MS15-018 Microsoft Internet Explorer 10 and 11 Cross-Domain JavaScript Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "MS15-018 Microsoft Internet Explorer 10 and 11 Cross-Domain JavaScript Injection", 'Description' = %q This module exploits a universal cross-site...

GHSA-XPHQ-3X6Q-Q2QQ ChakraCore information disclosure vulnerability

An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user's computer or data, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore,...

CVE-2021-26419

Scripting Engine Memory Corruption Vulnerability Recent assessments: architect00 at May 14, 2021 10:33am UTC reported: Details The vulnerability affects Internet Explorer 11 on all Windows Versions. It is located in the jscript9.dll library, which is used to execute javascript. Possible attack...

CVE-2020-0986

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka ‘Windows Kernel Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269,...

CVE-2020-0674: Internet Explorer Scripting Engine Memory Corruption Vulnerability

A remote code execution vulnerability exists in some versions of Internet Explorer. An attacker who is able to convince a user to visit a malicious or compromised website may be able to execute code on the affected system, with the same permissions as the user. The vulnerability affects IE 9 on...

Clario: Multiple Links Vulnerable to Reflected xss

Summary Multiple Links Vulnerable to Reflected xss in https://mackeeper.com/mk/de/ Steps to reproduce goto these links and xss will be triggered...

CVE-2019-18652

CVE-2019-18652 affects WatchGuard XMT515 (firmware ≤ 12.1.3). A DOM/XSS vulnerability arises from insufficient validation of client-side data in the web application, allowing a remote attacker to cause the execution of JavaScript in a victim’s browser via a crafted link. Connected sources confirm...

Symantec DLP 15.5 MP1 - Cross-Site Scripting Vulnerability

Exploit for multiple platform in category web applications Exploit Title: Persistent XSS on Symantec DLP = 15.5 MP1 Exploit Author: Chapman Schleiss Vendor Homepage: https://www.symantec.com/ Software Link: https://support.symantec.com/us/en/mysymantec.html Version: = 15.5 MP1 CVE : 2019-9701...

GitHub ID is SandboxEscaper the user again upload 2 zero-day-vulnerability warning-the black bar safety net

GitHub ID is SandboxEscaper user before on GitHub uploaded a similar security function vulnerability after this time and released for the other two Microsoft zero-day demo code. As a result, the user in the past ten months the release of WIndows zero-day vulnerability has reached 7 months. The tw...

SandboxEscaper Drops Three More Windows Exploits, IE Zero-Day

On the heels of releasing a Windows zero-day exploit on Wednesday, developer SandboxEscaper has dropped exploit code for four more flaws on Thursday morning. On Wednesday, she dropped a Windows zero-day exploit that would allow local privilege-escalation LPE, by importing legacy tasks from other...

Microsoft Internet Explorer CVE-2019-0930 Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Internet Explorer 10 Microsoft Internet Explorer 11 Microsoft...

The IE 11 browser is the explosion of security vulnerabilities: remotely steal local PC file-bug warning-the black bar safety net

Recently security experts in the IE 11 browser on the found new vulnerabilities in the process. MHT saved page can allow a hacker to steal the PC on the file. More importantly. MHT file format the default processing application is the IE 11 browser, so even the Chrome as the default web browser o...

Microsoft Internet Explorer Scripting Engine CVE-2019-0835 Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to an information disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Internet Explorer 10 Microsoft Internet Explorer 11 Recommendation...

CVE-2018-8631

CVE-2018-8631 is a remote code execution vulnerability in Microsoft Internet Explorer caused by improper access to objects in memory. Affects Internet Explorer 9, 10, and 11. The issue enables an attacker to execute arbitrary code on a vulnerable system, with attack vector over network and user i...

Microsoft Internet Explorer CVE-2018-8631 Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. An attacker can exploit this issue to execute arbitrary code in the context of the current user. Faile...

Remote code execution

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11...

Microsoft Internet Explorer CVE-2018-0949 Security Bypass Vulnerability

Description Microsoft Internet Explorer is prone to a security-bypass vulnerability. Successfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions. This may lead to other attacks. Internet Explorer 9, 10 and 11 are vulnerable...

Hanno's projects: Reflected xss in Serendipity's /index.php

Summary: There exists a reflected xss threat in https://blog.fuzzing-project.org/index.php?frontpage. Description: By setting the serendipity%5bmultiCat%5d%5b%5d POST input to 1'"&%prompt1 I'm able to trigger a JavaScript prompt box in versions of IE up to and including IE 11. Steps To Reproduce:...

Microsoft Internet Explorer CVE-2018-8113 Security Bypass Vulnerability

Description Microsoft Internet Explorer is prone to a security-bypass vulnerability. Successfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions. This may lead to other attacks. Internet Explorer 11 is vulnerable. Technologies...

Microsoft Internet Explorer CVE-2018-0929 Information Disclosure Vulnerability

Description Microsoft Internet Explorer are prone to an information-disclosure vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Successful exploits will allow attackers to obtain sensitive information that may aid in further...