CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2010-2651
https://notcve.org/view.php?id=CVE-2010-2651
06 Jul 2010 — The Cascading Style Sheets (CSS) implementation in Google Chrome before 5.0.375.99 does not properly perform style rendering, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. La implementación Cascading Style Sheets (CSS) en Google Chrome anterior v5.0.375.99 no realiza adecuadamente la renderización de estilo, lo que permite a atacantes remotos causar una denegación de servicio (corrupción de memoria) o probablemen... • http://code.google.com/p/chromium/issues/detail?id=46360 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2010-2645
https://notcve.org/view.php?id=CVE-2010-2645
06 Jul 2010 — Unspecified vulnerability in Google Chrome before 5.0.375.99, when WebGL is used, allows remote attackers to cause a denial of service (out-of-bounds read) via unknown vectors. Vulnerabilidad no especificada en Google Chrome anterior a v5.0.375.99, cuando se utiliza WebGL, permite a los atacantes remotos provocar una denegación de servicio (lectura fuera de rango) a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=42396 •
CVSS: 9.8EPSS: 83%CPEs: 31EXPL: 4CVE-2010-1205 – libpng 1.4.2 - Denial of Service
https://notcve.org/view.php?id=CVE-2010-1205
30 Jun 2010 — Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row. Desbordamiento de buffer en el fichero pngpread.c en libpng anteriores a 1.2.44 y 1.4.x anteriroes a 1.4.3, como se utiliza en aplicaciones progresivas, podría permitir a atacantes remotos ejecutar código arbitrario mediante una imagen PNG que desencadena una serie de datos adicionales. ... • https://www.exploit-db.com/exploits/14422 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2010-2295
https://notcve.org/view.php?id=CVE-2010-2295
15 Jun 2010 — page/EventHandler.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 does not properly handle a change of the focused frame during the dispatching of keydown, which allows user-assisted remote attackers to redirect keystrokes via a crafted HTML document, aka rdar problem 7018610. NOTE: this might overlap CVE-2010-1422. page/EventHandler.cpp en WebCore en WebKit en Google Chrome anterior a v5.0.375.70, no maneja adecuadamente un cambio del marco(frame) durante el envío de una pulsación de tecla (key... • http://code.google.com/p/chromium/issues/detail?id=15766 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 2%CPEs: 7EXPL: 0CVE-2010-2302
https://notcve.org/view.php?id=CVE-2010-2302
15 Jun 2010 — Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving remote fonts in conjunction with shadow DOM trees, aka rdar problem 8007953. NOTE: this might overlap CVE-2010-1771. Vulnerabilidad de uso después de la liberación (Use-after-free) en WebCore de WebKit de Google Chrome anterior a v5.0.375.70 permite a atacantes remotos provocar una denegación de ... • http://code.google.com/p/chromium/issues/detail?id=44740 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2010-2299
https://notcve.org/view.php?id=CVE-2010-2299
15 Jun 2010 — The Clipboard::DispatchObject function in app/clipboard/clipboard.cc in Google Chrome before 5.0.375.70 does not properly handle CBF_SMBITMAP objects in a ViewHostMsg_ClipboardWriteObjectsAsync message, which might allow remote attackers to execute arbitrary code via vectors involving crafted data from the renderer process, related to a "Type Confusion" issue. La función Clipboard::DispatchObject en app/clipboard/clipboard.cc de Google Chrome anterior a v5.0.375.70 no maneja apropiadamente los objetosCBF_SM... • http://code.google.com/p/chromium/issues/detail?id=43307 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2010-2298
https://notcve.org/view.php?id=CVE-2010-2298
15 Jun 2010 — browser/renderer_host/database_dispatcher_host.cc in Google Chrome before 5.0.375.70 on Linux does not properly handle ViewHostMsg_DatabaseOpenFile messages in chroot-based sandboxing, which allows remote attackers to bypass intended sandbox restrictions via vectors involving fchdir and chdir calls. browser/renderer_host/database_dispatcher_host.cc en Google Chrome anterior a v5.0.375.70 sobre linux, no maneja adecuadamente los mensajes ViewHostMsg_DatabaseOpenFile en el "sandboxing" chroot-based, lo que pe... • http://code.google.com/p/chromium/issues/detail?id=43304 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 1%CPEs: 7EXPL: 0CVE-2010-2297
https://notcve.org/view.php?id=CVE-2010-2297
15 Jun 2010 — rendering/FixedTableLayout.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an HTML document that has a large colspan attribute within a table. rendering/FixedTableLayout.cpp en WebCore en WebKit en Google Chrome anterior a v5.0.375.70, permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente la ejecución de código de su elección a través de u... • http://code.google.com/p/chromium/issues/detail?id=42723 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2010-2296
https://notcve.org/view.php?id=CVE-2010-2296
15 Jun 2010 — The implementation of unspecified DOM methods in Google Chrome before 5.0.375.70 allows remote attackers to bypass the Same Origin Policy via unknown vectors. La implementación de métodos DOM sin especificar en Google Chrome anterior a v5.0.375.70 permite a atacantes remotos evitar la "Same Origin Policy" a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=39985 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 5%CPEs: 1EXPL: 1CVE-2010-2300 – Webkit Normalize Bug - Android 2.2
https://notcve.org/view.php?id=CVE-2010-2300
15 Jun 2010 — Use-after-free vulnerability in the Element::normalizeAttributes function in dom/Element.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to handlers for DOM mutation events, aka rdar problem 7948784. NOTE: this might overlap CVE-2010-1759. Vulnerabilidad de uso despues de liberación en la función Element::normalizeAttributes en dom/Element.cpp en WebCore de WebKit de Google Chro... • https://www.exploit-db.com/exploits/18446 • CWE-416: Use After Free •