Lucene search
K

7 matches found

Openbugbounty
Openbugbounty
added 2020/03/01 6:39 p.m.6 views

jpb.lv Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1108576 Security Researcher metamorfosec Helped patch 1990 vulnerabilities Received 9 Coordinated Disclosure badges Received 32 recommendations , a holder of 9 badges for responsible and coordinated disclosure, found a security vulnerability affecting jpb.lv website and it...

0.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2017/10/24 12:0 a.m.12 views

Microsoft Edge Chakra ParseCatch Type Confusion (CVE-2017-11764)

A type confusion vulnerability exists in Microsoft Edge Chakra JavaScript Engine. The vulnerability is due to a lack of validation in the ParseCatch method which results in the generation on a malformed Abstract Syntax Tree AST. A remote attacker could exploit this vulnerability by enticing the...

7.6CVSS2.8AI score0.64437EPSS
Exploits3
Packet Storm
Packet Storm
added 2017/09/22 12:0 a.m.39 views

Microsoft Edge Chakra Parser::ParseCatch Failed eval Handle

Microsoft Edge: Chakra: Parser::ParseCatch doesn't handle "eval" CVE-2017-11764 In Javascript, the code executed by a direct call to eval shares the caller block's scopes. Chakra handles this from the parser. And there's a bug when it parses "eval" in a catch statement's param. ParseNodePtr...

7.6CVSS0.1AI score0.64437EPSS
Exploits3
Prion
Prion
added 2017/09/13 1:29 a.m.26 views

Memory corruption

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of th...

7.6CVSS7.6AI score0.72171EPSS
Exploits12References4
Prion
Prion
added 2017/09/13 1:29 a.m.24 views

Memory corruption

Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption...

7.6CVSS7.5AI score0.72171EPSS
Exploits12References4
Prion
Prion
added 2017/09/13 1:29 a.m.19 views

Memory corruption

Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from...

7.6CVSS7.5AI score0.72171EPSS
Exploits12References4
CVE
CVE
added 2017/09/13 1:0 a.m.85 views

CVE-2017-11764

CVE-2017-11764 : A type confusion vulnerability in Microsoft Edge’s Chakra JavaScript engine (ParseCatch path) allows memory corruption. Reported as an Edge scripting engine issue that can be exploited by presenting a specially crafted web page, potentially enabling remote code execution in the u...

7.6CVSS7AI score0.64437EPSS
Exploits3References4Affected Software1
Rows per page
Query Builder