CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2016/04/30 5:59 p.m.•1 views

DEBIAN-CVE-2016-2808

The watch implementation in the JavaScript engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code or cause a denial of service generation-count overflow, out-of-bounds HashMap write access, and...

7.5CVSS8.3AI score0.00681EPSS

OSV•added 2016/04/30 5:59 p.m.•4 views

CVE-2016-2808

7.5CVSS8.8AI score

Exploits0References15

Prion•added 2016/04/30 5:59 p.m.•13 views

Out-of-bounds

5.1CVSS8.1AI score0.00681EPSS

Exploits0References15Affected Software2

CVE•added 2016/04/30 5:0 p.m.•134 views

CVE-2016-2808

Vulnerability summary (CVE-2016-2808) : The watch() implementation in Firefox’s JavaScript engine can overflow the 32-bit generation counter of the underlying HashMap, causing a write to an invalid entry. This can enable remote attackers to execute arbitrary code or cause a denial of service when...

7.5CVSS8.2AI score0.00681EPSS

Exploits0References15Affected Software1

Debian CVE•added 2016/04/30 5:0 p.m.•36 views

CVE-2016-2808

7.5CVSS9.3AI score0.00681EPSS

Exploits0

OSV•added 2016/04/29 12:0 a.m.•0 views

UBUNTU-CVE-2016-1665

6.5CVSS7AI score0.01603EPSS

OSV•added 2016/04/27 12:0 a.m.•0 views

UBUNTU-CVE-2016-2808

7.5CVSS7.5AI score0.00681EPSS

OSV•added 2016/03/29 10:59 a.m.•3 views

CVE-2016-1646

The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via crafted...

8.8CVSS7.4AI score0.66909EPSS

Exploits1References12

ThreatPost•added 2016/03/25 9:46 a.m.•27 views

Google Fixes Four Critical Vulnerabilities in Latest Chrome Build

Google pushed out the latest version of Chrome Thursday afternoon, fixing five issues, four of them critical. The update remedies an out-of-bounds read in Chrome’s open source JavaScript engine V8, two use-after-free vulnerabilities – one in Navigation and one in Extensions – and a buffer overflo...

9.3CVSS1.9AI score0.66909EPSS

Exploits1References9

OSV•added 2016/03/08 12:0 a.m.•2 views

UBUNTU-CVE-2016-1953

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to js/src/jit/arm/Assembler-arm.cpp, and unknown other vecto...

8.8CVSS7.6AI score0.00705EPSS

RedHat Linux•added 2016/03/07 3:22 a.m.•3 views

chromium-browser: Multiple unspecified vulnerabilities in V8 before 4.9.385.26

Multiple unspecified vulnerabilities in Google V8 before 4.9.385.26, as used in Google Chrome before 49.0.2623.75, allow attackers to cause a denial of service or possibly have other impact via unknown vectors...

10CVSS7.4AI score0.00889EPSS

OSV•added 2016/03/05 12:0 a.m.•0 views

UBUNTU-CVE-2016-2843

9.8CVSS7.3AI score0.00889EPSS

CNVD•added 2016/01/28 12:0 a.m.•0 views

Google Chrome Denial of Service Vulnerability (CNVD-2016-00722)

Google Chrome is a web browser. Google V8 is one of the open source JavaScript engines. A security vulnerability exists in Google Chrome that allows remote attackers to build malicious web pages that can be exploited to trick users into parsing, which can crash applications...

9.3CVSS8.9AI score0.01427EPSS

CNVD•added 2016/01/28 12:0 a.m.•2 views

Google Chrome V8 Denial of Service Vulnerability (CNVD-2016-00780)

Google Chrome is the United States Google Google company developed a Web browser. Google V8 is one of the open source JavaScript engine. A security vulnerability exists in Google Chrome prior to version 48.0.2564.82 and in Google V8 prior to version 4.8.271.17, which it uses. An attacker can...

9.8CVSS8.9AI score0.003EPSS

CNVD•added 2016/01/28 12:0 a.m.•1 views

Google Chrome V8 Denial of Service Vulnerability (CNVD-2016-00713)

Google Chrome is a web browser. Google V8 is one of the open source JavaScript engines. The 'LoadIC::UpdateCaches' function in the ic/ic.cc file of Google V8 used by Google Chrome fails to check for receiver compatibility before executing the variable, allowing remote attackers to exploit the...

7.6CVSS9.1AI score0.01029EPSS

Exploits1References1

OSV•added 2016/01/25 11:59 a.m.•2 views

CVE-2016-2051

Multiple unspecified vulnerabilities in Google V8 before 4.8.271.17, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via unknown vectors...

9.8CVSS5.8AI score

CNVD•added 2016/01/15 12:0 a.m.•3 views

Microsoft Edge Arbitrary Code Execution Vulnerability

Microsoft Edge is a web browser developed by Microsoft USA and is the default browser that comes with the Windows 10 operating system. A security vulnerability in Microsoft Edge's Chakra JavaScript engine allows a remote attacker to build special WEB pages that can be tricked into parsing by user...

9.3CVSS7.1AI score0.32396EPSS

OSV•added 2016/01/13 5:59 a.m.•1 views

CVE-2016-0002

The Microsoft 1 VBScript 5.7 and 5.8 and 2 JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."...

7.5CVSS6.1AI score0.47218EPSS