Page 74 of 1172 results (0.008 seconds)

CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0

Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.75 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome en versiones anteriores a 50.0.2661.75 permite a atacantes provocar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_13.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00049.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00050.html http://rhn.redhat.com/errata/RHSA-2016-0638.html http://www.debian.org/security/2016/dsa-3549 http://www.ubuntu.com/ •

CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0

Cross-site scripting (XSS) vulnerability in the ModuleSystem::RequireForJsInner function in extensions/renderer/module_system.cc in the Extensions subsystem in Google Chrome before 50.0.2661.75 allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka "Universal XSS (UXSS)." Vulnerabilidad de XSS en la función ModuleSystem::RequireForJsInner en extensions/renderer/module_system.cc en el subsistema Extensions en Google Chrome en versiones anteriores a 50.0.2661.75 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de un sitio web manipulado, también conocida como "Universal XSS (UXSS)". • http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_13.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00049.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00050.html http://rhn.redhat.com/errata/RHSA-2016-0638.html http://www.debian.org/security/2016/dsa-3549 https://codereview.chromium. • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.5EPSS: 1%CPEs: 7EXPL: 0

The media subsystem in Google Chrome before 50.0.2661.75 does not initialize an unspecified data structure, which allows remote attackers to cause a denial of service (invalid read operation) via unknown vectors. El subsistema media en Google Chrome en versiones anteriores a 50.0.2661.75 no inicializa una estructura de datos no especificada, lo que permite a atacantes remotos provocar una denegación de servicio (operación de lectura no válida) a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_13.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00049.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00050.html http://rhn.redhat.com/errata/RHSA-2016-0638.html http://www.debian.org/security/2016/dsa-3549 http://www.ubuntu.com/ • CWE-20: Improper Input Validation •

CVSS: 8.8EPSS: 2%CPEs: 7EXPL: 0

Google Chrome before 50.0.2661.75 does not properly consider that frame removal may occur during callback execution, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted extension. Google Chrome en versiones anteriores a 50.0.2661.75 no considera correctamente que la eliminación de tramas pueda ocurrir durante la ejecución de una llamada de retorno, lo que permite a atacantes remotos provocar una denegación de servicio (uso después de liberación de memoria) o posiblemente tener otro impacto no especificado a través de una extensión manipulada. • http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_13.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00049.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00050.html http://rhn.redhat.com/errata/RHSA-2016-0638.html http://www.debian.org/security/2016/dsa-3549 http://www.ubuntu.com/ •

CVSS: 9.3EPSS: 2%CPEs: 7EXPL: 0

The LoadBuffer implementation in Google V8, as used in Google Chrome before 50.0.2661.75, mishandles data types, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds write operation, related to compiler/pipeline.cc and compiler/simplified-lowering.cc. La implementación LoadBuffer en Google V8, como se utiliza en Google Chrome en versiones anteriores a 50.0.2661.75, no maneja correctamente tipos de datos, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto no especificado a través de código JavaScript manipulado que desencadena una operación de escritura fuera de rango, relacionado con compiler/pipeline.cc y compiler/simplified-lowering.cc. • http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_13.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00049.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00050.html http://rhn.redhat.com/errata/RHSA-2016-0638.html http://www.debian.org/security/2016/dsa-3549 http://www.ubuntu.com/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •