Page 494 of 2511 results (0.016 seconds)

CVSS: 7.5EPSS: 2%CPEs: 83EXPL: 0

CVE-2013-6638

https://notcve.org/view.php?id=CVE-2013-6638

Multiple buffer overflows in runtime.cc in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a large typed array, related to the (1) Runtime_TypedArrayInitialize and (2) Runtime_TypedArrayInitializeFromArrayLike functions. Múltiples desbordamientos de buffer en runtime.cc en Google V8 anteriores a 3.22.24.7, como se utiliza en Google Chrome anteriores a 31.0.1650.63, permite a atacantes remotos causar denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores que provocan un array tipado grande, relacionado con las funciones (1) Runtime_TypedArrayInitialize y (2) Runtime_TypedArrayInitializeFromArrayLike. • http://code.google.com/p/v8/source/detail?r=17800 http://googlechromereleases.blogspot.com/2013/12/stable-channel-update.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00090.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00096.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00122.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00124.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html http://lists.opensuse.org/opensuse-updates • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 2%CPEs: 58EXPL: 0

CVE-2013-6635

https://notcve.org/view.php?id=CVE-2013-6635

Use-after-free vulnerability in the editing implementation in Blink, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service or possibly have unspecified other impact via JavaScript code that triggers removal of a node during processing of the DOM tree, related to CompositeEditCommand.cpp and ReplaceSelectionCommand.cpp. Vulnerabilidad de uso después de liberación en la implementación de edición en Blink, como se utiliza en Google Chrome anteriores a 31.0.1650.63, permite a atacantes remotos causar denegación de servicio o posiblemente tener otro impacto no especificado a través de código JavaScript que provoca la eliminación de un nodo durante el proceado del árbol DOM, relacionado con CompositeEditCommand.cpp y ReplaceSelectioncommand.cpp • http://googlechromereleases.blogspot.com/2013/12/stable-channel-update.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00090.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00096.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html http://secunia.com/advisories/56217 http://support.apple.com/kb/HT6145 http://support.apple.com/kb/HT6162 http://support.apple.com/kb/HT6163 http://www.debian.org/security/2013/dsa-2811 http://www.securitytracker&# • CWE-399: Resource Management Errors •

CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2013-6802

https://notcve.org/view.php?id=CVE-2013-6802

Google Chrome before 31.0.1650.57 allows remote attackers to bypass intended sandbox restrictions by leveraging access to a renderer process, as demonstrated during a Mobile Pwn2Own competition at PacSec 2013, a different vulnerability than CVE-2013-6632. Google Chrome 31.0 anterior a.1650.57 antes permite a atacantes remotos evitar las restricciones de sandbox aprovechando el acceso a un proceso de render, como se demostró durante una competición Pwn2Own Mobile en PacSec 2013, una vulnerabilidad diferente a CVE-2013 a 6632. • http://googlechromereleases.blogspot.com/2013/11/chrome-for-android-update.html http://googlechromereleases.blogspot.com/2013/11/stable-channel-update_14.html http://www.hppwn2own.com/chrome-nexus-4-samsung-galaxy-s4-falls https://code.google.com/p/chromium/issues/detail?id=319117 https://code.google.com/p/chromium/issues/detail?id=319125 https://exchange.xforce.ibmcloud.com/vulnerabilities/89201 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.3EPSS: 2%CPEs: 3EXPL: 0

CVE-2013-6632

https://notcve.org/view.php?id=CVE-2013-6632

Integer overflow in Google Chrome before 31.0.1650.57 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as demonstrated during a Mobile Pwn2Own competition at PacSec 2013. Desbordamiento de enteros Google Chrome anterior a 31.0.1650.57 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, como se demostró durante una competición Pwn2Own Mobile en PacSec 2013. • http://googlechromereleases.blogspot.com/2013/11/chrome-for-android-update.html http://googlechromereleases.blogspot.com/2013/11/stable-channel-update_14.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html http://www.debian.org/security/2013/dsa-2799 http://ww • CWE-189: Numeric Errors •

CVSS: 7.5EPSS: 1%CPEs: 44EXPL: 0

CVE-2013-6631

https://notcve.org/view.php?id=CVE-2013-6631

Use-after-free vulnerability in the Channel::SendRTCPPacket function in voice_engine/channel.cc in libjingle in WebRTC, as used in Google Chrome before 31.0.1650.48 and other products, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors that trigger the absence of certain statistics initialization, leading to the skipping of a required DeRegisterExternalTransport call. Vulnerabilidad de uso después de liberación en la función Channel::SendRTCPPacket de voice_engine/channel.cc en libjingle de WebRTC, tal y como se usa en Google Chrome anterior a la versión 31.0.1650.48 y otros productos, permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria dinámica) o posiblemente tener otro impacto sin especificar a través de vectores que desencadene la ausenciade ciertas estadísticas de inicialización, llevando a la evasión de una llamada DeRegisterExternalTransport requerida. • http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html http://www.debian.org/security/2013/dsa-2799 https://code.google.com/p/chromium/issues/detail?id=296804 https://code.google.com/p&# •