Max CVSS 10.0 Min CVSS 1.7 Total Count90
IDCVSSSummaryLast (major) updatePublished
CVE-2014-0050 7.5
MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that b
16-02-2017 - 21:59 01-04-2014 - 02:27
CVE-2014-0032 4.3
The get_resource function in repos.c in the mod_dav_svn module in Apache Subversion before 1.7.15 and 1.8.x before 1.8.6, when SVNListParentPath is enabled, allows remote attackers to cause a denial of service (crash) via vectors related to the serve
06-01-2017 - 21:59 14-02-2014 - 10:55
CVE-2013-6668 7.5
Multiple unspecified vulnerabilities in Google V8 before 3.24.35.10, as used in Google Chrome before 33.0.1750.146, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
06-01-2017 - 21:59 05-03-2014 - 00:11
CVE-2013-6667 7.5
Multiple unspecified vulnerabilities in Google Chrome before 33.0.1750.146 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
06-01-2017 - 21:59 05-03-2014 - 00:11
CVE-2013-6666 5.8
The PepperFlashRendererHost::OnNavigate function in renderer/pepper/pepper_flash_renderer_host.cc in Google Chrome before 33.0.1750.146 does not verify that all headers are Cross-Origin Resource Sharing (CORS) simple headers before proceeding with a
06-01-2017 - 21:59 05-03-2014 - 00:11
CVE-2013-6665 7.5
Heap-based buffer overflow in the ResourceProvider::InitializeSoftware function in cc/resources/resource_provider.cc in Google Chrome before 33.0.1750.146 allows remote attackers to cause a denial of service or possibly have unspecified other impact
06-01-2017 - 21:59 05-03-2014 - 00:11
CVE-2013-6664 7.5
Use-after-free vulnerability in the FormAssociatedElement::formRemovedFromTree function in core/html/FormAssociatedElement.cpp in Blink, as used in Google Chrome before 33.0.1750.146, allows remote attackers to cause a denial of service or possibly h
06-01-2017 - 21:59 05-03-2014 - 00:11
CVE-2013-6663 7.5
Use-after-free vulnerability in the SVGImage::setContainerSize function in core/svg/graphics/SVGImage.cpp in the SVG implementation in Blink, as used in Google Chrome before 33.0.1750.146, allows remote attackers to cause a denial of service or possi
06-01-2017 - 21:59 05-03-2014 - 00:11
CVE-2013-6627 5.0
net/http/http_stream_parser.cc in Google Chrome before 31.0.1650.48 does not properly process HTTP Informational (aka 1xx) status codes, which allows remote web servers to cause a denial of service (out-of-bounds read) via a crafted response.
30-12-2016 - 21:59 13-11-2013 - 10:55
CVE-2013-6382 4.0
Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for a (1)
30-12-2016 - 21:59 26-11-2013 - 23:43
CVE-2013-6635 6.8
Use-after-free vulnerability in the editing implementation in Blink, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service or possibly have unspecified other impact via JavaScript code that triggers remova
07-12-2016 - 22:04 06-12-2013 - 19:55
CVE-2013-6625 6.8
Use-after-free vulnerability in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of DOM r
07-12-2016 - 22:03 13-11-2013 - 10:55
CVE-2013-2928 7.5
Multiple unspecified vulnerabilities in Google Chrome before 30.0.1599.101 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
07-12-2016 - 22:03 16-10-2013 - 16:55
CVE-2013-2927 6.8
Use-after-free vulnerability in the HTMLFormElement::prepareForSubmission function in core/html/HTMLFormElement.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows remote attackers to cause a denial of service or possibly have unspeci
07-12-2016 - 22:03 16-10-2013 - 16:55
CVE-2013-2926 6.8
Use-after-free vulnerability in the IndentOutdentCommand::tryIndentingAsListItem function in core/editing/IndentOutdentCommand.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows user-assisted remote attackers to cause a denial of ser
07-12-2016 - 22:03 16-10-2013 - 16:55
CVE-2013-2909 7.5
Use-after-free vulnerability in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to inline-block rendering for bidirectional Unicod
07-12-2016 - 22:03 02-10-2013 - 06:35
CVE-2014-0106 6.6
Sudo 1.6.9 before 1.8.5, when env_reset is disabled, does not properly check environment variables for the env_delete restriction, which allows local users with sudo permissions to bypass intended command restrictions via a crafted environment variab
28-11-2016 - 14:10 11-03-2014 - 15:37
CVE-2013-6650 7.5
The StoreBuffer::ExemptPopularPages function in store-buffer.cc in Google V8 before 3.22.24.16, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other
21-09-2016 - 11:26 28-01-2014 - 09:30
CVE-2013-6649 7.5
Use-after-free vulnerability in the RenderSVGImage::paint function in core/rendering/svg/RenderSVGImage.cpp in Blink, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service or possibly have unspecified oth
21-09-2016 - 11:25 28-01-2014 - 09:30
CVE-2013-6646 7.5
Use-after-free vulnerability in the Web Workers implementation in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows remote attackers to cause a denial of service or possibly have unspecified other impac
21-09-2016 - 11:25 16-01-2014 - 07:17
CVE-2013-6643 7.5
The OneClickSigninBubbleView::WindowClosing function in browser/ui/views/sync/one_click_signin_bubble_view.cc in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows attackers to trigger a sync with an arb
21-09-2016 - 11:24 16-01-2014 - 07:17
CVE-2013-6621 7.5
Use-after-free vulnerability in Google Chrome before 31.0.1650.48 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the x-webkit-speech attribute in a text INPUT element.
