Lucene search
K

481 matches found

CVE
CVE
added 2021/03/11 3:7 p.m.1223 views

CVE-2021-26411

CVE-2021-26411 (Internet Explorer Memory Corruption) is a memory-corruption vulnerability in IE that was exploited in the wild as a zero‑day. Project Zero’s analysis attributes two primary bug patterns to IE exploitation: a use-after-free caused by a user-controlled callback between object operat...

8.8CVSS8.2AI score0.81103EPSS
In wild
CVE
CVE
added 2020/09/11 5:8 p.m.1098 views

CVE-2020-0878

CVE-2020-0878 is a memory corruption vulnerability in the way Microsoft Edge/Internet Explorer access objects in memory, enabling remote code execution in the context of the current user. Public description confirms a network-exploitable scenario via malicious websites or compromised sites, with ...

7.5CVSS7.8AI score0.02696EPSS
In wild
CVE
CVE
added 2016/11/10 6:16 a.m.1079 views

CVE-2016-7200

CVE-2016-7200 refers to a memory-corruption/remote-code-execution vulnerability in the Chakra JavaScript engine used by Microsoft Edge. The Connected documents confirm this family of issues (ChakraCore/RCE vulnerabilities) and note it as a memory-corruption-based flaw triggered by a crafted site,...

8.8CVSS7.8AI score0.8249EPSS
In wild
CVE
CVE
added 2016/11/10 6:16 a.m.1063 views

CVE-2016-7201

Technical details about CVE-2016-7201 are not publicly provided in the supplied documents. Monitor official advisories for updates on affected components, versions, impact, and remediations.

8.8CVSS7.8AI score0.79687EPSS
In wild
CVE
CVE
added 2015/02/02 7:0 p.m.1048 views

CVE-2015-0313

Adobe Flash Player is affected by a use-after-free vulnerability (CVE-2015-0313) that enables remote code execution via crafted SWF handling. Affected products include Flash Player versions prior to 13.0.0.269 and 14.x–16.x prior to 16.0.0.305 on Windows/macOS, and prior to 11.2.202.442 on Linux....

10CVSS7.9AI score0.95683EPSS
In wild
CVE
CVE
added 2015/01/23 9:0 p.m.916 views

CVE-2015-0311

CVE-2015-0311 affects Adobe Flash Player on Windows/macOS up to 16.0.0.287 and Linux 11.2.202.438, described as an unspecified vulnerability that allowed remote code execution via unknown vectors. Exploitation in the wild was reported in January 2015. Connected sources confirm this is a remote-co...

10CVSS7.7AI score0.8582EPSS
In wild
CVE
CVE
added 2016/09/14 10:0 a.m.897 views

CVE-2016-3351

CVE-2016-3351 is a information-disclosure vulnerability affecting Microsoft Internet Explorer (IE) 9–11 and Microsoft Edge. The issue arises from improper handling of objects in memory by affected scripting engines, which could allow a remote attacker to detect or obtain sensitive files on the us...

6.5CVSS4.8AI score0.26286EPSS
In wild
CVE
CVE
added 2017/06/15 1:0 a.m.498 views

CVE-2017-8524

CVE-2017-8524 is a memory corruption vulnerability in Microsoft’s JavaScript engine affecting multiple Windows versions (Windows 7 SP1, 8.1/RT 8.1, 8, 2012/2012 R2, 10 versions, and Server 2016). The root cause is memory handling in the scripting engine during rendering of objects, enabling remot...

7.6CVSS6.2AI score0.09787EPSS
CVE
CVE
added 2020/02/11 9:23 p.m.320 views

CVE-2020-0713

Technical details for CVE-2020-0713 are not publicly available in the provided documents. Monitor for updates from official advisories; no affected products, vectors, or fixes are disclosed here.

