2820 matches found
CVE-2018-8513
CVE-2018-8513 concerns a remote code execution vulnerability in the Chakra scripting engine’s handling of in-memory objects, affecting Microsoft Edge and ChakraCore. The root cause is memory handling in Chakra’s object model that can be exploited to execute arbitrary code. The CVSS assessment in ...
CVE-2018-8505
Technical details for CVE-2018-8505 are not publicly provided in the connected documents. The entries reference Chakra/Core vulnerabilities in general but do not specify affected products, versions, root cause, impact, or fixes. Monitor for official updates.
CVE-2018-8511
Technical details for CVE-2018-8511 are not publicly available in the provided documents. Monitor for updates.
CVE-2018-8510
Technical details about CVE-2018-8510 are not provided in the supplied documents. Public information in connected sources references ChakraCore/RCE in Chakra but does not specify this CVE. Monitor for updates.
CVE-2018-8503
CVE-2018-8503 is discussed across multiple security entries linked to ChakraCore/Microsoft Edge, describing a remote code execution in the Chakra scripting engine due to memory handling of objects. The connected advisories (GHSA entries) and EUVD records identify this family as ChakraCore/RCE vul...
CVE-2018-8503
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8505, CVE-2018-8510,...
CVE-2018-8510
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8503, CVE-2018-8505,...
Microsoft Edge Chakra Scripting Engine Remote Memory Corruption Vulnerability (CNVD-2018-21218)
Edge is the default browser that comes with Microsoft's operating systems.ChakraCore is the core of an open source JavaScript engine used in Edge, and can also be used as a standalone JavaScript engine. A remote memory corruption vulnerability exists in the Microsoft Edge Chakra Scripting Engine...
Microsoft Edge Chakra Scripting Engine Remote Memory Corruption Vulnerability
Edge is the default browser that comes with Microsoft's operating systems.ChakraCore is the core of an open source JavaScript engine used in Edge, and can also be used as a standalone JavaScript engine. A remote memory corruption vulnerability exists in the Microsoft Edge Chakra Scripting Engine...
Microsoft Windows Multiple Vulnerabilities (KB4464330)
This host is missing a critical security update according to Microsoft KB4464330 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Windows Multiple Vulnerabilities (KB4462919)
This host is missing a critical security update according to Microsoft KB4462919 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Edge Chakra Scripting Engine Remote Memory Corruption Vulnerability (CNVD-2018-21213)
Edge is the default browser that comes with Microsoft's operating systems. A remote memory corruption vulnerability exists in Microsoft Edge Chakra Scripting Engine. An attacker can exploit this vulnerability to execute arbitrary code in the context of the currently logged in user. A failed attac...
Microsoft Edge Chakra Scripting Engine Remote Memory Corruption Vulnerability (CNVD-2018-21216)
Edge is the default browser that comes with Microsoft's operating systems. A bad remote memory corruption vulnerability exists in Microsoft Edge Chakra Scripting Engine. An attacker can exploit this vulnerability to execute arbitrary code in the context of the currently logged in user. A failed...
Microsoft Windows Multiple Vulnerabilities (KB4462922)
This host is missing a critical security update according to Microsoft KB4462922 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Windows Multiple Vulnerabilities (KB4462917)
This host is missing a critical security update according to Microsoft KB4462917 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
October 2018 Patch Tuesday – 49 Vulns, Critical browser patches, Hyper-V, Adobe vulns
In this month’s Patch Tuesday release there are 49 vulnerabilities patched with 12 Criticals. Out of the criticals, over half are browser-related, with the rest including Hyper-V and MSXML Parser. Microsoft Exchange covers CVE-2010-3190 which was not identified as in-scope product when originally...
Microsoft Patch Tuesday — October 18: Vulnerability disclosures and Snort coverage
Microsoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday covers 49 vulnerabilities, 12 of which are rated "critical," 34 that are rated "important,” two that are considered to have “moderate” severity and on...
October 9, 2018—KB4462919 (OS Build 17134.345)
October 9, 2018—KB4462919 OS Build 17134.345 Note This release also contains updates for Microsoft HoloLens OS Build 17134.345 released October 9, 2018. Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key...
Chakra Scripting Engine Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge HTML-based. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who...
October 9, 2018—KB4462918 (OS Build 16299.726)
October 9, 2018—KB4462918 OS Build 16299.726 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Security updates to Internet Explorer, Windows Media Player, Microsoft Graphics Component,...