21-09-2016 - 10:39 13-11-2013 - 10:55
CVE-2013-2919 7.5
Google V8, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
09-09-2016 - 10:01 02-10-2013 - 06:35
CVE-2014-1874 4.4
The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN capability to set a zero-length security cont
13-10-2015 - 12:36 28-02-2014 - 01:18
CVE-2013-2929 3.3
The Linux kernel before 3.12.2 does not properly use the get_dumpable function, which allows local users to bypass intended ptrace restrictions or obtain sensitive information from IA64 scratch registers via a crafted application, related to kernel/p
25-03-2015 - 21:59 09-12-2013 - 13:55
CVE-2014-0088 7.5
The SPDY implementation in the ngx_http_spdy_module module in nginx 1.5.10 before 1.5.11, when running on a 32-bit platform, allows remote attackers to execute arbitrary code via a crafted request.
30-04-2014 - 10:10 29-04-2014 - 10:38
CVE-2013-6628 4.3
net/socket/ssl_client_socket_nss.cc in the TLS implementation in Google Chrome before 31.0.1650.48 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which might allow remote web servers
24-04-2014 - 01:00 13-11-2013 - 10:55
CVE-2013-6661 7.5
Multiple unspecified vulnerabilities in Google Chrome before 33.0.1750.117 allow attackers to bypass the sandbox protection mechanism after obtaining renderer access, or have other impact, via unknown vectors.
01-04-2014 - 02:26 23-02-2014 - 23:48
CVE-2013-6660 5.0
The drag-and-drop implementation in Google Chrome before 33.0.1750.117 does not properly restrict the information in WebDropData data structures, which allows remote attackers to discover full pathnames via a crafted web site.
01-04-2014 - 02:26 23-02-2014 - 23:48
CVE-2013-6659 6.4
The SSLClientSocketNSS::Core::OwnAuthCertHandler function in net/socket/ssl_client_socket_nss.cc in Google Chrome before 33.0.1750.117 does not prevent changes to server X.509 certificates during renegotiations, which allows remote SSL servers to tri
01-04-2014 - 02:26 23-02-2014 - 23:48
CVE-2013-6658 7.5
Multiple use-after-free vulnerabilities in the layout implementation in Blink, as used in Google Chrome before 33.0.1750.117, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving (1) runn
01-04-2014 - 02:26 23-02-2014 - 23:48
CVE-2013-6657 6.4
core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, inserts the about:blank URL during certain blocking of FORM elements within HTTP requests, which allows remote attackers to bypass the Same Or
01-04-2014 - 02:26 23-02-2014 - 23:48
CVE-2013-6656 5.0
The XSSAuditor::init function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, processes POST requests by using the body of a redirecting page instead of the body of a redirect target, whi
01-04-2014 - 02:26 23-02-2014 - 23:48
CVE-2013-6655 7.5
Use-after-free vulnerability in Blink, as used in Google Chrome before 33.0.1750.117, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to improper handling of overflowchanged DOM event
01-04-2014 - 02:26 23-02-2014 - 23:48
CVE-2013-6654 7.5
The SVGAnimateElement::calculateAnimatedValue function in core/svg/SVGAnimateElement.cpp in Blink, as used in Google Chrome before 33.0.1750.117, does not properly handle unexpected data types, which allows remote attackers to cause a denial of servi
01-04-2014 - 02:26 23-02-2014 - 23:48
CVE-2013-6653 7.5
Use-after-free vulnerability in the web contents implementation in Google Chrome before 33.0.1750.117 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving attempted conflicting access to
01-04-2014 - 02:26 23-02-2014 - 23:48
CVE-2013-6367 5.7
The apic_get_tmcct function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via crafted modifications of the TMICT value.
