CVSS: 9.3EPSS: 10%CPEs: 7EXPL: 0CVE-2010-2297
https://notcve.org/view.php?id=CVE-2010-2297
15 Jun 2010 — rendering/FixedTableLayout.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an HTML document that has a large colspan attribute within a table. rendering/FixedTableLayout.cpp en WebCore en WebKit en Google Chrome anterior a v5.0.375.70, permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente la ejecución de código de su elección a través de u... • http://code.google.com/p/chromium/issues/detail?id=42723 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 10%CPEs: 73EXPL: 0CVE-2010-1770 – Apple Webkit CSS Charset Text Transformation Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1770
08 Jun 2010 — WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Apple Safari before 4.1 on Mac OS X 10.4, and Google Chrome before 5.0.375.70 does not properly handle a transformation of a text node that has the IBM1147 character set, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document containing a BR element, related to a "type checking issue." WebKit en Safari de Apple anterior a versión 5.0... • http://code.google.com/p/chromium/issues/detail?id=43487 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2008-2931 – kernel: missing check before setting mount propagation
https://notcve.org/view.php?id=CVE-2008-2931
09 Jul 2008 — The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint. La función do_change_type en fs/namespace.c del núcleo de Linux en versiones anteriores a 2.6.22 no verifica que la persona que llama tiene la capacidad CAP_SYS_ADMIN, lo cual permite a usuarios locales conseguir privilegios o provocar una denegaci... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=ee6f958291e2a768fd727e7a67badfff0b67711a • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 8%CPEs: 15EXPL: 3CVE-2007-1285 – PHP 3/4/5 - ZendEngine Variable Destruction Remote Denial of Service
https://notcve.org/view.php?id=CVE-2007-1285
06 Mar 2007 — The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines. El motor Zend en PHP versión 4.x anterior a 4.4.7, y versión 5.x anterior a 5.2.2, permite que los atacantes remotos causen una denegación de servicio (agotamiento de pila y bloqueo de PHP) por medio de matrices profundamente anidadas, que desencadenan una profunda recu... • https://www.exploit-db.com/exploits/29692 • CWE-674: Uncontrolled Recursion •