Page 480 of 2450 results (0.032 seconds)

CVSS: 7.5EPSS: 0%CPEs: 80EXPL: 0

CVE-2014-1749

https://notcve.org/view.php?id=CVE-2014-1749

Multiple unspecified vulnerabilities in Google Chrome before 35.0.1916.114 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome anterior a 35.0.1916.114 permiten a atacantes causar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2014/05/stable-channel-update_20.html http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html http://secunia.com/advisories/58920 http://secunia.com/advisories/59155 http://security.gentoo.org/glsa/glsa-201408-16.xml http://www.debian.org/security/2014/dsa-2939 http://www.securitytracker.com/id/1030270 https://code.google.com/p/chromium/issues/detail?id=374649 •

CVSS: 7.5EPSS: 1%CPEs: 80EXPL: 0

CVE-2014-1743

https://notcve.org/view.php?id=CVE-2014-1743

Use-after-free vulnerability in the StyleElement::removedFromDocument function in core/dom/StyleElement.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code that triggers tree mutation. Vulnerabilidad de uso después de liberación en la función StyleElement::removedFromDocument en core/dom/StyleElement.cpp en Blink, utilizado en Google Chrome anterior a 35.0.1916.114, permite a atacantes remotos causar una denegación de servicio (caída de aplicación) o posiblemente tener otro impacto no especificado a través de código JavaScript que provoca mutación de árboles. • http://googlechromereleases.blogspot.com/2014/05/stable-channel-update_20.html http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html http://secunia.com/advisories/58920 http://secunia.com/advisories/59155 http://secunia.com/advisories/60372 http://security.gentoo.org/glsa/glsa-201408-16.xml http://www.debian.org/security/2014/dsa-2939 http://www.securitytracker.com/id/1030270 https://code.google.com/p/chromium/issues/detail?id=356653 https://src.chromium.org/viewvc • CWE-399: Resource Management Errors •

CVSS: 7.5EPSS: 1%CPEs: 112EXPL: 0

CVE-2014-3152

https://notcve.org/view.php?id=CVE-2014-3152

Integer underflow in the LCodeGen::PrepareKeyedOperand function in arm/lithium-codegen-arm.cc in Google V8 before 3.25.28.16, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a negative key value. Desbordamiento de enteros en la función LCodeGen::PrepareKeyedOperand en arm/lithium-codegen-arm.cc en Google V8 anterior a 3.25.28.16, utilizado en Google Chrome anterior a 35.0.1916.114, permite a atacantes remotos causar una denegación de servicios o posiblemente tener otro impacto no especificado a través de vectores que provocan un valor de clave negativo. • http://googlechromereleases.blogspot.com/2014/05/stable-channel-update_20.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157338.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157357.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157363.html http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html http://secunia.com/advisories/58920 http://secunia.com/advisories/59155 http://secunia.com/advisories/60372 http://www.de • CWE-189: Numeric Errors •

CVSS: 4.3EPSS: 2%CPEs: 80EXPL: 2

CVE-2014-3803

https://notcve.org/view.php?id=CVE-2014-3803

The SpeechInput feature in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to enable microphone access and obtain speech-recognition text without indication via an INPUT element with a -x-webkit-speech attribute. La funcionalidad SpeechInput en Blink, utilizado en Google Chrome anterior a 35.0.1916.114, permite a atacantes remotos habilitar acceso a micrófono y obtener texto de reconocimiento de voz sin indicación a través de un elemento INPUT con un atributo -x-webkit-speech. • http://blog.guya.net/2014/04/07/to-listen-without-consent-abusing-the-html5-speech http://googlechromereleases.blogspot.com/2014/05/stable-channel-update_20.html http://secunia.com/advisories/60372 http://www.securityfocus.com/bid/67582 https://code.google.com/p/chromium/issues/detail?id=360448 https://src.chromium.org/viewvc/blink?revision=171373&view=revision • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.3EPSS: 0%CPEs: 80EXPL: 0

CVE-2014-1747

https://notcve.org/view.php?id=CVE-2014-1747

Cross-site scripting (XSS) vulnerability in the DocumentLoader::maybeCreateArchive function in core/loader/DocumentLoader.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to inject arbitrary web script or HTML via crafted MHTML content, aka "Universal XSS (UXSS)." Vulnerabilidad de XSS en la función DocumentLoader::maybeCreateArchive en core/loader/DocumentLoader.cpp en Blink, utilizado en Google Chrome anterior a 35.0.1916.114, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de contenido MHTML manipulado, también conocido como 'XSS universal (UXSS).' • http://googlechromereleases.blogspot.com/2014/05/stable-channel-update_20.html http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html http://secunia.com/advisories/58920 http://secunia.com/advisories/59155 http://security.gentoo.org/glsa/glsa-201408-16.xml http://www.debian.org/security/2014/dsa-2939 http://www.securitytracker.com/id/1030270 https://code.google.com/p/chromium/issues/detail?id=330663 https://src.chromium.org/viewvc/blink?revision=169499&view=revision • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •