CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2820 matches found

Tenable Nessus•added 2018/12/11 12:0 a.m.•168 views

KB4471321: Windows 10 Version 1607 and Windows Server 2016 December 2018 Security Update

The remote Windows host is missing security update 4471321. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly. An attacker who successfully exploited this vulnerability could...

10CVSS8.2AI score0.90564EPSS

Exploits10References22

Tenable Nessus•added 2018/12/11 12:0 a.m.•70 views

Security Updates for Internet Explorer (December 2018)

The Internet Explorer installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a...

7.6CVSS8.6AI score0.78404EPSS

Exploits7References9

Tenable Nessus•added 2018/12/11 12:0 a.m.•69 views

KB4471323: Windows 10 December 2018 Security Update

The remote Windows host is missing security update 4471323. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker...

10CVSS8.2AI score0.90564EPSS

Exploits10References17

Tenable Nessus•added 2018/12/10 12:0 a.m.•44 views

EulerOS 2.0 SP3 : java-1.8.0-openjdk (EulerOS-SA-2018-1386)

According to the versions of the java-1.8.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - OpenJDK: Improper field access checks CVE-2018-3169 - OpenJDK: Unrestricted access to scripting engine CVE-2018-3183 - OpenJDK:...

9CVSS6.4AI score0.00589EPSS

Exploits2References8

Veracode•added 2018/12/05 1:15 a.m.•24 views

Remote Code Execution (RCE)

Microsoft ChakraCore is vulnerable to remote code execution. This is due to how the scripting engine handles objects in memory, allowing a remote attacker to execute arbitrary code in the context of the authenticated user. This CVE ID is different from CVE-2017-0010, CVE-2017-0015, CVE-2017-0032,...

7.5CVSS7.6AI score0.84883EPSS

Exploits4References1Affected Software2

Veracode•added 2018/12/04 2:23 p.m.•29 views

Remote Code Execution (RCE)

7.5CVSS7.6AI score0.55566EPSS

Exploits2References1Affected Software2

Veracode•added 2018/12/04 2:12 p.m.•26 views

Remote Code Execution (RCE)

7.5CVSS7.9AI score0.36638EPSS

Exploits0References1Affected Software2

Veracode•added 2018/12/04 12:59 p.m.•29 views

Remote Code Execution (RCE)

Microsoft ChakraCore is vulnerable to remote code execution. This is due to how the scripting engine handles objects in memory, which allows for a remote attacker to execute arbitrary code in the context of the authenticated user. This CVE ID is different from CVE-2018-0834, CVE-2018-0835,...

7.5CVSS7.5AI score0.7974EPSS

Exploits21References6Affected Software2

Veracode•added 2018/12/04 12:56 p.m.•36 views

Remote Code Execution (RCE)

7.5CVSS7.5AI score0.7974EPSS

Exploits21References7Affected Software2

Veracode•added 2018/12/04 12:39 p.m.•32 views

Remote Code Execution (RCE)

Microsoft ChakraCore is vulnerable to remote code execution. This is due to how the scripting engine handles objects in memory, which allows a remote attacker to execute arbitrary code in the context of the user. This CVE ID is different from CVE-2018-0834, CVE-2018-0835, CVE-2018-0837,...

7.5CVSS7.5AI score0.7974EPSS

Exploits21References6Affected Software2

Veracode•added 2018/12/04 12:29 p.m.•24 views

Remote Code Execution (RCE)

Microsoft ChakraCore is vulnerable to remote code execution. This is due to how the scripting engine handles objects in memory, allowing for a remote attacker to execute arbitrary code in the context of the authenticated user. This CVE ID is different from CVE-2018-0834, CVE-2018-0836,...

7.5CVSS7.5AI score0.7974EPSS

Exploits21References7Affected Software2

Veracode•added 2018/11/16 2:45 a.m.•34 views

Remote Code Execution (RCE)

Microsoft Chakracore is vulnerable to remote code execution. The scripting engine does not properly handle objects in memory, which would allow an attacker to execute arbitrary commands in the context of the authenticated user. This CVE ID is different from CVE-2017-11886, CVE-2017-11889,...

7.5CVSS7.9AI score0.76161EPSS

Exploits28References7Affected Software2

NVD•added 2018/11/14 1:29 a.m.•22 views

CVE-2018-8588

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542,...

7.6CVSS7.6AI score0.18322EPSS

Exploits0References3

OSV•added 2018/11/14 1:29 a.m.•2 views

CVE-2018-8588

7.5CVSS7.8AI score0.18322EPSS

Exploits0References3

OSV•added 2018/11/14 1:29 a.m.•2 views

CVE-2018-8552

An information disclosure vulnerability exists when VBScript improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user's computer or data, aka "Windows Scripting Engine Memory Corruption Vulnerability." This affects Internet...

7.5CVSS7.3AI score0.47442EPSS

Exploits3References3

NVD•added 2018/11/14 1:29 a.m.•18 views

CVE-2018-8555

7.6CVSS7.6AI score0.18322EPSS

Exploits0References3

NVD•added 2018/11/14 1:29 a.m.•18 views

CVE-2018-8557

7.6CVSS7.6AI score0.18322EPSS

Exploits0References3

OSV•added 2018/11/14 1:29 a.m.•2 views

CVE-2018-8551