7.6CVSS7.9AI score0.10124EPSS
In wild
CVE
CVE
added 2017/06/15 1:0 a.m.292 views

CVE-2017-8529

CVE-2017-8529 is an information-disclosure flaw in Internet Explorer caused by improper handling of in-memory objects by Microsoft scripting engines. It affects IE on Windows 7 SP1, Windows 8.1/RT 8.1, Windows Server 2008 R2 SP1, 2012/2012 R2, and Windows 10/Server 2016 family as documented by th...

6.5CVSS6AI score0.14265EPSS
CVE
CVE
added 2020/02/11 9:23 p.m.274 views

CVE-2020-0711

Technical details about CVE-2020-0711 are not publicly provided in the connected documents. The EUVD entries mention malware but do not specify affected product, root cause, impact, or remediation.

7.6CVSS7.9AI score0.10124EPSS
In wild
CVE
CVE
added 2017/06/15 1:0 a.m.272 views

CVE-2017-8522

CVE-2017-8522 affects Microsoft Windows browsers (IE/Edge) and the scripting engine, where memory handling of objects can cause arbitrary code execution. The issue is described as a Scripting Engine Memory Corruption Vulnerability impacting Windows 8.1/RT 8.1, Server 2012/R2, 2016, and Windows 10...

7.6CVSS6.2AI score0.08215EPSS
CVE
CVE
added 2020/02/11 9:23 p.m.270 views

CVE-2020-0712

Technical details about CVE-2020-0712 are not publicly provided in the connected documents. The available sources describe unrelated EUVD entries (malicious code/malware notes). Monitor for updates from the listed references and authoritative security advisories.

7.6CVSS7.9AI score0.10124EPSS
In wild
CVE
CVE
added 2020/02/11 9:23 p.m.266 views

CVE-2020-0710

CVE-2020-0710 describes a remote code execution in the ChakraCore scripting engine related to how it handles objects in memory. The CVE entry cites a high impact (CVSS v3.1 base score 7.5) with network access required and user interaction needed. Affected component: ChakraCore memory object handl...

7.6CVSS7.9AI score0.10124EPSS
In wild
CVE
CVE
added 2018/08/15 5:0 p.m.262 views

CVE-2018-8390

CVE-2018-8390 is a remote code execution vulnerability in the ChakraCore scripting engine's in-memory object handling, affecting Microsoft Edge and ChakraCore. The root cause is memory corruption in the scripting engine, enabling potential code execution with network access and user interaction r...

7.6CVSS6.8AI score0.14443EPSS
In wild
CVE
CVE
added 2019/11/12 6:53 p.m.258 views

CVE-2019-1426

Technical details for CVE-2019-1426 are not publicly provided in the connected documents. No specific affected product/version/root cause is reproduced here. Monitor for vendor advisories or additional disclosures to confirm impact and remediation.

7.6CVSS7.5AI score0.09374EPSS
In wild
CVE
CVE
added 2018/08/15 5:0 p.m.257 views

CVE-2018-8372

Microsoft Edge Chakra (ChakraCore) and Internet Explorer are affected by a remote code execution vulnerability in the scripting engine due to memory-object handling issues. The CVE-2018-8372 family (and related CVEs) describes a memory-corruption flaw that enables code execution via crafted objec...

7.6CVSS6.8AI score0.24766EPSS
In wild
CVE
CVE
added 2020/02/11 9:23 p.m.257 views

CVE-2020-0767

Technical details for CVE-2020-0767 are not publicly available in the provided connected documents. Monitor for updates.

7.6CVSS7.9AI score0.17597EPSS
In wild
CVE
CVE
added 2018/08/15 5:0 p.m.244 views

CVE-2018-8385

CVE-2018-8385 describes a remote code execution vulnerability in how the Microsoft scripting engine handles objects in memory, leading to memory corruption. Affected products listed in the description include Internet Explorer 9, ChakraCore, Internet Explorer 11, Microsoft Edge, and Internet Expl...

