CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2020/11/11 6:48 a.m.•127 views

CVE-2020-17048

Technical details for CVE-2020-17048 are not publicly provided in the supplied connected documents. No specific affected products, root cause, impact, or remediation are confirmed here. Monitor for updates from NVD/MSRC/GHSA as they become available.

8.1CVSS5AI score0.02207EPSS

Microsoft CVE•added 2020/11/10 8:0 a.m.•36 views

Scripting Engine Memory Corruption Vulnerability

...

8.1CVSS8.1AI score0.06841EPSS

Microsoft CVE•added 2020/11/10 8:0 a.m.•30 views

Chakra Scripting Engine Memory Corruption Vulnerability

...

7.6CVSS7.7AI score0.01658EPSS

Microsoft KB•added 2020/11/10 8:0 a.m.•67 views

November 10, 2020—KB4586785 (OS Build 17134.1845) - EXPIRED

November 10, 2020—KB4586785 OS Build 17134.1845 - EXPIRED NEW 8/5/21 EXPIRATION NOTICEIMPORTANT As of 8/5/2021, this KB is no longer available from Windows Update, the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security quality...

9.8CVSS7.3AI score0.2052EPSS

Exploits4

Microsoft CVE•added 2020/11/10 8:0 a.m.•31 views

Chakra Scripting Engine Memory Corruption Vulnerability

...

8.1CVSS7.7AI score0.02207EPSS

Positive Technologies•added 2020/11/10 12:0 a.m.•6 views

PT-2020-4693 · Microsoft · Chakra Scripting Engine +1

Name of the Vulnerable Software and Affected Versions: Chakra Scripting Engine affected versions not specified Description: The issue is caused by a buffer overflow in memory, allowing a remote attacker to disclose protected information. It affects the Chakra scripting engine, potentially enablin...

7.6CVSS4.3AI score0.01658EPSS

Exploits0References12

Positive Technologies•added 2020/11/10 12:0 a.m.•2 views

PT-2020-4692 · Microsoft · Chakra Scripting Engine +1

Name of the Vulnerable Software and Affected Versions: Chakra Scripting Engine affected versions not specified Description: The issue is related to a memory corruption vulnerability in the Chakra scripting engine, which can be caused by a buffer overflow. This can allow a remote attacker to...

8.1CVSS4.7AI score0.02207EPSS

Exploits0References12

Positive Technologies•added 2020/11/10 12:0 a.m.•1 views

PT-2020-4709 · Microsoft · Internet Explorer +1

Name of the Vulnerable Software and Affected Versions: Internet Explorer affected versions not specified Description: The issue is related to a memory corruption vulnerability in the scripting engine of Internet Explorer, caused by a buffer overflow. This can allow a remote attacker to execute...

8.1CVSS7.8AI score0.06841EPSS

Exploits0References7

NCSC•added 2020/11/10 12:0 a.m.•2 views

Vulnerabilities fixed in Microsoft Browsers

There are several vulnerabilities in Microsoft Browsers. The vulnerabilities allow a malicious person to execute arbitrary execute code with user privileges and elevated privileges. For vulnerabilities CVE-2020-17058, CVE-2020-17052, CVE-2020-17053, CVE-2020-17048, Microsoft has had insight into...

8.1CVSS6.8AI score0.06841EPSS

VulnCheck KEV•added 2020/10/15 12:0 a.m.•0 views

VulnCheck KEV: CVE-2018-8389

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from...

7.6CVSS7.7AI score0.52956EPSS

Exploits8References1

VulnCheck KEV•added 2020/10/02 12:0 a.m.•1 views

VulnCheck KEV: CVE-2020-0968

Microsoft Internet Explorer contains a memory corruption vulnerability due to how the Scripting Engine handles objects in memory, leading to remote code execution...

7.6CVSS7.4AI score0.43673EPSS

NVD•added 2020/09/11 5:15 p.m.•16 views

CVE-2020-1180

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the...

7.6CVSS0.01658EPSS

OSV•added 2020/09/11 5:15 p.m.•22 views

CVE-2020-1057

4.2CVSS6.8AI score0.02489EPSS

Prion•added 2020/09/11 5:15 p.m.•22 views

Remote code execution

7.6CVSS5.3AI score0.01658EPSS

Prion•added 2020/09/11 5:15 p.m.•20 views

Remote code execution

7.6CVSS5.3AI score0.01635EPSS

Cvelist•added 2020/09/11 5:9 p.m.•30 views

CVE-2020-1180 Scripting Engine Memory Corruption Vulnerability

...

4.2CVSS6.2AI score0.01658EPSS

CVE•added 2020/09/11 5:9 p.m.•122 views

CVE-2020-1180

Technical details about CVE-2020-1180 (affected ChakraCore components, root cause, impact or fixes) are not publicly provided in the supplied documents. Monitor for updates from official sources to obtain concrete technical information.

7.6CVSS7.2AI score0.01658EPSS

CVE•added 2020/09/11 5:9 p.m.•148 views

CVE-2020-1172

CVE-2020-1172 describes a remote code execution in the ChakraCore scripting engine caused by memory corruption when handling objects in memory. The issue could let an attacker execute code with the current user’s privileges (high impact if the user has admin rights). The vulnerability is addresse...

7.6CVSS6.7AI score0.01635EPSS

Cvelist•added 2020/09/11 5:9 p.m.•21 views

CVE-2020-1172 Scripting Engine Memory Corruption Vulnerability

...

4.2CVSS6.2AI score0.01635EPSS