CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

30 matches found

0day.today•added 2018/05/31 12:0 a.m.•78 views

Microsoft Edge Chakra EntrySimpleObjectSlotGetter Type Confusion Exploit

Microsoft Edge Chakra suffers from an issue where EntrySimpleObjectSlotGetter can have side effects that cause a type confusion vulnerability. Microsoft Edge: Chakra: EntrySimpleObjectSlotGetter can have side effects CVE-2018-8133 function optw, arr arr0 = 1.1; let res = w.event; arr0 =...

7.6AI score0.5094EPSS

Exploits4

0day.today•added 2016/11/19 12:0 a.m.•104 views

Microsoft Edge - FillFromPrototypes Type Confusion Exploit

Exploit for windows platform in category dos / poc var a = new Array0x11111111, 0x22222222, 0x33333333, 0x44444444, 0x12121212, 0x23232323, 0x12345670, 0x7777; var handler = getPrototypeOf: functiontarget, name...

7.6CVSS7.7AI score0.79687EPSS

Exploits6

Exploit DB•added 2016/11/18 12:0 a.m.•44 views

Microsoft Edge - 'FillFromPrototypes' Type Confusion

var a = new Array0x11111111, 0x22222222, 0x33333333, 0x44444444, 0x12121212, 0x23232323, 0x12345670, 0x7777; var handler = getPrototypeOf: functiontarget, name // print"get proto"; return a; ; var...

7.4AI score

Exploits0

exploitpack•added 2016/11/18 12:0 a.m.•11 views

Microsoft Edge - FillFromPrototypes Type Confusion

Microsoft Edge - FillFromPrototypes Type Confusion var a = new Array0x11111111, 0x22222222, 0x33333333, 0x44444444, 0x12121212, 0x23232323, 0x12345670, 0x7777; var handler = getPrototypeOf: functiontarget, name // print"get proto"; return a;...

0.6AI score

Exploits0

RedHat Linux•added 2016/07/18 1:51 p.m.•7 views

JDK: insecure use of invoke method in CORBA component, incorrect CVE-2013-3009 fix

The com.ibm.CORBA.iiop.ClientDelegate class in IBM SDK, Java Technology Edition 6 before SR16 FP25 6.0.16.25, 6 R1 before SR8 FP25 6.1.8.25, 7 before SR9 FP40 7.0.9.40, 7 R1 before SR3 FP40 7.1.3.40, and 8 before SR3 8.0.3.0 uses the invoke method of the java.lang.reflect.Method class in an...

9.3CVSS7.4AI score0.04382EPSS

Exploits0References5

CVE•added 2016/06/03 2:0 p.m.•116 views

CVE-2016-0363

CVE-2016-0363 affects IBM SDK, Java Technology Edition prior to specific SR updates: 6.0.16.25 (SR16 FP25) for 6.x, 6 R1 before SR8 FP25, 7 before SR9 FP40, 7 R1 before SR3 FP40, and 8 before SR3 (6.0.3.0–? not fully listed). The vulnerability arises when the invoke method of java.lang.reflect.Me...

8.1CVSS6.6AI score0.03983EPSS

Exploits0References22Affected Software6

Positive Technologies•added 2016/04/29 12:0 a.m.•3 views

PT-2016-4163 · Ibm +2 · Ibm Sdk +3

Name of the Vulnerable Software and Affected Versions: IBM SDK, Java Technology Edition versions 6.0.0 through 6.0.16.24 IBM SDK, Java Technology Edition 6 R1 versions 6.1.0 through 6.1.8.24 IBM SDK, Java Technology Edition 7 versions 7.0.0 through 7.0.9.39 IBM SDK, Java Technology Edition 7 R1...

10CVSS8.2AI score0.92334EPSS

Exploits1References73

Zero Day Initiative•added 2016/04/12 12:0 a.m.•35 views

Microsoft Edge Proxy Object Universal Cross Site Scripting Vulnerability

This vulnerability allows remote attackers to inject arbitrary script code into arbitrary domains on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

7.5CVSS3.3AI score0.15078EPSS

Exploits0References1

0day.today•added 2015/09/11 12:0 a.m.•44 views

OS X Install.framework suid root Runner Binary Privilege Escalation Vulnerability

Exploit for macOS platform in category local exploits Source: https://code.google.com/p/google-security-research/issues/detail?id=478 The Install.framework runner suid root binary does not correctly account for the fact that Distributed Objects can be connected to by multiple clients at the same...

9.3CVSS8.9AI score0.07421EPSS

Exploits1