7.6CVSS6.8AI score0.1425EPSS
In wild
CVE
CVE
added 2018/08/15 5:0 p.m.241 views

CVE-2018-8355

CVE-2018-8355 is a remote code execution vulnerability in Microsoft’s scripting stack (ChakraCore, Internet Explorer 11, Edge) due to memory handling flaws in the scripting engine. Public details in connected sources point to an object/memory handling vulnerability exploited via type-confusion in...

7.6CVSS6.8AI score0.68242EPSS
In wild
CVE
CVE
added 2020/04/15 3:13 p.m.240 views

CVE-2020-0970

CVE-2020-0970 describes a remote code execution vulnerability in the ChakraCore scripting engine, arising from how the engine handles in-memory objects. It is associated with ChakraCore used by Microsoft Edge/Internet Explorer, and is explicitly distinguished from CVE-2020-0968. The connected doc...

7.6CVSS8AI score0.13303EPSS
In wild
CVE
CVE
added 2018/07/11 12:0 a.m.230 views

CVE-2018-8288

CVE-2018-8288 is a remote code execution vulnerability in ChakraCore, Internet Explorer 11, and Microsoft Edge caused by memory handling of objects in the scripting engine (memory corruption). The CVE notes high impact with network access and required user interaction. Public references in the co...

7.6CVSS6.7AI score0.70028EPSS
In wild
CVE
CVE
added 2019/04/09 8:15 p.m.229 views

CVE-2019-0739

Technical details for CVE-2019-0739 are not available in the provided connected documents. The sources only offer a high-level description of an Edge scripting engine memory corruption without specifying affected components, versions, impact, or fixes.

7.6CVSS7.6AI score0.11107EPSS
In wild
CVE
CVE
added 2019/11/12 6:53 p.m.226 views

CVE-2019-1428

Technical details for CVE-2019-1428 are not publicly provided in the connected documents. The available materials confirm Edge memory corruption in HTML-based scripting engine but do not specify affected versions, exploit vectors, or fixes. Monitor for vendor advisories.

7.6CVSS7.5AI score0.09374EPSS
In wild
CVE
CVE
added 2018/07/11 12:0 a.m.223 views

CVE-2018-8291

The CVE-2018-8291 entry describes a remote code execution in the ChakraCore scripting engine affecting ChakraCore, Internet Explorer 11, and Microsoft Edge due to memory handling in scripting objects. Root cause: memory object handling in the scripting engine leading to RCE. Public references sho...

7.6CVSS6.7AI score0.70028EPSS
In wild
CVE
CVE
added 2019/11/12 6:53 p.m.221 views

CVE-2019-1427

Technical details for CVE-2019-1427 are not publicly provided in the connected documents. We cannot specify affected products, root cause, impact, or fixes from these sources. Monitor official advisories and vendor disclosures for updates.

7.6CVSS7.5AI score0.09374EPSS
In wild
CVE
CVE
added 2018/07/11 12:0 a.m.213 views

CVE-2018-8287

CVE-2018-8287 describes a remote code execution vulnerability in the ChakraCore scripting engine and affected Microsoft browsers (Internet Explorer 11, Edge) due to memory handling. The connected advisories (GHSA) mirror the description and identify ChakraCore as the affected component; no specif...

7.6CVSS6.7AI score0.16376EPSS
In wild
CVE
CVE
added 2025/02/06 10:41 p.m.202 views

CVE-2025-21253

CVE-2025-21253 affects Microsoft Edge for iOS and Android. A spoofing vulnerability is described, arising from UI handling errors that could mislead users. The CVE has a MEDIUM base score (CVSSv3.1: 5.3; Network attack vector, no user interaction required, low attack complexity) per the provided ...

5.3CVSS5.2AI score0.01183EPSS
CVE
CVE
added 2020/03/12 3:48 p.m.196 views

CVE-2020-0827

Technical details about CVE-2020-0827 are not publicly provided in the supplied documents. The connected EUVD records mention malware in 'sbrugna' but do not describe affected products, root cause, or mitigation. Monitor for updates.

