Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Github Security Blog
Github Security Blogadded 2022/05/17 12:11 a.m.19 views

ChakraCore vulnerable to remote code execution due to insufficient InlineCache check

ChakraCore and Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". An insufficient...

7.6CVSS7.5AI score0.24372EPSS
Exploits20References7Affected Software1
Veracode
Veracodeadded 2018/07/05 3:8 a.m.31 views

Remote Code Execution (RCE)

microsoft.chakracore is vulnerable to remote code execution RCE. This happens because it does not have ample InlineCache checks, leading to type confusion which allows an attacker to perform RCE. This CVE ID is different from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893,...

7.5CVSS8AI score0.76161EPSS
Exploits28References5Affected Software2
ossfuzz
ossfuzzadded 2018/06/07 5:8 p.m.20 views

chakra: Crash in JsUtil::BaseDictionary<int, SList<Js::InlineCache*, Memory::ArenaAllocator, Fake

Project: https://github.com/Microsoft/ChakraCore.git Detailed report: https://oss-fuzz.com/testcase?key=5985642830888960 Project: chakra Fuzzer: jsfuzzer Job Type: asanchakra Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x000000001048 Crash State: JsUtil::BaseDictionaryint,...

6.8AI score
Exploits0Affected Software1
Rows per page
Query Builder