Microsoft Edge Chakra Scripting Engine Memory Corruption (CVE-2018-8266)

A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

KLA11789 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Eextended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in...

KB4343897: Windows 10 Version 1709 And Windows Server Version 1709 August 2018 Security Update (Foreshadow)

The remote Windows host is missing security update 4343897. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtai...

KB4343892: Windows 10 August 2018 Security Update (Foreshadow)

The remote Windows host is missing security update 4343892. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an...

KB4343887: Windows 10 Version 1607 and Windows Server 2016 August 2018 Security Update (Foreshadow)

The remote Windows host is missing security update 4343887. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtai...

KB4343909: Windows 10 Version 1803 and Windows Server Version 1803 August 2018 Security Update (Foreshadow)

The remote Windows host is missing security update 4343909. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtai...

Network and System Reconnaissance Tool: Sandmap

Sandmap is a tool supporting network and system reconnaissance using the massive Nmap engine . It provides a user-friendly interface, automates and speeds up scanning and allows you to easily use many advanced scanning techniques. Key Features simple CLI with the ability to run pure Nmap engine...

MGASA-2018-0325 Updated wesnoth packages fix security vulnerability

The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a Code Injection vulnerability in the Lua scripting engine that can result in code execution outside the sandbox. This attack appear to be exploitable via Loading specially-crafted saved games, networked games, replays, and play...

[ASA-201807-15] wesnoth: arbitrary code execution

Arch Linux Security Advisory ASA-201807-15 ========================================== Severity: High Date : 2018-07-25 CVE-ID : CVE-2018-1999023 Package : wesnoth Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-741 Summary ======= The package wesnoth before...

CVE-2018-1999023

The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a Code Injection vulnerability in the Lua scripting engine that can result in code execution outside the sandbox. This attack appear to be exploitable via Loading specially-crafted saved games, networked games, replays, and play...

CVE-2018-1999023

The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a Code Injection vulnerability in the Lua scripting engine that can result in code execution outside the sandbox. This attack appear to be exploitable via Loading specially-crafted saved games, networked games, replays, and play...

CVE-2018-1999023

CVE-2018-1999023 affects The Battle for Wesnoth Project versions 1.7.0 through 1.14.3. The vulnerability is a Code Injection flaw in the Lua scripting engine that can lead to code execution outside the sandbox. Exploitation vectors include loading specially-crafted saved games, networked games, r...

Remote Code Execution (RCE)

microsoft.chakracore is vulnerable to remote code execution RCE. The vulnerability exists as DictionaryPropertyDescriptor::CopyFrom failed to copy the PreventFalseReference, IsShadowed, and IsOnlyOneAccessorInitialized properties from the descriptor in the scripting engine, causing a Scripting...

CVE-2018-8296

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287,...

CVE-2018-8288

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8242,...

CVE-2018-8280

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8286, CVE-2018-8290,...

CVE-2018-8286

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8280, CVE-2018-8290,...

CVE-2018-8290

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8280, CVE-2018-8286,...

CVE-2018-8294

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8280, CVE-2018-8286,...

CVE-2018-8298

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8288,...