Page 493 of 2607 results (0.018 seconds)

CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 17

CVE-2013-6644

https://notcve.org/view.php?id=CVE-2013-6644

Multiple unspecified vulnerabilities in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades sin especificar en Google Chrome anterior a la versión 32.0.1700.76 en Windows y anterior a 32.0.1700.77 en Mac OS X y Linux permite a atacantes provocar una denegación de servicio o posiblemente tener otro impacto mediante vectores desconocidos. • http://googlechromereleases.blogspot.com/2014/01/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00008.html http://www.debian.org/security/2014/dsa-2862 https://code.google.com/p/chromium/issues/detail?id=269837 https://code.google.com/p/chromium/issues/detail?id=280352 https://code.google.com/p/chromium/issues/detail?id=304547 https://code.google.com/p/chromium/issues/detail?id=313743 https://code.google.com/p/chromium/issues/detail? • CWE-416: Use After Free •

CVSS: 4.3EPSS: 0%CPEs: 58EXPL: 0

CVE-2013-6636

https://notcve.org/view.php?id=CVE-2013-6636

The FrameLoader::notifyIfInitialDocumentAccessed function in core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 31.0.1650.63, makes an incorrect check for an empty document during presentation of a modal dialog, which allows remote attackers to spoof the address bar via vectors involving the document.write method. La función FrameLoader::notifyIfInitialdocumentAccessed en core/loader/FrameLoader.cpp en Blink, como utilizado en Google Chrome anteriores a 31.0.1650.63, hace una comprobación incorrecta para documentos vaciós durante la presentación de un diálogo modal, lo cual permite a atacantes remotos falsificar la barra de direcciones a través de vectores que incluyan el método document.write. • http://googlechromereleases.blogspot.com/2013/12/stable-channel-update.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00090.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00096.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html http://secunia.com/advisories/56217 http://www.debian.org/security/2013/dsa-2811 http://www.securitytracker.com/id/1029442 https://code.google.com/p/chromium/issues/detail?id=322959 https://src.chromium.org/viewvc/blin • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 2%CPEs: 83EXPL: 0

CVE-2013-6638

https://notcve.org/view.php?id=CVE-2013-6638

Multiple buffer overflows in runtime.cc in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a large typed array, related to the (1) Runtime_TypedArrayInitialize and (2) Runtime_TypedArrayInitializeFromArrayLike functions. Múltiples desbordamientos de buffer en runtime.cc en Google V8 anteriores a 3.22.24.7, como se utiliza en Google Chrome anteriores a 31.0.1650.63, permite a atacantes remotos causar denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores que provocan un array tipado grande, relacionado con las funciones (1) Runtime_TypedArrayInitialize y (2) Runtime_TypedArrayInitializeFromArrayLike. • http://code.google.com/p/v8/source/detail?r=17800 http://googlechromereleases.blogspot.com/2013/12/stable-channel-update.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00090.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00096.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00122.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00124.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html http://lists.opensuse.org/opensuse-updates • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 2%CPEs: 58EXPL: 0

CVE-2013-6635

https://notcve.org/view.php?id=CVE-2013-6635

Use-after-free vulnerability in the editing implementation in Blink, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service or possibly have unspecified other impact via JavaScript code that triggers removal of a node during processing of the DOM tree, related to CompositeEditCommand.cpp and ReplaceSelectionCommand.cpp. Vulnerabilidad de uso después de liberación en la implementación de edición en Blink, como se utiliza en Google Chrome anteriores a 31.0.1650.63, permite a atacantes remotos causar denegación de servicio o posiblemente tener otro impacto no especificado a través de código JavaScript que provoca la eliminación de un nodo durante el proceado del árbol DOM, relacionado con CompositeEditCommand.cpp y ReplaceSelectioncommand.cpp • http://googlechromereleases.blogspot.com/2013/12/stable-channel-update.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00090.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00096.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html http://secunia.com/advisories/56217 http://support.apple.com/kb/HT6145 http://support.apple.com/kb/HT6162 http://support.apple.com/kb/HT6163 http://www.debian.org/security/2013/dsa-2811 http://www.securitytracker&# • CWE-399: Resource Management Errors •

CVSS: 7.5EPSS: 2%CPEs: 83EXPL: 0

CVE-2013-6639 – v8: DoS (out-of-bounds write) in DehoistArrayIndex function in hydrogen.cc

https://notcve.org/view.php?id=CVE-2013-6639

The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc) in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via JavaScript code that sets the value of an array element with a crafted index. La función DehoistArrayIndex en el archivo hydrogen-dehoist.cc (también se conoce como el archivo hydrogen.cc) en Google V8 anterior a versión 3.22.24.7, tal como es usado en Google Chrome anterior a versión 31.0.1650.63, permite a los atacantes remotos causar una denegación de servicio (escritura fuera de límites) o posiblemente tienen otro impacto no especificado por medio de código JavaScript que establece el valor de un elemento de matriz con un índice diseñado. • http://code.google.com/p/v8/source/detail?r=17801 http://googlechromereleases.blogspot.com/2013/12/stable-channel-update.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00090.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00096.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00122.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00124.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html http://lists.opensuse.org/opensuse-updates • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •