Page 547 of 3367 results (0.014 seconds)

CVSS: 6.8EPSS: 1%CPEs: 101EXPL: 0

libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h. libxml2 v2.9.0-rc1 y anteriores, tal como se utiliza en Google Chrome antes de v21.0.1180.89, no admite correctamente un conversión de una variable no especificada durante la manipulación de las transformaciones XSL, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto desconocido a través de un documento diseñado para tal fin. Se trata de un problema relacionado con la estructura de datos _xmlNs en include/libxml/tree.h. • http://code.google.com/p/chromium/issues/detail?id=138673 http://googlechromereleases.blogspot.com/2012/08/stable-channel-update_30.html http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00030.html http://secunia.com/advisories/50838 http://secunia.com/advisories/54886 http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libx • CWE-122: Heap-based Buffer Overflow •

CVSS: 5.0EPSS: 1%CPEs: 54EXPL: 0

The SPDY implementation in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service (application crash) via unspecified vectors. La implementación SPDY en Google Chrome anterior a v21.0.1180.89 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=135485 http://googlechromereleases.blogspot.com/2012/08/stable-channel-update_30.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00030.html http://osvdb.org/85032 https://exchange.xforce.ibmcloud.com/vulnerabilities/78176 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15130 •

CVSS: 4.3EPSS: 0%CPEs: 54EXPL: 0

Cross-site scripting (XSS) vulnerability in an SSL interstitial page in Google Chrome before 21.0.1180.89 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Una vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en una página SSL intersticial en Google Chrome antes de v21.0.1180.89 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=142956 http://googlechromereleases.blogspot.com/2012/08/stable-channel-update_30.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00030.html http://osvdb.org/85037 https://exchange.xforce.ibmcloud.com/vulnerabilities/78181 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15853 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.8EPSS: 0%CPEs: 38EXPL: 0

Use-after-free vulnerability in the PDF functionality in Google Chrome before 21.0.1180.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. Vulnerabilidad usar-después-liberar(use-after-free)en la funcionalidad PDF en Google Chrome anterior a v21.0.1180.75 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de un documento manipulado. • http://code.google.com/p/chromium/issues/detail?id=136643 http://code.google.com/p/chromium/issues/detail?id=137721 http://code.google.com/p/chromium/issues/detail?id=137957 http://googlechromereleases.blogspot.com/2012/08/stable-channel-update.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14788 • CWE-399: Resource Management Errors •

CVSS: 7.5EPSS: 0%CPEs: 38EXPL: 0

The PDF functionality in Google Chrome before 21.0.1180.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations. La funcionalidad PDF en Google Chrome anterior a v21.0.1180.75 permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores que provocan una operación de escritura fuera de los límites (out-of-bounds) • http://code.google.com/p/chromium/issues/detail?id=136968 http://code.google.com/p/chromium/issues/detail?id=137361 http://googlechromereleases.blogspot.com/2012/08/stable-channel-update.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14823 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •