Page 471 of 2385 results (0.036 seconds)

CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0

Use-after-free vulnerability in the Pepper plugins in Google Chrome before 39.0.2171.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted Flash content that triggers an attempted PepperMediaDeviceManager access outside of the object's lifetime. Vulnerabilidad de uso después de liberación en los plugins Pepper en Google Chrome anterior a 39.0.2171.65 permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través del contenido de un Flash manipulado que provoca un intento de acceso a PepperMediaDeviceManager fuera del curso de la vida del objeto. • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html http://rhn.redhat.com/errata/RHSA-2014-1894.html http://secunia.com/advisories/60194 http://www.securityfocus.com/bid/71159 http://www.securitytracker.com/id/1031241 https://chromium.googlesource.com/chromium/src/+/3a2cf7d1376ae33054b878232fb38b8fbed29e31 https://code.google.com/p/chromium/issues/detail?id=423030 https://exchange.xforce.ibmcloud.com/vulnerabilities/98794 https://access.redhat.com/security/cve/CVE-2014-7 • CWE-399: Resource Management Errors CWE-416: Use After Free •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

Google Chrome before 39.0.2171.65 on Android does not prevent navigation to a URL in cases where an intent for the URL lacks CATEGORY_BROWSABLE, which allows remote attackers to bypass intended access restrictions via a crafted web site. Google Chrome anterior a 39.0.2171.65 para Android no previene la navegación a una URL en los casos donde una intento para la URL no tiene CATEGORY_BROWSABLE, lo que permite a atacantes remotos evadir las restricciones de acceso a través de un sitio web manipulado. • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html http://www.securityfocus.com/bid/71162 http://www.securitytracker.com/id/1031241 https://code.google.com/p/chromium/issues/detail?id=421817 https://exchange.xforce.ibmcloud.com/vulnerabilities/98793 • CWE-284: Improper Access Control •

CVSS: 6.8EPSS: 3%CPEs: 1EXPL: 0

effects/SkDashPathEffect.cpp in Skia, as used in Google Chrome before 39.0.2171.65, computes a hash key using uninitialized integer values, which might allow remote attackers to cause a denial of service by rendering crafted data. effects/SkDashPathEffect.cpp en Skia, usado en Google Chrome anterior a 39.0.2171.65, calcula una clave de hash usando valores de enteros sin inicializar, lo que podría permitir a atacantes remotos causar una denegación de servicio mediante la renderización de datos manipulados. • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html http://rhn.redhat.com/errata/RHSA-2014-1894.html http://secunia.com/advisories/60194 http://secunia.com/advisories/62608 http://www.securityfocus.com/bid/71167 http://www.securitytracker.com/id/1031241 https://code.google.com/p/chromium/issues/detail?id=391001 https://exchange.xforce.ibmcloud.com/vulnerabilities/98797 https://skia.googlesource.com/skia/+/1c577cd3ee331944b9061ee0eec147b211ee563c https://access.redhat. • CWE-189: Numeric Errors •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0

Use-after-free vulnerability in the CPDF_Parser::IsLinearizedFile function in fpdfapi/fpdf_parser/fpdf_parser_parser.cpp in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document. Una vulnerabilidad de uso después de liberación en la función CPDF_Parser::IsLinearizedFile ubicada en fpdfapi/fpdf_parser/fpdf_parser_parser.cpp en PDFium, usada en Google Chrome anterior 39.0.2171.65, permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto no especificado a través de un documento PDF manipulado. • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html http://www.securityfocus.com/bid/71163 http://www.securitytracker.com/id/1031241 https://code.google.com/p/chromium/issues/detail?id=406868 https://exchange.xforce.ibmcloud.com/vulnerabilities/98788 https://pdfium.googlesource.com/pdfium/+/1b04ea3b0fbae3be3ae6b3824c5e0dadc0e73d44 • CWE-399: Resource Management Errors •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0

Multiple use-after-free vulnerabilities in modules/screen_orientation/ScreenOrientationController.cpp in Blink, as used in Google Chrome before 39.0.2171.65, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger improper handling of a detached frame, related to the (1) lock and (2) unlock methods. Múltiples vulnerabilidades de uso después de liberación en modules/screen_orientation/ScreenOrientationController.cpp en Blink, usado en Google Chrome anterior a 39.0.2171.65, permiten a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores que provocan una manipulación incorrecta de una trama individual, relacionada con los métodos de (1) bloqueo y (2) desbloqueo. • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html http://rhn.redhat.com/errata/RHSA-2014-1894.html http://secunia.com/advisories/60194 http://secunia.com/advisories/62608 http://www.securityfocus.com/bid/71170 http://www.securitytracker.com/id/1031241 https://code.google.com/p/chromium/issues/detail?id=424453 https://exchange.xforce.ibmcloud.com/vulnerabilities/98795 https://src.chromium.org/viewvc/blink?revision=184185&view=revision https://access.redhat.co • CWE-399: Resource Management Errors CWE-416: Use After Free •