CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2814 matches found

Github Security Blog•added 2022/05/24 5:8 p.m.•33 views

ChakraCore RCE Vulnerability

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767...

7.6CVSS7.5AI score0.05205EPSS

Exploits16References5Affected Software1

Github Security Blog•added 2022/05/24 5:8 p.m.•20 views

ChakraCore RCE Vulnerability

7.6CVSS7.4AI score0.05205EPSS

Exploits16References5Affected Software1

Github Security Blog•added 2022/05/24 5:8 p.m.•27 views

ChakraCore RCE Vulnerability

7.6CVSS7.4AI score0.05205EPSS

Exploits16References5Affected Software1

OSV•added 2022/05/24 5:8 p.m.•44 views

GHSA-G6MC-8679-GHX9 ChakraCore RCE Vulnerability

7.5CVSS8AI score0.05205EPSS

Exploits16References5

OSV•added 2022/05/24 5:8 p.m.•28 views

GHSA-W6QF-35F2-J6H7 ChakraCore RCE Vulnerability

7.5CVSS8AI score0.05205EPSS

Exploits16References5

Github Security Blog•added 2022/05/17 2:32 a.m.•31 views

ChakraCore information disclosure vulnerability

An information disclosure vulnerability exists in Microsoft Edge when the Chakra scripting engine does not properly handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system, a.k.a. "Scripting Engine...

4.3CVSS5.5AI score0.14872EPSS

Exploits0References7Affected Software1

OSV•added 2022/05/17 2:32 a.m.•22 views

GHSA-PJPR-2QQP-GPRF ChakraCore information disclosure vulnerability

4.3CVSS5.4AI score0.14872EPSS

Exploits0References7

Github Security Blog•added 2022/05/17 2:13 a.m.•24 views

ChakraCore information disclosure vulnerability

Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to obtain information to further compromise the user's system due to the Chakra scripting engine not properly handling objects in memory, aka "Scripting Engine Information Disclosure Vulnerability"...

4.3CVSS4.5AI score0.14559EPSS

Exploits2References7Affected Software1

OSV•added 2022/05/17 2:13 a.m.•28 views

GHSA-H6M7-JPHX-F9P5 ChakraCore information disclosure vulnerability

4.3CVSS4.2AI score0.14559EPSS

Exploits2References7

OSV•added 2022/05/17 12:32 a.m.•26 views

GHSA-HRF4-WW4W-6RV6 ChakraCore RCE Vulnerability

ChakraCore allows an attacker to execute arbitrary code in the context of the current user, due to how the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796,...

7.5CVSS7.8AI score0.26105EPSS

Exploits17References6

OSV•added 2022/05/17 12:32 a.m.•24 views

GHSA-F8F9-Q5HG-9C7Q ChakraCore RCE Vulnerability

7.5CVSS7.8AI score0.26105EPSS

Exploits17References6

Github Security Blog•added 2022/05/17 12:32 a.m.•27 views

ChakraCore RCE Vulnerability

ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792,...

7.6CVSS7.2AI score0.24372EPSS

Exploits17References7Affected Software1

OSV•added 2022/05/17 12:32 a.m.•25 views

GHSA-RHWH-JW9H-4M49 ChakraCore RCE Vulnerability

7.5CVSS7.8AI score0.24372EPSS

Exploits17References7

Github Security Blog•added 2022/05/17 12:32 a.m.•29 views

ChakraCore RCE Vulnerability

ChakraCore and Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792,...

7.6CVSS7.2AI score0.24372EPSS

Exploits17References7Affected Software1

Github Security Blog•added 2022/05/17 12:32 a.m.•22 views

ChakraCore RCE Vulnerability

7.6CVSS7.2AI score0.24372EPSS

Exploits17References7Affected Software1

OSV•added 2022/05/17 12:32 a.m.•18 views

GHSA-3C78-M682-8WP9 ChakraCore RCE Vulnerability

7.5CVSS7.8AI score0.24372EPSS

Exploits17References7

OSV•added 2022/05/17 12:19 a.m.•29 views

GHSA-PCR8-75V3-W9PF Chakra Core vulnerable to privilege escalation due to type confusion

ChakraCore and Microsoft Edge in Windows 10 1709 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". Individual Export in module...

7.5CVSS7.6AI score0.20533EPSS

Exploits17References7

OSV•added 2022/05/17 12:19 a.m.•34 views

GHSA-9F2P-WM46-6M5F Chakra Core vulnerable to privilege escalation when writing to JavaScript null scope objects

ChakraCore and Microsoft Edge in Windows 10 1703, 1709, and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory. This could be exploited using write-AV when writing to a slot of a JavaScript nu...

7.5CVSS7.5AI score0.80398EPSS

Exploits17References8

Github Security Blog•added 2022/05/17 12:19 a.m.•27 views

Chakra Core vulnerable to privilege escalation due to type confusion

7.6CVSS7AI score0.20533EPSS

Exploits17References7Affected Software1

Github Security Blog•added 2022/05/17 12:19 a.m.•26 views

Chakra Core vulnerable to privilege escalation when writing to JavaScript null scope objects

7.6CVSS6.9AI score0.80398EPSS

Exploits17References8Affected Software1

Rows per page