26-03-2014 - 00:54 14-12-2013 - 13:08
CVE-2014-1446 1.9
The yam_ioctl function in drivers/net/hamradio/yam.c in the Linux kernel before 3.12.8 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capabil
16-03-2014 - 00:45 18-01-2014 - 17:55
CVE-2014-1445 2.1
The wanxl_ioctl function in drivers/net/wan/wanxl.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via an ioctl call.
16-03-2014 - 00:45 18-01-2014 - 17:55
CVE-2014-1444 1.7
The fst_get_iface function in drivers/net/wan/farsync.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADM
16-03-2014 - 00:45 18-01-2014 - 17:55
CVE-2013-7271 4.9
The x25_recvmsg function in net/x25/af_x25.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kerne
16-03-2014 - 00:43 06-01-2014 - 11:55
CVE-2013-7270 4.9
The packet_recvmsg function in net/packet/af_packet.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information fr
16-03-2014 - 00:43 06-01-2014 - 11:55
CVE-2013-7269 4.9
The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from
16-03-2014 - 00:43 06-01-2014 - 11:55
CVE-2013-7268 4.9
The ipx_recvmsg function in net/ipx/af_ipx.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kerne
16-03-2014 - 00:43 06-01-2014 - 11:55
CVE-2013-7267 4.9
The atalk_recvmsg function in net/appletalk/ddp.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from
16-03-2014 - 00:43 06-01-2014 - 11:55
CVE-2013-7266 4.9
The mISDN_sock_recvmsg function in drivers/isdn/mISDN/socket.c in the Linux kernel before 3.12.4 does not ensure that a certain length value is consistent with the size of an associated data structure, which allows local users to obtain sensitive inf
16-03-2014 - 00:43 06-01-2014 - 11:55
CVE-2013-7027 6.1
The ieee80211_radiotap_iterator_init function in net/wireless/radiotap.c in the Linux kernel before 3.11.7 does not check whether a frame contains any data outside of the header, which might allow attackers to cause a denial of service (buffer over-r
16-03-2014 - 00:43 09-12-2013 - 13:55
CVE-2013-6380 4.7
The aac_send_raw_srb function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 3.12.1 does not properly validate a certain size value, which allows local users to cause a denial of service (invalid pointer dereference) or possibly have
16-03-2014 - 00:42 26-11-2013 - 23:43
CVE-2013-4587 7.2
Array index error in the kvm_vm_ioctl_create_vcpu function in virt/kvm/kvm_main.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value.
16-03-2014 - 00:39 14-12-2013 - 13:08
CVE-2013-2112 7.8
The svnserve server in Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote attackers to cause a denial of service (exit) by aborting a connection.
16-03-2014 - 00:35 31-07-2013 - 09:20
CVE-2013-1968 5.5
Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote authenticated users to cause a denial of service (FSFS repository corruption) via a newline character in a file name.
16-03-2014 - 00:35 31-07-2013 - 09:20
CVE-2013-0160 2.1
The Linux kernel through 3.7.9 allows local users to obtain sensitive information about keystroke timing by using the inotify API on the /dev/ptmx device.
