Page 511 of 2577 results (0.008 seconds)

CVSS: 4.3EPSS: 0%CPEs: 71EXPL: 0

Multiple cross-site scripting (XSS) vulnerabilities in Google Chrome before 27.0.1453.93 allow user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a (1) drag-and-drop or (2) copy-and-paste operation. Múltiples vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS) en Google Chrome anterior a v27.0.1453.93, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro a (1) drag-and-drop o (2)copy-and-paste operation. • http://googlechromereleases.blogspot.com/2013/05/stable-channel-release.html http://www.debian.org/security/2013/dsa-2695 https://code.google.com/p/chromium/issues/detail?id=171392 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16753 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 3%CPEs: 119EXPL: 1

Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of widgets. Vulnerabilidad de tipo "usar despues de liberar" en Google Chrome anterior a v27.0.1453.93 permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificados realacionados con la manipulación de "widgets". • https://www.exploit-db.com/exploits/40243 http://googlechromereleases.blogspot.com/2013/05/stable-channel-release.html http://lists.apple.com/archives/security-announce/2013/Oct/msg00003.html http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://secunia.com/advisories/54886 http://support.apple.com/kb/HT5934 http://support.apple.com/kb/HT6001 http://www.debian.org/security/2013/dsa-2 • CWE-399: Resource Management Errors •

CVSS: 6.8EPSS: 0%CPEs: 71EXPL: 0

Race condition in the workers implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via unknown vectors. Condición de carrera en Google Chrome anterior a v27.0.1453.93 permite a atacantes remotos causar una denegación de servicio (usar despues de liberar y caída de la aplicación) o posiblemente tener un impacto no especificado mediante vectores desconocidos. • http://googlechromereleases.blogspot.com/2013/05/stable-channel-release.html http://www.debian.org/security/2013/dsa-2695 https://code.google.com/p/chromium/issues/detail?id=176692 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16716 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 5.0EPSS: 0%CPEs: 72EXPL: 0

Google V8, as used in Google Chrome before 27.0.1453.93, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. Google V8, que se utiliza en Google Chrome anterior a v27.0.1453.93, permite a atacantes remotos provocar una denegación de servicio (fuera de los límites de lectura) a través de vectores no especificados. • http://googlechromereleases.blogspot.com/2013/05/stable-channel-release.html http://www.debian.org/security/2013/dsa-2695 https://code.google.com/p/chromium/issues/detail?id=235311 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16625 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 0%CPEs: 71EXPL: 0

Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to style resolution. Vulnerabilidad de tipo "usar despues de liberar" en la implementación de hojas de estilo (Cascading Style Sheets: CSS) en Google Chrome anterior a v27.0.1453.93 permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado mediante vectores relacionados con la resolución de estilos. • http://googlechromereleases.blogspot.com/2013/05/stable-channel-release.html http://www.debian.org/security/2013/dsa-2695 https://code.google.com/p/chromium/issues/detail?id=196393 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16624 • CWE-399: Resource Management Errors •