2814 matches found
Memory corruption
Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the Edge JavaScript scripting engine fails to handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8520,...
CVE-2017-8517
CVE-2017-8517 affects Microsoft browsers in Windows platforms (Windows 7/8.1/10, Windows Server 2008R2-2016, etc.) where the JavaScript engine memory handling can trigger arbitrary code execution. The root cause is memory handling in the scripting engine failing to render objects in memory, enabl...
CVE-2017-8499
CVE-2017-8499 affects Microsoft Edge on Windows 10 (1703). The description and CNVD entry indicate a remote memory corruption vulnerability in Edge’s scripting engine that can allow arbitrary code execution in the context of the current user when Edge mishandles in-memory objects. Mitigation is v...
CVE-2017-8549
CVE-2017-8549 affects Microsoft Edge in Windows 10 (Gold, 1511, 1607, 1703) and Windows Server 2016. Description: Edge improperly handles objects in memory, enabling information disclosure that could help an attacker further compromise the system (Scripting Engine Memory Corruption). Connected do...
CVE-2017-8521
CVE-2017-8521 affects Microsoft Edge on Windows 10 version 1703, where the Edge JavaScript scripting engine can incorrectly handle in-memory objects, enabling remote code execution in the context of the current user when memory is corrupted. Connected sources corroborate a memory-corruption vecto...
Microsoft Windows Multiple Vulnerabilities (KB4022717)
This host is missing a critical security update according to Microsoft KB4022717 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
KLA11842 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in...
NSEarch - Nmap Scripting Engine Search
Nsearch, is a tool that helps you to find scripts that are used by nmap nse , you can search the scripts using differents keyword as the name, category and author, even using all the keyword in a single query,it is also possible to see the documentation of the scripts founded. Requeriments $ pip...
May 9, 2017—KB4016871 (OS Build 15063.296 and 15063.297)
May 9, 2017—KB4016871 OS Build 15063.296 and 15063.297 Improvements and fixes This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issue with Surface Hub devices waking from sleep approximately eve...
CVE-2017-0223
A remote code execution vulnerability exists in Microsoft Chakra Core in the way JavaScript engines render when handling objects in memory. aka "Scripting Engine Memory Corruption Vulnerability". This vulnerability is unique from CVE-2017-0252...
CVE-2017-0228
A remote code execution vulnerability exists in Microsoft browsers in the way JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235,...
Microsoft Edge Remote Code Execution Vulnerability
Microsoft Edge is the web browser built into the Windows 10 version. A remote code execution vulnerability exists in the scripting engine presentation when Microsoft Edge handles in-memory objects, where an attacker could execute arbitrary code in the current user context...
Microsoft Edge Remote Memory Corruption Vulnerability (CNVD-2017-06594)
Microsoft Edge is the web browser built into the Windows 10 version. A remote memory corruption vulnerability exists in the scripting engine presentation when Microsoft Edge handles in-memory objects, where an attacker could execute arbitrary code in the current user context...
Microsoft Edge Remote Memory Corruption Vulnerability (CNVD-2017-06588)
Microsoft Edge is the web browser built into the Windows 10 version. A remote memory corruption vulnerability exists in the scripting engine presentation when Microsoft Edge handles in-memory objects, where an attacker could execute arbitrary code in the current user context...
May 9, 2017—KB4019474 (OS Build 10240.17394)
May 9, 2017—KB4019474 OS Build 10240.17394 Improvements and fixes This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issue where Windows Event Forwarding between two 2012 R2 servers makes reports...
Scripting Engine Information Disclosure Vulnerability
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. In a web-based attack scenario, an...
Microsoft Edge asm.js Type Confusion (CVE-2017-0093)
A type confusion vulnerability has been reported in Microsoft Edge Scripting Engine. The vulnerability is due to improper parsing of eval function arguments when it accesses an asm.js function. A remote attacker could exploit this vulnerability by enticing the target user to open a specially...
Microsoft Internet Explorer Scripting Engine Remote Memory Corruption Vulnerability (CNVD-2017-05770)
Internet Explorer is a web browser from Microsoft. A memory corruption vulnerability exists in the way Internet Explorer handles memory objects in the JScript/VBScript engine presentation, which can be exploited by an attacker to execute arbitrary code...
Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CNVD-2017-05768)
Microsoft Edge is the web browser built into the Windows 10 version. A memory corruption vulnerability exists in the way the Microsoft browser handles in-memory objects in the scripting engine presentation, which can be exploited by an attacker to execute arbitrary code and corrupt memory...
Microsoft Edge Scripting Engine Information Disclosure Vulnerability (CNVD-2017-05508)
Microsoft Edge is the web browser built into the Windows 10 version. Microsoft Edge suffers from a Scripting Engine Information Disclosure vulnerability that can be exploited by an attacker to obtain sensitive information...