16-03-2014 - 00:32 17-02-2013 - 23:41
CVE-2013-6645 6.8
Use-after-free vulnerability in the OnWindowRemovingFromRootWindow function in content/browser/web_contents/web_contents_view_aura.cc in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows user-assisted r
05-03-2014 - 23:49 16-01-2014 - 07:17
CVE-2013-6644 7.5
Multiple unspecified vulnerabilities in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
05-03-2014 - 23:49 16-01-2014 - 07:17
CVE-2013-6641 7.5
Use-after-free vulnerability in the FormAssociatedElement::formRemovedFromTree function in core/html/FormAssociatedElement.cpp in Blink, as used in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux, allows rem
05-03-2014 - 23:49 16-01-2014 - 07:17
CVE-2013-6640 7.5
The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc) in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service (out-of-bounds read) via JavaScript code that se
05-03-2014 - 23:49 06-12-2013 - 19:55
CVE-2013-6639 7.5
The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc) in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecifi
05-03-2014 - 23:49 06-12-2013 - 19:55
CVE-2013-6638 7.5
Multiple buffer overflows in runtime.cc in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a large typed
05-03-2014 - 23:49 06-12-2013 - 19:55
CVE-2013-6637 7.5
Multiple unspecified vulnerabilities in Google Chrome before 31.0.1650.63 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
05-03-2014 - 23:49 06-12-2013 - 19:55
CVE-2013-6636 4.3
The FrameLoader::notifyIfInitialDocumentAccessed function in core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 31.0.1650.63, makes an incorrect check for an empty document during presentation of a modal dialog, which allows remote
05-03-2014 - 23:49 06-12-2013 - 19:55
CVE-2013-6634 6.8
The OneClickSigninHelper::ShowInfoBarIfPossible function in browser/ui/sync/one_click_signin_helper.cc in Google Chrome before 31.0.1650.63 uses an incorrect URL during realm validation, which allows remote attackers to conduct session fixation attac
05-03-2014 - 23:49 06-12-2013 - 19:55
CVE-2013-6632 9.3
Integer overflow in Google Chrome before 31.0.1650.57 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as demonstrated during a Mobile Pwn2Own competition at PacSec 2013.
05-03-2014 - 23:49 18-11-2013 - 00:23
CVE-2013-6626 4.3
The WebContentsImpl::AttachInterstitialPage function in content/browser/web_contents/web_contents_impl.cc in Google Chrome before 31.0.1650.48 does not cancel JavaScript dialogs upon generating an interstitial warning, which allows remote attackers t
05-03-2014 - 23:49 13-11-2013 - 10:55
CVE-2013-6624 7.5
Use-after-free vulnerability in Google Chrome before 31.0.1650.48 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the string values of id attributes.
05-03-2014 - 23:49 13-11-2013 - 10:55
CVE-2013-6623 4.3
The SVG implementation in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service (out-of-bounds read) by leveraging the use of tree order, rather than transitive dependency order, for layout.
05-03-2014 - 23:49 13-11-2013 - 10:55
CVE-2013-6622 6.8
Use-after-free vulnerability in the HTMLMediaElement::didMoveToNewDocument function in core/html/HTMLMediaElement.cpp in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service or possibly have unspec
05-03-2014 - 23:49 13-11-2013 - 10:55
CVE-2013-2931 10.0
Multiple unspecified vulnerabilities in Google Chrome before 31.0.1650.48 allow attackers to execute arbitrary code or possibly have other impact via unknown vectors.
05-03-2014 - 23:46 13-11-2013 - 10:55
CVE-2013-2925 6.8
Use-after-free vulnerability in core/xml/XMLHttpRequest.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger multiple conf
05-03-2014 - 23:46 16-10-2013 - 16:55
CVE-2013-2923 7.5
Multiple unspecified vulnerabilities in Google Chrome before 30.0.1599.66 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
05-03-2014 - 23:46 02-10-2013 - 06:35
CVE-2013-2922 6.8
Use-after-free vulnerability in core/html/HTMLTemplateElement.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that
05-03-2014 - 23:46 02-10-2013 - 06:35
CVE-2013-2921 6.8
Double free vulnerability in the ResourceFetcher::didLoadResource function in core/fetch/ResourceFetcher.cpp in the resource loader in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possib
05-03-2014 - 23:46 02-10-2013 - 06:35
CVE-2013-2920 5.0
The DoResolveRelativeHost function in url/url_canon_relative.cc in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service (out-of-bounds read) via a relative URL containing a hostname, as demonstrated by a protocol-rel
05-03-2014 - 23:46 02-10-2013 - 06:35
CVE-2013-2918 7.5
Use-after-free vulnerability in the RenderBlock::collapseAnonymousBlockChild function in core/rendering/RenderBlock.cpp in the DOM implementation in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of ser
05-03-2014 - 23:46 02-10-2013 - 06:35
CVE-2013-2917 5.0
The ReverbConvolverStage::ReverbConvolverStage function in core/platform/audio/ReverbConvolverStage.cpp in the Web Audio implementation in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service (out-
05-03-2014 - 23:46 02-10-2013 - 06:35
CVE-2013-2916 4.3
Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to spoof the address bar via vectors involving a response with a 204 (aka No Content) status code, in conjunction with a delay in notifying the user of an attempted spoof.
