Page 472 of 3352 results (0.010 seconds)

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0

CVE-2014-7901

https://notcve.org/view.php?id=CVE-2014-7901

Integer overflow in the opj_t2_read_packet_data function in fxcodec/fx_libopenjpeg/libopenjpeg20/t2.c in OpenJPEG in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long segment in a JPEG image. Desbordamiento de enteros en la función opj_t2_read_packer en fxcodec/fx_ligopenjpeg/libopenjpeg20/t2.c en OpenJPEG en PDFium, usado en Google Chrome anterior a 39.0.2171.65, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de un segmento largo en una imagen JPEG. • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html http://www.securityfocus.com/bid/71158 http://www.securitytracker.com/id/1031241 https://code.google.com/p/chromium/issues/detail?id=413375 https://exchange.xforce.ibmcloud.com/vulnerabilities/98789 https://pdfium.googlesource.com/pdfium/+/e93d5341d87c54713a9632c8823288fa901a3b78 • CWE-189: Numeric Errors •

CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0

CVE-2014-7906 – chromium-browser: Use-after-free in pepper plugins

https://notcve.org/view.php?id=CVE-2014-7906

Use-after-free vulnerability in the Pepper plugins in Google Chrome before 39.0.2171.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted Flash content that triggers an attempted PepperMediaDeviceManager access outside of the object's lifetime. Vulnerabilidad de uso después de liberación en los plugins Pepper en Google Chrome anterior a 39.0.2171.65 permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través del contenido de un Flash manipulado que provoca un intento de acceso a PepperMediaDeviceManager fuera del curso de la vida del objeto. • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html http://rhn.redhat.com/errata/RHSA-2014-1894.html http://secunia.com/advisories/60194 http://www.securityfocus.com/bid/71159 http://www.securitytracker.com/id/1031241 https://chromium.googlesource.com/chromium/src/+/3a2cf7d1376ae33054b878232fb38b8fbed29e31 https://code.google.com/p/chromium/issues/detail?id=423030 https://exchange.xforce.ibmcloud.com/vulnerabilities/98794 https://access.redhat.com/security/cve/CVE-2014-7 • CWE-399: Resource Management Errors CWE-416: Use After Free •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0

CVE-2014-7903

https://notcve.org/view.php?id=CVE-2014-7903

Buffer overflow in OpenJPEG before r2911 in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted JPEG image. Desbordamiento de buffer en OpenJPEG anterior a r2911 en PDFium, usado en Google Chrome anterior a 39.0.2171.65, permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto a través de una imagen JPEG manipulada. • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html http://www.securityfocus.com/bid/71164 http://www.securitytracker.com/id/1031241 https://code.google.com/p/chromium/issues/detail?id=414525 https://exchange.xforce.ibmcloud.com/vulnerabilities/98791 https://pdfium.googlesource.com/pdfium/+/4dc95e74e1acc75f4eab08bc771874cd2a9c3a9b • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2014-7899 – chromium-browser: Address bar spoofing

https://notcve.org/view.php?id=CVE-2014-7899

Google Chrome before 38.0.2125.101 allows remote attackers to spoof the address bar by placing a blob: substring at the beginning of the URL, followed by the original URI scheme and a long username string. Google Chrome anterior a 38.0.2125.101 permite a atacantes remotos falsificar la barra de direcciones mediante la colocación de un blob, es decir, una subcadena al principio de la dirección URL, seguido por el esquema original URI y una cadena con un largo nombre de usuario. • http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html http://rhn.redhat.com/errata/RHSA-2014-1894.html http://secunia.com/advisories/60194 http://www.securityfocus.com/bid/71160 http://www.securitytracker.com/id/1031241 https://code.google.com/p/chromium/issues/detail?id=389734 https://exchange.xforce.ibmcloud.com/vulnerabilities/98787 https://src.chromium.org/viewvc/chrome?revision=279232&view=revision https://access.redhat.com/security/cve/CVE-2014-7899 https:& • CWE-20: Improper Input Validation CWE-451: User Interface (UI) Misrepresentation of Critical Information •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 14

CVE-2014-7910 – GNU Bash - Environment Variable Command Injection

https://notcve.org/view.php?id=CVE-2014-7910

Multiple unspecified vulnerabilities in Google Chrome before 39.0.2171.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades sin especificar en Google Chrome anterior a 39.0.2171.65 permitirían a atacantes remotos causar una denegación de servicio o posiblemente otro impacto mediante vectores desconocidos. • https://www.exploit-db.com/exploits/34777 https://www.exploit-db.com/exploits/34895 https://www.exploit-db.com/exploits/34839 https://www.exploit-db.com/exploits/36503 https://www.exploit-db.com/exploits/36504 https://www.exploit-db.com/exploits/34766 https://www.exploit-db.com/exploits/35115 https://www.exploit-db.com/exploits/34765 https://www.exploit-db.com/exploits/34860 https://www.exploit-db.com/exploits/34879 https://www.exploit-db.com/exploits/34896 •