Lucene search
K

100 matches found

Cvelist
Cvelist
added 2016/11/10 6:16 a.m.29 views

CVE-2016-7227

The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the existence of local files via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability."...

5AI score0.11616EPSS
Exploits0References4
CVE
CVE
added 2016/11/10 6:16 a.m.243 views

CVE-2016-7202

CVE-2016-7202 refers to a memory corruption vulnerability in the Chakra JavaScript scripting engine used by Microsoft Edge/IE (the “Scripting Engine Memory Corruption Vulnerability”). The connected advisories describe RCE/DoS opportunities via crafted web content, with ChakraCore as the adversari...

7.6CVSS7.8AI score0.73289EPSS
In wildExploits4References7Affected Software1
ATTACKERKB
ATTACKERKB
added 2016/11/10 12:0 a.m.30 views

CVE-2016-7202

The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka “Scripting Engine Memory Corruption Vulnerability,” as demonstrated by the Chakra...

8.8CVSS8AI score0.8249EPSS
In wildExploits13References8
Microsoft CVE
Microsoft CVE
added 2016/11/08 8:0 a.m.25 views

Microsoft Browser Information Disclosure Vulnerability

An information disclosure vulnerability exists when affected Microsoft scripting engines do not properly handle objects in memory. The vulnerability could allow an attacker to detect specific files on the user's computer. In a web-based attack scenario, an attacker could host a website that is us...

3.1CVSS0.9AI score0.11616EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2016/11/08 12:0 a.m.4 views

PT-2016-2971 · Microsoft · Browsers +2

Name of the Vulnerable Software and Affected Versions: Microsoft Edge affected versions not specified Microsoft browsers affected versions not specified Description: The issue is related to a lack of protection for internal data in Microsoft Edge, which can be exploited by a remote attacker using...

7.6CVSS8AI score0.64892EPSS
Exploits0References23
Check Point Advisories
Check Point Advisories
added 2016/11/08 12:0 a.m.7 views

Microsoft Browser Remote Code Execution (MS16-129: CVE-2016-7241)

A type confusion vulnerability has been reported in the Scripting Engines of Microsoft Edge and Internet Explorer. This vulnerability is due to improper access of objects in memory when the JSON.parse JavaScript function is called. A remote attacker could exploit this vulnerability by enticing th...

7.6CVSS7.2AI score0.71489EPSS
Exploits2
NVD
NVD
added 2016/10/14 2:59 a.m.16 views

CVE-2016-3390

The scripting engines in Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, as demonstrated by the Chakra JavaScript engine, aka "Scripting Engine Memory Corruption Vulnerability...

7.6CVSS7.5AI score0.16843EPSS
Exploits0References5
NVD
NVD
added 2016/10/14 2:59 a.m.22 views

CVE-2016-3382

The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, as demonstrated by the Chakra JavaScript engine, aka "Scripting Engine Memory Corruption...

9.3CVSS7.5AI score0.17027EPSS
Exploits0References5
Prion
Prion
added 2016/10/14 2:59 a.m.19 views

Memory corruption

The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, as demonstrated by the Chakra JavaScript engine, aka "Scripting Engine Memory Corruption...

9.3CVSS7.7AI score0.17027EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2016/10/14 1:0 a.m.57 views

CVE-2016-3390

CVE-2016-3390 affects Microsoft Internet Explorer 11 and Microsoft Edge, involving memory corruption in the Chakra-based scripting engine that can lead to remote code execution or memory corruption via a crafted website. Connected sources (GHSA-CHAKRACORE RCE) reiterate a ChakraCore RCE vector ti...

7.6CVSS7.4AI score0.16843EPSS
Exploits0References5Affected Software2
Microsoft CVE
Microsoft CVE
added 2016/10/11 7:0 a.m.31 views

Microsoft Browser Information Disclosure Vulnerability

An information disclosure vulnerability exists when affected Microsoft scripting engines do not properly handle objects in memory. The vulnerability could allow an attacker to detect specific files on the user's computer. In a web-based attack scenario, an attacker could host a website that is us...

5.3CVSS0.9AI score0.15885EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2016/09/13 7:0 a.m.35 views

Microsoft Browser Information Disclosure Vulnerability

An information disclosure vulnerability exists when affected Microsoft scripting engines do not properly handle objects in memory. The vulnerability could allow an attacker to detect specific files on the user's computer. In a web-based attack scenario, an attacker could host a website that is us...

6.5CVSS0.9AI score0.26286EPSS
Exploits1
ThreatPost
ThreatPost
added 2016/07/15 4:16 p.m.62 views

Neutrino EK Spotted Leveraging Patched IE Zero Day

Attackers behind the Neutrino Exploit Kit didn’t take long to co-op a recently patched Internet Explorer zero-day into its arsenal. Researchers claim the kit has been pushing CVE-2016-0189, a vulnerability that was reportedly used in targeted attacks on South Korean organizations earlier this yea...

9.3CVSS8.5AI score0.99945EPSS
Exploits43References8
OSV
OSV
added 2016/07/13 1:59 a.m.5 views

CVE-2016-3260

The Microsoft 1 JScript 9, 2 VBScript, and 3 Chakra JavaScript engines, as used in Microsoft Internet Explorer 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memo...

8.8CVSS6.1AI score0.23051EPSS
Exploits0References4
NVD
NVD
added 2016/07/13 1:59 a.m.15 views

CVE-2016-3259

The Microsoft 1 JScript 9, 2 VBScript, and 3 Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting...

9.3CVSS8.8AI score0.36361EPSS
Exploits0References4
OSV
OSV
added 2016/07/13 1:59 a.m.5 views

CVE-2016-3204

The Microsoft 1 JScript 5.8 and 9 and 2 VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption...

8.8CVSS6.1AI score0.18778EPSS
Exploits0References5
OSV
OSV
added 2016/06/16 1:59 a.m.3 views

CVE-2016-3202

The Microsoft 1 Chakra JavaScript, 2 JScript, and 3 VBScript engines, as used in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruptio...

7.5CVSS6.1AI score0.17353EPSS
Exploits0References4
Cvelist
Cvelist
added 2016/06/16 1:0 a.m.32 views

CVE-2016-3207

The Microsoft 1 JScript 5.8 and 2 VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption...

7.8AI score0.17401EPSS
Exploits0References4
CNVD
CNVD
added 2016/06/15 12:0 a.m.3 views

Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CNVD-2016-04055)

Microsoft Internet Explorer IE is a Web browser developed by Microsoft, and is the default browser that comes with the Windows operating system.JScript is one of the interpreted object-based scripting languages; VBScript Visual Basic Script is one of the scripting languages, and is also the defau...

7.6CVSS7.2AI score0.1466EPSS
Exploits0References1
Cvelist
Cvelist
added 2016/01/13 2:0 a.m.39 views

CVE-2016-0002

The Microsoft 1 VBScript 5.7 and 5.8 and 2 JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."...

7.7AI score0.23942EPSS
Exploits0References5
Rows per page
Query Builder