 0CVE-2011-1300
https://notcve.org/view.php?id=CVE-2011-1300
15 Apr 2011 — The Program::getActiveUniformMaxLength function in libGLESv2/Program.cpp in libGLESv2.dll in the WebGLES library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox 4.x before 4.0.1 on Windows and in the GPU process in Google Chrome before 10.0.648.205 on Windows, allows remote attackers to execute arbitrary code via unspecified vectors, related to an "off-by-three" error. La función Program::getActiveUniformMaxLength en el archivo libGLESv2/Program.cpp en la biblioteca libGLESv2.dll ... • http://code.google.com/p/angleproject/source/detail?r=611 • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 11%CPEs: 1EXPL: 1CVE-2011-1301
https://notcve.org/view.php?id=CVE-2011-1301
15 Apr 2011 — Use-after-free vulnerability in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors. Vulnerabilidad de tipo usar-después-de-liberar en el proceso GPU de Google Chrome en versiones anteriores a la 10.0.648.205 permite a atacantes remotos ejecutar código arbitrario a partir de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=75629 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 2CVE-2011-1691
https://notcve.org/view.php?id=CVE-2011-1691
15 Apr 2011 — The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in the Cascading Style Sheets (CSS) implementation in WebCore in WebKit before r82222, as used in Google Chrome before 11.0.696.43 and other products, does not properly handle access to the (1) counterIncrement and (2) counterReset attributes of CSSStyleDeclaration data provided by a getComputedStyle method call, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript ... • http://code.google.com/p/chromium/issues/detail?id=77665 • CWE-476: NULL Pointer Dereference •
CVSS: 9.3EPSS: 95%CPEs: 28EXPL: 5CVE-2011-0611 – Adobe Flash Player Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0611
13 Apr 2011 — Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.4.4 and 10.x before 10.0.3 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via craf... • https://www.exploit-db.com/exploits/17473 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2011-1291
https://notcve.org/view.php?id=CVE-2011-1291
25 Mar 2011 — Google Chrome before 10.0.648.204 does not properly handle base strings, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, related to a "buffer error." Google Chrome antes de v10.0.648.204 no controla correctamente las tipos cadena, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos, relacionados con un "error de protocolo ". • http://code.google.com/p/chromium/issues/detail?id=72517 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 2%CPEs: 4EXPL: 0CVE-2011-1296
https://notcve.org/view.php?id=CVE-2011-1296
25 Mar 2011 — Google Chrome before 10.0.648.204 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." Google Chrome antes de v10.0.648.204 no controla correctamente el texto SVG, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos que dan lugar a un puntero bloqueado. • http://code.google.com/p/chromium/issues/detail?id=75170 • CWE-20: Improper Input Validation •