Lucene search
K

16 matches found

Github Security Blog
Github Security Blog
added 2022/05/13 1:20 a.m.37 views

ChakraCore RCE Vulnerability

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from...

7.6CVSS7.4AI score0.14443EPSS
Exploits0References5Affected Software1
Malwarebytes
Malwarebytes
added 2018/09/26 5:13 p.m.1402 views

Buggy implementation of CVE-2018-8373 vulnerability used to deliver Quasar RAT

A variant of a remote code execution vulnerability with Internet Explorer's scripting engine known as CVE-2018-8373 patched last August has been found in the wild. Looking at the IOCs posted by our colleagues at TrendMicro, we recognized the infrastructure serving this exploit. The same static...

7.6CVSS0.4AI score0.87814EPSS
Exploits9
Check Point Advisories
Check Point Advisories
added 2018/08/21 12:0 a.m.9 views

Microsoft Windows VBScript Engine Remote Code Execution (CVE-2018-8373)

A remote code execution vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to an improper handling of objects in memory. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.6CVSS4.1AI score0.61912EPSS
Exploits1
ThreatPost
ThreatPost
added 2018/08/20 4:39 p.m.145 views

Darkhotel Exploits Microsoft Zero-Day VBScript Flaw

Researchers have discovered that the Darkhotel APT is exploiting a recently-patched zero-day vulnerability impacting Microsoft VBScript. Researchers at Trend Micro recently disclosed the flaw in Microsoft Visual Basic Scripting Engine VBScript, an active scripting language developed by Microsoft...

7.6CVSS7.7AI score0.87814EPSS
Exploits9References6
myhack58
myhack58
added 2018/08/18 12:0 a.m.1490 views

Use CVE-2018-8373 0day vulnerabilities the attacks the Darkhotel gang-related analysis-vulnerability warning-the black bar safety net

Background 2018 8 on 15 May, the network security company Trend Micro disclosed its in this year 7 month to capture an example in the wild 0day vulnerability to attack, the attack uses the Windows VBScript Engine code execution vulnerability, through the analysis and comparison found that the 0da...

7.6CVSS0.5AI score0.87814EPSS
Exploits9
NVD
NVD
added 2018/08/15 5:29 p.m.19 views

CVE-2018-8373

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from...

7.6CVSS7.8AI score0.61912EPSS
Exploits1References4
Prion
Prion
added 2018/08/15 5:29 p.m.34 views

Remote code execution

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from...

7.6CVSS7.6AI score0.68242EPSS
Exploits10References3Affected Software1
Prion
Prion
added 2018/08/15 5:29 p.m.23 views

Remote code execution

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8353,...

7.6CVSS7.6AI score0.68242EPSS
Exploits10References4Affected Software1
Prion
Prion
added 2018/08/15 5:29 p.m.30 views

Remote code execution

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from...

7.6CVSS7.6AI score0.68242EPSS
Exploits10References3Affected Software1
Prion
Prion
added 2018/08/15 5:29 p.m.28 views

Remote code execution

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8371, CVE-2018-8372,...

7.6CVSS7.7AI score0.68242EPSS
Exploits10References3
CVE
CVE
added 2018/08/15 5:0 p.m.1090 views

CVE-2018-8373

CVE-2018-8373 describes a remote code execution vulnerability in Internet Explorer due to how the scripting engine handles objects in memory. Affected software includes Internet Explorer 9, 10, and 11. The root cause is memory handling flaws in the scripting engine that can be triggered remotely ...

7.6CVSS6.8AI score0.61912EPSS
In wildExploits1References4Affected Software1
Circl
Circl
added 2018/08/15 4:0 a.m.12 views

CVE-2018-8373

creationtimestamp| type| source ---|---|--- 2018-08-15 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=316 2018-08-16 05:48:34+00:00| seen| MISP/5b75100d-54dc-420e-8c2f-5667ac100a5a 2018-08-20 19:07:25+00:00| seen| MISP/5b7b1061-8fd4-417a-84d7-23d2ac12042b 2018-09-26...

7.6CVSS7.1AI score0.61912EPSS
Exploits1References9
ATTACKERKB
ATTACKERKB
added 2018/08/15 12:0 a.m.28 views

CVE-2018-8373

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka “Scripting Engine Memory Corruption Vulnerability.” This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from...

7.6CVSS0.9AI score0.68242EPSS
In wildExploits10References4
ThreatPost
ThreatPost
added 2018/08/14 8:42 p.m.100 views

Patch Tuesday: Microsoft Addresses Two Zero-Days in 60-Flaw Roundup

Microsoft has rolled out its August Patch Tuesday fixes, addressing 19 critical vulnerabilities, including fixes for two zero-day vulnerabilities that are under active attack. Overall, the company patched a total of 60 flaws, spanning Microsoft Windows, Edge, Internet Explorer IE, Office, .NET...

10CVSS0.1AI score0.73968EPSS
Exploits1References7
Kaspersky
Kaspersky
added 2018/08/14 12:0 a.m.70 views

KLA11789 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Eextended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in...

9.3CVSS8.8AI score0.67874EPSS
Exploits3References44
VulnCheck KEV
VulnCheck KEV
added 2018/07/11 12:0 a.m.3 views

VulnCheck KEV: CVE-2018-8373

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer...

7.6CVSS7.8AI score0.61912EPSS
Exploits1References1
Rows per page
Query Builder