Exploitdb Exploits

152 exploits tracked across all sources.

Sort: Newest Stars
EIP-2026-115648 EXPLOITDB javascript VERIFIED
Microsoft Edge Chakra - OP_Memset Type Confusion
by Google Security Research
EIP-2026-115647 EXPLOITDB javascript VERIFIED
Microsoft Edge Chakra - OP_Memset Type Confusion
by Google Security Research
CVE-2018-8467 EXPLOITDB HIGH javascript VERIFIED
Microsoft Edge - Memory Corruption
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8367, CVE-2018-8465, CVE-2018-8466.
by Google Security Research
CVSS 7.5
CVE-2018-8466 EXPLOITDB HIGH javascript VERIFIED
Microsoft Edge - Memory Corruption
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8367, CVE-2018-8465, CVE-2018-8467.
by Google Security Research
CVSS 7.5
CVE-2018-8355 EXPLOITDB HIGH javascript VERIFIED
Microsoft Browsers - Memory Corruption
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8353, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390.
by Google Security Research
CVSS 7.5
CVE-2018-8384 EXPLOITDB HIGH javascript VERIFIED
Microsoft Edge - Memory Corruption
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-8266, CVE-2018-8380, CVE-2018-8381.
by Google Security Research
CVSS 7.5
CVE-2018-8279 EXPLOITDB HIGH javascript VERIFIED
Microsoft Edge - Memory Corruption
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8125, CVE-2018-8262, CVE-2018-8274, CVE-2018-8275, CVE-2018-8301.
by Google Security Research
CVSS 7.5
CVE-2018-8298 EXPLOITDB HIGH javascript VERIFIED
ChakraCore - Memory Corruption
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8288, CVE-2018-8291, CVE-2018-8296.
by Google Security Research
CVSS 7.5
CVE-2018-8288 EXPLOITDB HIGH javascript VERIFIED
Microsoft Browsers - Memory Corruption
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8291, CVE-2018-8296, CVE-2018-8298.
by Google Security Research
CVSS 7.5
EIP-2026-115649 EXPLOITDB javascript VERIFIED
Microsoft Edge Chakra JIT - 'InlineArrayPush' Type Confusion
by Google Security Research
CVE-2018-8291 EXPLOITDB HIGH javascript VERIFIED
Microsoft Browsers - Memory Corruption
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8288, CVE-2018-8296, CVE-2018-8298.
by Google Security Research
CVSS 7.5
CVE-2018-8229 EXPLOITDB HIGH javascript VERIFIED
Microsoft Edge - Memory Corruption
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8227.
by Google Security Research
CVSS 7.5
CVE-2018-8145 EXPLOITDB HIGH javascript VERIFIED
Chakra < - Memory Corruption
An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user's computer or data, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-0943, CVE-2018-8130, CVE-2018-8133, CVE-2018-8177.
by Google Security Research
CVSS 7.5
CVE-2018-8139 EXPLOITDB HIGH javascript VERIFIED
Microsoft Edge - Memory Corruption
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137.
by Google Security Research
CVSS 7.5
CVE-2018-4192 EXPLOITDB HIGH javascript
Apple Safari < 11.1.1 - Race Condition
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages a race condition.
by ret2
CVSS 7.5
CVE-2018-6092 EXPLOITDB HIGH javascript VERIFIED
Google Chrome <66.0.3359.117 - RCE
An integer overflow on 32-bit systems in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
by Google Security Research
CVSS 8.8
CVE-2018-8133 EXPLOITDB HIGH javascript VERIFIED
Microsoft Edge - Memory Corruption
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0943, CVE-2018-8130, CVE-2018-8145, CVE-2018-8177.
by Google Security Research
CVSS 7.5
EIP-2026-101139 EXPLOITDB javascript
Sony Playstation 4 (PS4) 5.1 - Kernel (PoC)
by qwertyoruiop
CVE-2018-0953 EXPLOITDB HIGH javascript VERIFIED
Microsoft Edge < 1.8.3 - Out-of-Bounds Write
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.
by Google Security Research
CVSS 7.5
CVE-2018-0980 EXPLOITDB HIGH javascript VERIFIED
Microsoft Edge < 1.8.3 - Out-of-Bounds Write
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019.
by Google Security Research
CVSS 7.5
EIP-2026-103437 EXPLOITDB javascript VERIFIED
Chrome V8 JIT - Arrow Function Scope Fixing Bug
by Google Security Research
EIP-2026-103434 EXPLOITDB javascript VERIFIED
Chrome V8 JIT - 'AwaitedPromise' Update Bug
by Google Security Research
EIP-2026-103436 EXPLOITDB javascript VERIFIED
Chrome V8 JIT - 'NodeProperties::InferReceiverMaps' Type Confusion
by Google Security Research
EIP-2026-103504 EXPLOITDB javascript VERIFIED
Google Chrome V8 JIT - 'LoadElimination::ReduceTransitionElementsKind' Type Confusion
by Google Security Research
CVE-2018-0933 EXPLOITDB HIGH javascript VERIFIED
Microsoft Edge < 1.8.2 - Out-of-Bounds Write
ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937.
by Google Security Research
CVSS 7.5
By Source
All 152 Exploitdb 50,196 Writeup 43,086 Nomisec 19,741 Metasploit 3,028 Github 2,090 Vulncheck_xdb 887 Inthewild 518 Gitlab 432 Gitee 415 Patchapalooza 312
By Language
text 31,307 python 5,762 ruby 5,759 c 3,536 perl 2,854 html 2,051 php 1,332 bash 459 java 359 javascript 255 c++ 242 shell 54 go 38 postscript 25 xml 24