05-03-2014 - 23:46 02-10-2013 - 06:35
CVE-2013-2915 4.3
Google Chrome before 30.0.1599.66 preserves pending NavigationEntry objects in certain invalid circumstances, which allows remote attackers to spoof the address bar via a URL with a malformed scheme, as demonstrated by a nonexistent:12121 URL.
05-03-2014 - 23:46 02-10-2013 - 06:35
CVE-2013-2913 6.8
Use-after-free vulnerability in the XMLDocumentParser::append function in core/xml/parser/XMLDocumentParser.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified
05-03-2014 - 23:46 02-10-2013 - 06:35
CVE-2013-2912 7.5
Use-after-free vulnerability in the PepperInProcessRouter::SendToHost function in content/renderer/pepper/pepper_in_process_router.cc in the Pepper Plug-in API (PPAPI) in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of
05-03-2014 - 23:46 02-10-2013 - 06:35
CVE-2013-2911 6.8
Use-after-free vulnerability in the XSLStyleSheet::compileStyleSheet function in core/xml/XSLStyleSheetLibxslt.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecifi
05-03-2014 - 23:46 02-10-2013 - 06:35
CVE-2013-2910 7.5
Use-after-free vulnerability in modules/webaudio/AudioScheduledSourceNode.cpp in the Web Audio implementation in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified ot
05-03-2014 - 23:46 02-10-2013 - 06:35
CVE-2013-2908 5.0
Google Chrome before 30.0.1599.66 uses incorrect function calls to determine the values of NavigationEntry objects, which allows remote attackers to spoof the address bar via vectors involving a response with a 204 (aka No Content) status code.
05-03-2014 - 23:46 02-10-2013 - 06:35
CVE-2013-2907 5.0
The Window.prototype object implementation in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
05-03-2014 - 23:46 02-10-2013 - 06:35
CVE-2013-2906 6.8
Multiple race conditions in the Web Audio implementation in Blink, as used in Google Chrome before 30.0.1599.66, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to threading in core/ht
05-03-2014 - 23:46 02-10-2013 - 06:35
CVE-2013-6652 7.5
Directory traversal vulnerability in sandbox/win/src/named_pipe_dispatcher.cc in Google Chrome before 33.0.1750.117 on Windows allows attackers to bypass intended named-pipe policy restrictions in the sandbox via vectors related to (1) lack of checks
24-02-2014 - 14:20 23-02-2014 - 23:48
CVE-2014-1681 10.0
Multiple unspecified vulnerabilities in Google Chrome before 32.0.1700.102 have unknown impact and attack vectors, related to 12 "security fixes [that were not] either contributed by external researchers or particularly interesting."
06-02-2014 - 23:52 28-01-2014 - 09:30
CVE-2013-5398 3.3
Unspecified vulnerability in the Webservice Axis Gateway in IBM Rational Focal Point 6.4 before devfix1, 6.4.1.3 before devfix1, 6.5.1 before devfix1, 6.5.2 before devfix4, 6.5.2.3 before devfix9, 6.6 before devfix5, 6.6.0.1 before devfix2, and 6.6.1
18-12-2013 - 13:39 18-12-2013 - 11:04
CVE-2013-5397 3.3
Unspecified vulnerability in the Webservice Axis Gateway in IBM Rational Focal Point 6.4 before devfix1, 6.4.1.3 before devfix1, 6.5.1 before devfix1, 6.5.2 before devfix4, 6.5.2.3 before devfix9, 6.6 before devfix5, 6.6.0.1 before devfix2, and 6.6.1
18-12-2013 - 13:38 18-12-2013 - 11:04
CVE-2013-6802 5.8
Google Chrome before 31.0.1650.57 allows remote attackers to bypass intended sandbox restrictions by leveraging access to a renderer process, as demonstrated during a Mobile Pwn2Own competition at PacSec 2013, a different vulnerability than CVE-2013-
13-12-2013 - 00:22 18-11-2013 - 00:23
CVE-2011-1385 7.8
IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.1.x and 2.2.x, allows remote attackers to cause a denial of service (system crash) via an ICMP Echo Reply packet that contains 1 in the Identifier field, a different vulnerability than CVE-2012-0194.
05-03-2012 - 00:00 02-03-2012 - 17:55
CVE-2012-0194 7.1
The TCP implementation in IBM AIX 5.3, 6.1, and 7.1, when the Large Send Offload option is enabled, allows remote attackers to cause a denial of service (assertion failure and panic) via an unspecified series of packets.
07-02-2012 - 00:00 06-02-2012 - 15:55
Back to Top Mark selected
Back to Top