Page 503 of 2577 results (0.013 seconds)

CVSS: 5.0EPSS: 0%CPEs: 52EXPL: 0

The SharedMemory::Create function in memory/shared_memory_posix.cc in Google Chrome before 29.0.1547.57 uses weak permissions under /dev/shm/, which allows attackers to obtain sensitive information via direct access to a POSIX shared-memory file. La función SharedMemory::Create en memory/shared_memory_posix.cc en Google Chrome anterior a v29.0.1547.57 utiliza permisos débiles en /dev/shm/, lo que permite a atacantes obtener información sensible a través de un acceso directo a un fichero POSIX de memoria compartida. • http://crbug.com/254159 http://googlechromereleases.blogspot.com/2013/08/stable-channel-update.html http://www.debian.org/security/2013/dsa-2741 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17583 https://src.chromium.org/viewvc/chrome?revision=209814&view=revision • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.5EPSS: 1%CPEs: 52EXPL: 0

Use-after-free vulnerability in the HTMLMediaElement::didMoveToNewDocument function in core/html/HTMLMediaElement.cpp in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving moving a (1) AUDIO or (2) VIDEO element between documents. Vulnerabilidad de uso después de liberación en la función HTMLMediaElement::didMoveToNewDocument en core/html/HTMLMediaElement.cpp en Blink, como es usado en Google Chrome anterior a v29.0.1547.57 permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores relacionados con mover elementos (1) AUDIO o (2) VIDEO entre documentos. • http://crbug.com/260156 http://googlechromereleases.blogspot.com/2013/08/stable-channel-update.html http://www.debian.org/security/2013/dsa-2741 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17571 https://src.chromium.org/viewvc/blink?revision=154696&view=revision • CWE-399: Resource Management Errors •

CVSS: 7.5EPSS: 1%CPEs: 70EXPL: 0

Use-after-free vulnerability in Google Chrome before 28.0.1500.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to deleting the registration of a MutationObserver object. Vulnerabilidad de uso después de liberación en Google Chrome anterior a 28.0.1500.95, permite a atacantes remotos provocar una denegación de servicio y causar otro tipo de impacto a través de vectores relacionados con la eliminación del registro de un objeto MutationObserver. • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update_30.html http://www.debian.org/security/2013/dsa-2732 https://code.google.com/p/chromium/issues/detail?id=260165 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17525 https://src.chromium.org/viewvc/blink?revision=154264&view=revision • CWE-399: Resource Management Errors •

CVSS: 7.5EPSS: 0%CPEs: 70EXPL: 0

Multiple unspecified vulnerabilities in Google Chrome before 28.0.1500.95 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades sin especificar en Google Chrome anterior a 28.0.1500.95 permite a atacantes provocar una denegación de servicio o posiblemente tener otro impacto a través de vectores no especificados. • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update_30.html http://www.debian.org/security/2013/dsa-2732 https://code.google.com/p/chromium/issues/detail?id=246203 https://code.google.com/p/chromium/issues/detail?id=246205 https://code.google.com/p/chromium/issues/detail?id=249199 https://code.google.com/p/chromium/issues/detail?id=252712 https://code.google.com/p/chromium/issues/detail? •

CVSS: 7.5EPSS: 1%CPEs: 72EXPL: 0

Google V8, as used in Google Chrome before 28.0.1500.95, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion." Google V8, usado en Google Chrome anterior a 28.0.1500.95, permite a atacantes remotos provocar una denegación de servicio y causar otro tipo de impacto a través de vectores que aprovechan "la confusión de tipos". • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update_30.html http://rhn.redhat.com/errata/RHSA-2013-1201.html http://www.debian.org/security/2013/dsa-2732 https://code.google.com/p/chromium/issues/detail?id=260106 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17329 https://access.redhat.com/security/cve/CVE-2013-2882 https://bugzilla.redhat.com/show_bug.cgi?id=991116 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •