Page 492 of 3368 results (0.024 seconds)

CVSS: 7.5EPSS: 0%CPEs: 106EXPL: 0

Heap-based buffer overflow in the ResourceProvider::InitializeSoftware function in cc/resources/resource_provider.cc in Google Chrome before 33.0.1750.146 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large texture size that triggers improper memory allocation in the software renderer. Desbordamiento de buffer basado en memoria dinámica en la función ResourceProvider::InitializeSoftware en cc/resources/resource_provider.cc en Google Chrome anterior a 33.0.1750.146 permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de una textura de gran tamaño lo que provoca una reserva de memoria indebida en el renderizador de software. • http://googlechromereleases.blogspot.com/2014/03/stable-channel-update.html http://www.debian.org/security/2014/dsa-2883 http://www.securityfocus.com/bid/65930 https://code.google.com/p/chromium/issues/detail?id=337882 https://src.chromium.org/viewvc/chrome?revision=250870&view=revision • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.8EPSS: 0%CPEs: 106EXPL: 0

The PepperFlashRendererHost::OnNavigate function in renderer/pepper/pepper_flash_renderer_host.cc in Google Chrome before 33.0.1750.146 does not verify that all headers are Cross-Origin Resource Sharing (CORS) simple headers before proceeding with a PPB_Flash.Navigate operation, which might allow remote attackers to bypass intended CORS restrictions via an inappropriate header. La función PepperFlashRendererHost::OnNavigate en renderer/pepper/pepper_flash_renderer_host.cc en Google Chrome anterior a 33.0.1750.146 no verifica que todas las cabeceras son cabeceras Cross-Origin Resource Sharing (CORS) simples antes de proceder con una operación PPB_Flash.Navigate, lo que podría permitir a atacantes remotos evadir restricciones CORS a través de una cabecera no apropiada. • http://googlechromereleases.blogspot.com/2014/03/stable-channel-update.html http://www.debian.org/security/2014/dsa-2883 http://www.securityfocus.com/bid/65930 https://code.google.com/p/chromium/issues/detail?id=332023 https://src.chromium.org/viewvc/chrome?revision=249114&view=revision • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.5EPSS: 1%CPEs: 145EXPL: 0

Multiple unspecified vulnerabilities in Google V8 before 3.24.35.10, as used in Google Chrome before 33.0.1750.146, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google V8 anterior a 3.24.35.10, utilizado en Google Chrome anterior a 33.0.1750.146, permiten a atacantes causar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. • http://advisories.mageia.org/MGASA-2014-0516.html http://googlechromereleases.blogspot.com/2014/03/stable-channel-update.html http://secunia.com/advisories/61184 http://www-01.ibm.com/support/docview.wss?uid=swg21683389 http://www.debian.org/security/2014/dsa-2883 http://www.mandriva.com/security/advisories?name=MDVSA-2015:142 http://www.securityfocus.com/bid/65930 https://code.google.com/p/chromium/issues/detail?id=343964 https://code.google.com/p/chromium/issues/detail?id=3441 •

CVSS: 7.5EPSS: 0%CPEs: 106EXPL: 0

Multiple unspecified vulnerabilities in Google Chrome before 33.0.1750.146 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome anterior a 33.0.1750.146 permiten a atacantes causar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2014/03/stable-channel-update.html http://www.debian.org/security/2014/dsa-2883 http://www.securityfocus.com/bid/65930 https://code.google.com/p/chromium/issues/detail?id=329006 https://code.google.com/p/chromium/issues/detail?id=332947 https://code.google.com/p/chromium/issues/detail?id=333279 https://code.google.com/p/chromium/issues/detail?id=333280 https://code.google.com/p/chromium/issues/detail? •

CVSS: 7.5EPSS: 2%CPEs: 106EXPL: 0

Use-after-free vulnerability in the SVGImage::setContainerSize function in core/svg/graphics/SVGImage.cpp in the SVG implementation in Blink, as used in Google Chrome before 33.0.1750.146, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the resizing of a view. Vulnerabilidad de uso después de liberación en la función SVGImage::setContainerSize en core/svg/graphics/SVGImage.cpp en la implementación SVG en Blink, utilizado en Google Chrome anterior a 33.0.1750.146, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores relacionados con la redimensión de una vista. • http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html http://googlechromereleases.blogspot.com/2014/03/stable-channel-update.html http://secunia.com/advisories/61306 http://secunia.com/advisories/61318 http://support.apple.com/kb/HT6440 http://support.apple.com/kb/HT6441 http://support.apple.com/kb/HT6442 http://www.debian.org/security/2014/dsa-2883 http://www.securityfocus.com/bid/65930 https:/&#x • CWE-399: Resource Management Errors •