78 matches found
Microsoft Locks Down IE Mode After Hackers Turned Legacy Feature Into Backdoor
Microsoft said it has revamped the Internet Explorer IE mode in its Edge browser after receiving "credible reports" in August 2025 that unknown threat actors were abusing the backward compatibility feature to gain unauthorized access to users' devices. "Threat actors were leveraging basic social...
Out-of-Bounds
Overview Microsoft.ChakraCore is a core part of the Chakra Javascript engine that powers Microsoft Edge Affected versions of this package are vulnerable to Out-of-Bounds via the Chakra JavaScript engine in Microsoft Edge. An attacker can execute arbitrary code or cause a denial of service memory...
Out-of-Bounds
Overview Microsoft.ChakraCore is a core part of the Chakra Javascript engine that powers Microsoft Edge Affected versions of this package are vulnerable to Out-of-Bounds via the Chakra JavaScript engine in Microsoft Edge. An attacker can execute arbitrary code or cause a denial of service memory...
VulnCheck KEV: CVE-2016-3199
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3214...
VulnCheck KEV: CVE-2016-3377
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3350...
VulnCheck KEV: CVE-2016-7203
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200,...
VulnCheck KEV: CVE-2016-0191
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0186 and CVE-2016-0193...
CVE-2019-1335
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1307, CVE-2019-1308, CVE-2019-1366...
Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CNVD-2019-36879)
Edge is Microsoft's browser for Windows 10, characterized as fast and secure.Chakra JScript engine is a JavaScript engine developed by Microsoft for its Internet Explorer 9, Internet Explorer 10, Internet Explorer 11, and Microsoft Edge web browsers. A memory corruption vulnerability in the Chakr...
Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CNVD-2019-36878)
Edge is Microsoft's browser for Windows 10, characterized as fast and secure.Chakra JScript engine is a JavaScript engine developed by Microsoft for its Internet Explorer 9, Internet Explorer 10, Internet Explorer 11, and Microsoft Edge web browsers. A memory corruption vulnerability in the Chakr...
Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CNVD-2019-36877)
Edge is Microsoft's browser for Windows 10, characterized as fast and secure.Chakra JScript engine is a JavaScript engine developed by Microsoft for its Internet Explorer 9, Internet Explorer 10, Internet Explorer 11, and Microsoft Edge web browsers. A memory corruption vulnerability in the Chakr...
JSC Exploits
Posted by Samuel Groß, Project Zero In this post, we will take a look at the WebKit exploits used to gain an initial foothold onto the iOS device and stage the privilege escalation exploits. All exploits here achieve shellcode execution inside the sandboxed renderer process WebContent on iOS...
Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CNVD-2019-28643)
Edge is Microsoft's browser for Windows 10.Chakra JScript engine is a JavaScript engine developed by Microsoft for its web browsers Internet Explorer 9, Internet Explorer 10, Internet Explorer 11, and Microsoft Edge web browsers. A memory corruption vulnerability exists in Microsoft Edge. The...
Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CNVD-2019-28640)
Edge is Microsoft's browser for Windows 10.Chakra JScript engine is a JavaScript engine developed by Microsoft for its web browsers Internet Explorer 9, Internet Explorer 10, Internet Explorer 11, and Microsoft Edge web browsers. A memory corruption vulnerability exists in Microsoft Edge. The...
Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CNVD-2019-28641)
Edge is Microsoft's browser for Windows 10, Chakra JScript engine is a JavaScript engine developed by Microsoft for its Internet Explorer 9, Internet Explorer 10, Internet Explorer 11 and Microsoft Edge and other web browsers. A memory corruption vulnerability exists in Microsoft Edge. The...
Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CNVD-2019-28644)
Edge is Microsoft's browser for Windows 10.Chakra JScript engine is a JavaScript engine developed by Microsoft for its web browsers Internet Explorer 9, Internet Explorer 10, Internet Explorer 11, and Microsoft Edge web browsers. A memory corruption vulnerability exists in Microsoft Edge. The...
PT-2019-3066 · Microsoft · Edge
Name of the Vulnerable Software and Affected Versions: Microsoft Edge affected versions not specified Description: The issue is related to errors in handling objects in memory by the Chakra scripting engine in Microsoft Edge. This could allow a remote attacker to execute arbitrary code using a...
PT-2019-3062 · Microsoft · Edge
Name of the Vulnerable Software and Affected Versions: Microsoft Edge affected versions not specified Description: A remote code execution issue exists in the way the Chakra scripting engine handles objects in memory. This could allow an attacker to execute arbitrary code in the context of the...
PT-2019-3064 · Microsoft · Edge
Name of the Vulnerable Software and Affected Versions: Microsoft Edge HTML-based affected versions not specified Description: A remote code execution issue exists in the way the Chakra scripting engine handles objects in memory. This could allow an attacker to execute arbitrary code in the contex...
PT-2019-3006 · Microsoft · Edge
Name of the Vulnerable Software and Affected Versions: Microsoft Edge affected versions not specified Description: The issue is related to errors in handling objects in memory by the Chakra JavaScript engine in Microsoft Edge. This could allow a remote attacker to execute arbitrary code using a...