Page 470 of 2607 results (0.022 seconds)

CVSS: 7.5EPSS: 4%CPEs: 2EXPL: 0

CVE-2014-7940 – ICU: uninitialized value use in the collation component

https://notcve.org/view.php?id=CVE-2014-7940

The collator implementation in i18n/ucol.cpp in International Components for Unicode (ICU) 52 through SVN revision 293126, as used in Google Chrome before 40.0.2214.91, does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted character sequence. La implementación collator en i18n/ucol.cpp en International Components for Unicode (ICU) 52 hasta la revisión SVN 293126, utilizada en Google Chrome anterior a 40.0.2214.91, no inicializa la memoria para una estructura de datos, lo que permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de una secuencia de caracteres manipulada. • http://advisories.mageia.org/MGASA-2015-0047.html http://googlechromereleases.blogspot.com/2015/01/stable-update.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html http://rhn.redhat.com/errata/RHSA-2015-0093.html http://secunia.com/advisories/62383 http://secunia.com/advisories/62575 http://secunia.com/advisories/62665 http://security.gentoo.org/glsa/glsa-201502-13.xml http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html http://www& • CWE-399: Resource Management Errors •

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2014-7899 – chromium-browser: Address bar spoofing

https://notcve.org/view.php?id=CVE-2014-7899

Google Chrome before 38.0.2125.101 allows remote attackers to spoof the address bar by placing a blob: substring at the beginning of the URL, followed by the original URI scheme and a long username string. Google Chrome anterior a 38.0.2125.101 permite a atacantes remotos falsificar la barra de direcciones mediante la colocación de un blob, es decir, una subcadena al principio de la dirección URL, seguido por el esquema original URI y una cadena con un largo nombre de usuario. • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html http://rhn.redhat.com/errata/RHSA-2014-1894.html http://secunia.com/advisories/60194 http://www.securityfocus.com/bid/71160 http://www.securitytracker.com/id/1031241 https://code.google.com/p/chromium/issues/detail?id=389734 https://exchange.xforce.ibmcloud.com/vulnerabilities/98787 https://src.chromium.org/viewvc/chrome?revision=279232&view=revision https://access.redhat.com/security/cve/CVE-2014-7899 https:& • CWE-20: Improper Input Validation CWE-451: User Interface (UI) Misrepresentation of Critical Information •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0

CVE-2014-7901

https://notcve.org/view.php?id=CVE-2014-7901

Integer overflow in the opj_t2_read_packet_data function in fxcodec/fx_libopenjpeg/libopenjpeg20/t2.c in OpenJPEG in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long segment in a JPEG image. Desbordamiento de enteros en la función opj_t2_read_packer en fxcodec/fx_ligopenjpeg/libopenjpeg20/t2.c en OpenJPEG en PDFium, usado en Google Chrome anterior a 39.0.2171.65, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de un segmento largo en una imagen JPEG. • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html http://www.securityfocus.com/bid/71158 http://www.securitytracker.com/id/1031241 https://code.google.com/p/chromium/issues/detail?id=413375 https://exchange.xforce.ibmcloud.com/vulnerabilities/98789 https://pdfium.googlesource.com/pdfium/+/e93d5341d87c54713a9632c8823288fa901a3b78 • CWE-189: Numeric Errors •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 14

CVE-2014-7910 – GNU Bash - Environment Variable Command Injection

https://notcve.org/view.php?id=CVE-2014-7910

Multiple unspecified vulnerabilities in Google Chrome before 39.0.2171.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades sin especificar en Google Chrome anterior a 39.0.2171.65 permitirían a atacantes remotos causar una denegación de servicio o posiblemente otro impacto mediante vectores desconocidos. • https://www.exploit-db.com/exploits/34777 https://www.exploit-db.com/exploits/34895 https://www.exploit-db.com/exploits/34839 https://www.exploit-db.com/exploits/36503 https://www.exploit-db.com/exploits/36504 https://www.exploit-db.com/exploits/34766 https://www.exploit-db.com/exploits/35115 https://www.exploit-db.com/exploits/34765 https://www.exploit-db.com/exploits/34860 https://www.exploit-db.com/exploits/34879 https://www.exploit-db.com/exploits/34896 •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2014-7905

https://notcve.org/view.php?id=CVE-2014-7905

Google Chrome before 39.0.2171.65 on Android does not prevent navigation to a URL in cases where an intent for the URL lacks CATEGORY_BROWSABLE, which allows remote attackers to bypass intended access restrictions via a crafted web site. Google Chrome anterior a 39.0.2171.65 para Android no previene la navegación a una URL en los casos donde una intento para la URL no tiene CATEGORY_BROWSABLE, lo que permite a atacantes remotos evadir las restricciones de acceso a través de un sitio web manipulado. • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html http://www.securityfocus.com/bid/71162 http://www.securitytracker.com/id/1031241 https://code.google.com/p/chromium/issues/detail?id=421817 https://exchange.xforce.ibmcloud.com/vulnerabilities/98793 • CWE-284: Improper Access Control •