7.6CVSS7.8AI score0.13303EPSS
CVE
CVE
added 2016/12/20 5:54 a.m.178 views

CVE-2016-7288

CVE-2016-7288 is discussed in connected analysis as an MS Edge UAF vulnerability in the JavaScript TypedArray.sort path (TypedArrayBase::EntrySort) triggered via a user-supplied compare function. The root cause is memory-safety misuse during qsort_s-based sorting of TypedArrays, enabling memory c...

7.6CVSS7.6AI score0.70354EPSS
Web
CVE
CVE
added 2019/01/08 9:0 p.m.171 views

CVE-2019-0539

CVE-2019-0539 is an in-memory memory-corruption vulnerability in Microsoft Edge/ChakraCore where the Chakra JIT/type-confusion paths expose remote code execution. Public references describe exploitation through Type Confusion in Chakra Core/Edge, with exploit examples showing read/write primitive...

7.6CVSS7.4AI score0.82902EPSS
CVE
CVE
added 2019/09/11 9:24 p.m.169 views

CVE-2019-1237

Technical details for CVE-2019-1237 are not publicly available in the provided connected documents. No concrete affected products, versions, root cause, or mitigations are present here. Monitor for updates from authoritative sources to obtain specifics and remediation guidance.

7.6CVSS7.4AI score0.08673EPSS
CVE
CVE
added 2020/11/11 6:48 a.m.166 views

CVE-2020-17052

CVE-2020-17052 is a Scripting Engine Memory Corruption Vulnerability. Connected data confirms the issue as a memory corruption in a scripting engine and labels it with CVSS metrics (CVSSv3.1 base score 8.1, high impact on confidentiality, integrity, and availability; network attack vector; no pri...

8.1CVSS8.4AI score0.02455EPSS
CVE
CVE
added 2020/09/11 5:9 p.m.162 views

CVE-2020-1172

CVE-2020-1172 describes a remote code execution in the ChakraCore scripting engine caused by memory corruption when handling objects in memory. The issue could let an attacker execute code with the current user’s privileges (high impact if the user has admin rights). The vulnerability is addresse...

7.6CVSS6.7AI score0.02125EPSS
CVE
CVE
added 2020/09/11 5:8 p.m.161 views

CVE-2020-1057

Technical details for CVE-2020-1057 are not publicly available in the provided connected documents. We cannot identify affected products/versions or remediation from these sources. Monitor official Microsoft/MSRC advisories and related CVE references for concrete information.

9.3CVSS6.7AI score0.02062EPSS
CVE
CVE
added 2020/03/12 3:48 p.m.160 views

CVE-2020-0768

Technical details for CVE-2020-0768 are not provided in the connected documents. Public details appear limited to initial description. Monitor for updates from official sources.

7.6CVSS7.7AI score0.08524EPSS
CVE
CVE
added 2020/03/12 3:48 p.m.159 views

CVE-2020-0823

Technical details on CVE-2020-0823 are not provided in the supplied documents; no specifics on affected products, root cause, impact, or fixes are disclosed. Monitor for updates.

7.6CVSS7.8AI score0.08642EPSS
CVE
CVE
added 2019/10/10 1:28 p.m.155 views

CVE-2019-0608

Technical details about CVE-2019-0608 are not publicly available in the provided documents. The connected EUVD and MSKB entries do not specify affected products, impact, or remediation. Monitor for updates as new information becomes available.

4.3CVSS6.3AI score0.02134EPSS
CVE
CVE
added 2019/09/11 9:24 p.m.152 views

CVE-2019-1217

Technical details for CVE-2019-1217 are not publicly available in the provided connected documents; no affected products, versions, or remediation are described here. Monitor for updates.

7.6CVSS7.4AI score0.08673EPSS
CVE
CVE
added 2019/07/29 2:8 p.m.151 views

CVE-2019-1107

CVE-2019-1107 concerns a remote code execution in Microsoft Edge via the Chakra scripting engine’s in-memory handling. The connected docs (GitHub advisories GHSA entries) reference an Out-of-bounds write/memory corruption in Chakra as the underlying issue and identify Edge/chakra as affected, ali...

