Page 515 of 2584 results (0.015 seconds)

CVSS: 6.8EPSS: 0%CPEs: 42EXPL: 0

The Isolated Sites feature in Google Chrome before 26.0.1410.43 does not properly enforce the use of separate processes, which makes it easier for remote attackers to bypass intended access restrictions via a crafted web site. La funcionalidad de separación de sitios web en Google Chrome versiones anteriores a v.26.0.1410.43 no refuerza adecuadamente el uso de procesos separados, facilitando a atacantes remotos el saltar las restricciones de acceso implementadas mediante un sitio web manipulado. • http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_26.html https://code.google.com/p/chromium/issues/detail?id=174943 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16670 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.8EPSS: 0%CPEs: 14EXPL: 1

Google V8 before 3.17.13, as used in Google Chrome before 27.0.1444.3, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code, as demonstrated by the Bejeweled game. Google V8 anterior a v3.17.13, usado en Google Chrome anterior a v27.0.1444.3, permite a atacantes remotos causar una denegación de servicios (caída de la aplicación) o posiblemente tener otros impactos a través de código JavaScript manipulado, como se mostró con el juego Bejewele. • http://code.google.com/p/v8/source/browse/trunk/ChangeLog http://googlechromereleases.blogspot.com/2013/03/dev-channel-update_18.html https://code.google.com/p/chromium/issues/detail?id=194749 •

CVSS: 10.0EPSS: 0%CPEs: 118EXPL: 0

The GPU process in Google Chrome OS before 25.0.1364.173 allows attackers to cause a denial of service or possibly have unspecified other impact via vectors related to an "overflow." El proceso de GPU en Google Chrome OS anterior a v25.0.1364.173 permite a atacantes provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con un "desbordamiento". • http://googlechromereleases.blogspot.com/2013/03/stable-channel-update-for-chrome-os_15.html https://code.google.com/p/chromium/issues/detail?id=181083 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 54%CPEs: 111EXPL: 0

WebKit in Google Chrome before 25.0.1364.160 allows remote attackers to execute arbitrary code via vectors that leverage "type confusion." WebKit en Google Chrome anterior a v25.0.1364.160 permite a atacantes remotos ejecutar código arbitario mediante vectores que aprovechan la "confusión de tipo." (type confusion) This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the usage of static_cast. The issue lies in the ability to create an object that is a smaller size than it is treated after a static_cast. • http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_7.html http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Pwn2Own-2013/ba-p/5981157 http://labs.mwrinfosecurity.com/blog/2013/03/06/pwn2own-at-cansecwest-2013 http://lists.apple.com/archives/security-announce/2013/Apr/msg00000.html http://lists.apple.com/archives/security-announce/2013/Mar/msg00004.html http://support.apple.com/kb/HT5701 http://support.apple.com/kb/HT5704 http://twitter.com/thezdi/statuses&#x • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 7.5EPSS: 0%CPEs: 106EXPL: 0

The IndexedDB implementation in Google Chrome before 25.0.1364.152 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. La implementación de IndexedDB en Google Chrome anterior a v25.0.1364.152 permite a atacantes remotos causar una denegación de servicio (corrupción de memoria) o posiblemente tener otro impacto no especificado a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_4.html https://code.google.com/p/chromium/issues/detail?id=174895 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16653 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •