CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2014-1734
https://notcve.org/view.php?id=CVE-2014-1734
Multiple unspecified vulnerabilities in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome anterior a 34.0.1847.131 en Windows y OS X y anterior a 34.0.1847.132 en Linux permiten a atacantes causar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html http://lists.opensuse.org/opensuse-updates/2014-05/msg00049.html http://lists.opensuse.org/opensuse-updates/2014-05/msg00050.html http://secunia.com/advisories/58301 http://security.gentoo.org/glsa/glsa-201408-16.xml http://www.debian.org/security/2014/dsa-2920 https://code.google.com/p/chromium/issues/detail?id=356181 https://code.google.com/p/chromium/issues/detail?id=357382 https://code.google.com •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2014-1735
https://notcve.org/view.php?id=CVE-2014-1735
Multiple unspecified vulnerabilities in Google V8 before 3.24.35.33, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google V8 anterior a 3.24.35.33, utilizado en Google Chrome anterior a 34.0.1847.131 en Windows y OS X y anterior a 34.0.1847.132 en Linux, permiten a atacantes causar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html http://lists.opensuse.org/opensuse-updates/2014-05/msg00049.html http://lists.opensuse.org/opensuse-updates/2014-05/msg00050.html http://secunia.com/advisories/58301 http://secunia.com/advisories/60372 http://security.gentoo.org/glsa/glsa-201408-16.xml http://www.debian.org/security/2014/dsa-2920 https://code.google.com/p/chromium/issues/detail?id=359130 https://code.google.com/p/chromium/issues/detail •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2014-1716
https://notcve.org/view.php?id=CVE-2014-1716
Cross-site scripting (XSS) vulnerability in the Runtime_SetPrototype function in runtime.cc in Google V8, as used in Google Chrome before 34.0.1847.116, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)." Vulnerabilidad de XSS en la función Runtime_SetPrototype en runtime.cc en Google V8, utilizado en Google Chrome anterior a 34.0.1847.116, permite a atacantes remotos inyectar script Web o HTML arbitrarios a través de vectores no especificados, también conocido como "Universal XSS (UXSS)." • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html http://lists.opensuse.org/opensuse-updates/2014-05/msg00012.html http://security.gentoo.org/glsa/glsa-201408-16.xml http://www.debian.org/security/2014/dsa-2905 https://code.google.com/p/chromium/issues/detail?id=354123 https://code.google.com/p/v8/source/detail?r=20138 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2014-1717
https://notcve.org/view.php?id=CVE-2014-1717
Google V8, as used in Google Chrome before 34.0.1847.116, does not properly use numeric casts during handling of typed arrays, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code. Google V8, utilizado en Google Chrome anterior a 34.0.1847.116, no utiliza debidamente conversiones numéricas durante el manejo de arrays tipo, lo que permite a atacantes remotos causar una denegación de servicio (acceso a array fuera de rango) o posiblemente tener otro impacto no especificado a través de código JavaScript manipulado. • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html http://lists.opensuse.org/opensuse-updates/2014-05/msg00012.html http://security.gentoo.org/glsa/glsa-201408-16.xml http://www.debian.org/security/2014/dsa-2905 https://code.google.com/p/chromium/issues/detail?id=353004 https://code.google.com/p/v8/source/detail?r=20020 • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2014-1718
https://notcve.org/view.php?id=CVE-2014-1718
Integer overflow in the SoftwareFrameManager::SwapToNewFrame function in content/browser/renderer_host/software_frame_manager.cc in the software compositor in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted mapping of a large amount of renderer memory. Desbordamiento de enteros en la función SoftwareFrameManager::SwapToNewFrame en content/browser/renderer_host/software_frame_manager.cc en el compositor de software en Google Chrome anterior a 34.0.1847.116 permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores que provocan un intento de asignación de una cantidad grande de memoria de renderizador. • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html http://lists.opensuse.org/opensuse-updates/2014-05/msg00012.html http://security.gentoo.org/glsa/glsa-201408-16.xml http://www.debian.org/security/2014/dsa-2905 https://code.google.com/p/chromium/issues/detail?id=348332 https://src.chromium.org/viewvc/chrome?revision=257417&view=revision https://src.chromium.org/viewvc/chrome?revision=258418&view=revision https://src.chromium.org/viewvc/chrome?revision=260969&view=r • CWE-189: Numeric Errors •