7.6CVSS7.4AI score0.09325EPSS
CVE
CVE
added 2019/04/08 10:22 p.m.147 views

CVE-2019-0592

CVE-2019-0592 is a ChakraCore/Edge memory-corruption remote code execution issue. Connected sources corroborate a Chakra memory-management flaw that can lead to RCE in Microsoft Edge when handling in-memory objects. No exploit specifics are provided in the documents. Remediation details are not e...

7.6CVSS7.4AI score0.22866EPSS
CVE
CVE
added 2019/10/10 1:28 p.m.147 views

CVE-2019-1335

Technical details for CVE-2019-1335 are not publicly available in the provided documents. Monitor for updates and potential advisory disclosures.

7.6CVSS7.4AI score0.09509EPSS
CVE
CVE
added 2020/03/12 3:48 p.m.147 views

CVE-2020-0829

Technical details about CVE-2020-0829 are not publicly available in the provided documents. Monitor for updates from trusted sources to assess impact, affected products, and fixes.

7.6CVSS7.8AI score0.08642EPSS
CVE
CVE
added 2020/08/17 7:13 p.m.147 views

CVE-2020-1555

CVE-2020-1555 is a memory corruption vulnerability in the Edge HTML-based scripting engine. The vulnerability allows an attacker to execute arbitrary code in the context of the current user, with the potential for full system compromise if the user has admin rights. The issue stems from how the E...

9.3CVSS9.1AI score0.0451EPSS
CVE
CVE
added 2019/01/08 9:0 p.m.146 views

CVE-2019-0567

CVE-2019-0567 is a remote code execution in the Chakra scripting engine used by Microsoft Edge and ChakraCore, stemming from memory handling issues in Chakra. Public exploits are referenced in Exploit-DB (e.g., 46203) and are part of a trio of Edge Chakra memory‑corruption advisories (CVE-2019-05...

7.6CVSS7.4AI score0.7999EPSS
CVE
CVE
added 2020/11/11 6:48 a.m.145 views

CVE-2020-17048

Technical details for CVE-2020-17048 are not publicly provided in the supplied connected documents. No specific affected products, root cause, impact, or remediation are confirmed here. Monitor for updates from NVD/MSRC/GHSA as they become available.

8.1CVSS5AI score0.01525EPSS
CVE
CVE
added 2020/12/09 11:36 p.m.145 views

CVE-2020-17131

CVE-2020-17131 concerns a memory corruption vulnerability in the Chakra Scripting Engine described in the connected advisories as an out-of-bounds write in Chakra . The linked sources identify the issue as part of Chakra’s scripting engine and associate it with the same CVE across multiple feeds,...

7.5CVSS4.5AI score0.01946EPSS
CVE
CVE
added 2016/09/14 10:0 a.m.144 views

CVE-2016-3325

CVE-2016-3325 affects Microsoft Internet Explorer 11 and Microsoft Edge. A memory handling flaw in IE/Edge enables information disclosure when visiting a crafted site; attack vector is network, with user interaction required (per CVSS3). Exploitation has been observed (CVE-2016-3325 appears in ex...

3.1CVSS4.7AI score0.53914EPSS
CVE
CVE
added 2019/05/16 6:17 p.m.144 views

CVE-2019-0884

Technical details for CVE-2019-0884 are not publicly available in the provided documents; no affected product/version or exploit guidance are specified. Monitor for updates from official advisories.

7.6CVSS7.3AI score0.07513EPSS
CVE
CVE
added 2019/05/16 6:17 p.m.144 views

CVE-2019-0912

Technical details about CVE-2019-0912 are not publicly available in the provided documents; no product, impact, or remediation specifics are disclosed. Monitor for updates from official advisories.

7.6CVSS7.5AI score0.09215EPSS
Total number of security vulnerabilities481