CVSS: 9.8EPSS: 2%CPEs: 4EXPL: 0CVE-2011-1296
https://notcve.org/view.php?id=CVE-2011-1296
25 Mar 2011 — Google Chrome before 10.0.648.204 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." Google Chrome antes de v10.0.648.204 no controla correctamente el texto SVG, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos que dan lugar a un puntero bloqueado. • http://code.google.com/p/chromium/issues/detail?id=75170 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2011-1465
https://notcve.org/view.php?id=CVE-2011-1465
20 Mar 2011 — The SPDY implementation in net/http/http_network_transaction.cc in Google Chrome before 11.0.696.14 drains the bodies from SPDY responses, which might allow remote SPDY servers to cause a denial of service (application exit) by canceling a stream. La implementación de SPDY en net/http/http_network_transaction.cc en Google Chrome anterior a v11.0.696.14 desecha los cuerpos de las respuestas SPDY, lo que podría permitir a servidores remotos SPDY causar una denegación de servicio (salida de la aplicación) medi... • http://code.google.com/p/chromium/issues/detail?id=75657 •
CVSS: 9.3EPSS: 96%CPEs: 26EXPL: 1CVE-2011-0609 – Adobe Flash Player Unspecified Vulnerability
https://notcve.org/view.php?id=CVE-2011-0609
15 Mar 2011 — Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and a... • https://www.exploit-db.com/exploits/17027 •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 1CVE-2011-1196
https://notcve.org/view.php?id=CVE-2011-1196
11 Mar 2011 — The OGG container implementation in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write. La implementación del contenedor OGG en Google Chrome anterior a v10.0.648.127 permite a atacantes remotos provocar una denegación de servicio o tener un impacto no especificado a través de vectores desconocidos que provocan una escritura "out-of-bounds" • http://code.google.com/p/chromium/issues/detail?id=71788 •
CVSS: 8.8EPSS: 3%CPEs: 4EXPL: 0CVE-2011-1204
https://notcve.org/view.php?id=CVE-2011-1204
11 Mar 2011 — Google Chrome before 10.0.648.127 does not properly handle attributes, which allows remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact via a crafted document. Google Chrome anterior a v10.0.648.127 no controla correctamente los atributos, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción del árbol DOM) o tener un impacto no especificado a través de un documento hecho a mano. • http://code.google.com/p/chromium/issues/detail?id=74030 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 2%CPEs: 2EXPL: 1CVE-2011-1186
https://notcve.org/view.php?id=CVE-2011-1186
11 Mar 2011 — Google Chrome before 10.0.648.127 on Linux does not properly handle parallel execution of calls to the print method, which might allow remote attackers to cause a denial of service (application crash) via crafted JavaScript code. Google Chrome en versiones anteriores a la 10.0.648.127 en Linux no maneja apropiadamente la ejecución paralela de llamadas al método print, lo que permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de un código JavaScript modificado. • http://code.google.com/p/chromium/issues/detail?id=66962 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2011-1413
https://notcve.org/view.php?id=CVE-2011-1413
11 Mar 2011 — Google Chrome before 10.0.648.127 on Linux does not properly mitigate an unspecified flaw in an X server, which allows remote attackers to cause a denial of service (application crash) via vectors involving long messages. Google Chrome anterior a v10.0.648.127 en Linux no mitiga correctamente un error sin especificar en un X server, lo que permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de vectores que comprenden mensajes largos • http://code.google.com/p/chromium/issues/detail?id=49747 •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 2CVE-2011-1185
https://notcve.org/view.php?id=CVE-2011-1185
11 Mar 2011 — Google Chrome before 10.0.648.127 does not prevent (1) navigation and (2) close operations on the top location of a sandboxed frame, which has unspecified impact and remote attack vectors. Google Chrome en versiones anteriores a la 10.0.648.127 no previene (1) la navegación y (2) operaciones de cierre en la localización superior de un frame que se ejecuta en una sandbox, lo que tiene un impacto sin especificar y vectores de ataque remotos. • http://code.google.com/p/chromium/issues/detail?id=42574 •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2011-1197
https://notcve.org/view.php?id=CVE-2011-1197
11 Mar 2011 — Google Chrome before 10.0.648.127 does not properly perform table painting, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." Google Chrome en versiones anteriores a la 10.0.648.127 no realiza apropiadamente la representación gráfica de tablas, lo que permite a atacantes remotos provocar una denegación de servicio o, posiblemente, tener otros impactos sin especificar a través de vectores desconocidos que p... • http://code.google.com/p/chromium/issues/detail?id=72028 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2011-1202 – libxslt: Heap address leak in XLST
https://notcve.org/view.php?id=CVE-2011-1202
11 Mar 2011 — The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and earlier, as used in Google Chrome before 10.0.648.127 and other products, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function. Vulnerabilidad no especificada en la implementación XSLT en Google Chrome anterior a v10.0.648.127 permite a atacantes remotos obtener información sensible acerca de las direcciones de memori... • http://code.google.com/p/chromium/issues/detail?id=73716 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •