CVSS: 7.5EPSS: 1%CPEs: 71EXPL: 0CVE-2013-2845
https://notcve.org/view.php?id=CVE-2013-2845
The Web Audio implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. La implementación Web Audio en Google Chrome anterior a v27.0.1453.93 permite a atacantes remotos causar una denegación de servicio (corrupción de memoria) o posiblemnte tener otro impacto no específico mediante vectores desconocidos. • http://googlechromereleases.blogspot.com/2013/05/stable-channel-release.html http://www.debian.org/security/2013/dsa-2695 https://code.google.com/p/chromium/issues/detail?id=179522 https://code.google.com/p/chromium/issues/detail?id=188092 https://code.google.com/p/chromium/issues/detail?id=222136 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16354 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 71EXPL: 0CVE-2013-2846
https://notcve.org/view.php?id=CVE-2013-2846
Use-after-free vulnerability in the media loader in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2013-2840. Vulnerabilidad "usar despues de liberar" en el cargador media en Google Chrome anterior a v27.0.1453.93 permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado mediante vectores desconocidos, una vulnerabilidad diferente a CVE-2013-2840. • http://googlechromereleases.blogspot.com/2013/05/stable-channel-release.html http://www.debian.org/security/2013/dsa-2695 https://code.google.com/p/chromium/issues/detail?id=177620 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15805 • CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 0%CPEs: 71EXPL: 0CVE-2013-2847
https://notcve.org/view.php?id=CVE-2013-2847
Race condition in the workers implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via unknown vectors. Condición de carrera en Google Chrome anterior a v27.0.1453.93 permite a atacantes remotos causar una denegación de servicio (usar despues de liberar y caída de la aplicación) o posiblemente tener un impacto no especificado mediante vectores desconocidos. • http://googlechromereleases.blogspot.com/2013/05/stable-channel-release.html http://www.debian.org/security/2013/dsa-2695 https://code.google.com/p/chromium/issues/detail?id=176692 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16716 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.0EPSS: 0%CPEs: 71EXPL: 0CVE-2013-2848
https://notcve.org/view.php?id=CVE-2013-2848
The XSS Auditor in Google Chrome before 27.0.1453.93 might allow remote attackers to obtain sensitive information via unspecified vectors. El XSS Auditor en Google Chrome anterior a v27.0.1453.93 puede permitir a atacantes remotos obtener información sensible mediante vectores no especificados. • http://googlechromereleases.blogspot.com/2013/05/stable-channel-release.html http://lists.apple.com/archives/security-announce/2013/Oct/msg00003.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://secunia.com/advisories/54886 http://support.apple.com/kb/HT5934 http://www.debian.org/security/2013/dsa-2695 https://code.google.com/p/chromium/issues/detail?id=176137 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15849 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 71EXPL: 0CVE-2013-2849
https://notcve.org/view.php?id=CVE-2013-2849
Multiple cross-site scripting (XSS) vulnerabilities in Google Chrome before 27.0.1453.93 allow user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a (1) drag-and-drop or (2) copy-and-paste operation. Múltiples vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS) en Google Chrome anterior a v27.0.1453.93, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro a (1) drag-and-drop o (2)copy-and-paste operation. • http://googlechromereleases.blogspot.com/2013/05/stable-channel-release.html http://www.debian.org/security/2013/dsa-2695 https://code.google.com/p/chromium/issues/detail?id=171392 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16753 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •