Exploitdb Exploits

150 exploits tracked across all sources.

Sort: Activity Stars
CVE-2018-8467 EXPLOITDB HIGH javascript VERIFIED
ChakraCore - Remote Code Execution via Memory Corruption
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8367, CVE-2018-8465, CVE-2018-8466.
by Google Security Research
CVSS 7.5
CVE-2018-8466 EXPLOITDB HIGH javascript VERIFIED
ChakraCore < 1.10.1 and 1.11.1 - Remote Code Execution via Memory Corruption
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8367, CVE-2018-8465, CVE-2018-8467.
by Google Security Research
CVSS 7.5
CVE-2018-8355 EXPLOITDB HIGH javascript VERIFIED
Microsoft Browsers - Memory Corruption
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8353, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390.
by Google Security Research
CVSS 7.5
CVE-2018-8384 EXPLOITDB HIGH javascript VERIFIED
ChakraCore < 1.10.2 - Remote Code Execution via Type Confusion
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-8266, CVE-2018-8380, CVE-2018-8381.
by Google Security Research
CVSS 7.5
CVE-2018-8279 EXPLOITDB HIGH javascript VERIFIED
Microsoft Edge and ChakraCore - Remote Code Execution via Memory Corruption
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8125, CVE-2018-8262, CVE-2018-8274, CVE-2018-8275, CVE-2018-8301.
by Google Security Research
CVSS 7.5
CVE-2018-8298 EXPLOITDB HIGH javascript VERIFIED
ChakraCore < 1.10.1 - Remote Code Execution via Memory Corruption
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8288, CVE-2018-8291, CVE-2018-8296.
by Google Security Research
CVSS 7.5
CVE-2018-8288 EXPLOITDB HIGH javascript VERIFIED
Microsoft Browsers - Memory Corruption
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8291, CVE-2018-8296, CVE-2018-8298.
by Google Security Research
CVSS 7.5
EIP-2026-115649 EXPLOITDB javascript VERIFIED
Microsoft Edge Chakra JIT - 'InlineArrayPush' Type Confusion
by Google Security Research
CVE-2018-8291 EXPLOITDB HIGH javascript VERIFIED
Microsoft Browsers - Memory Corruption
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8288, CVE-2018-8296, CVE-2018-8298.
by Google Security Research
CVSS 7.5
CVE-2018-8229 EXPLOITDB HIGH javascript VERIFIED
Microsoft Edge and ChakraCore - Remote Code Execution via Type Confusion
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8227.
by Google Security Research
CVSS 7.5
CVE-2018-8145 EXPLOITDB HIGH javascript VERIFIED
ChakraCore < 1.8.3 - Memory Contents Exposure via Scripting Engine
An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user's computer or data, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-0943, CVE-2018-8130, CVE-2018-8133, CVE-2018-8177.
by Google Security Research
CVSS 7.5
CVE-2018-8139 EXPLOITDB HIGH javascript VERIFIED
Microsoft Edge and ChakraCore - Remote Code Execution via Scripting Engine Memory Corruption
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137.
by Google Security Research
CVSS 7.5
CVE-2018-4192 EXPLOITDB HIGH javascript
Safari < 11.1.1 - Remote Code Execution via WebKit Race Condition
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages a race condition.
by ret2
CVSS 7.5
CVE-2018-6092 EXPLOITDB HIGH javascript VERIFIED
Google Chrome < 66.0.3359.117 - Remote Code Execution via WebAssembly Integer Overflow
An integer overflow on 32-bit systems in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
by Google Security Research
CVSS 8.8
CVE-2018-8133 EXPLOITDB HIGH javascript VERIFIED
Microsoft Edge and ChakraCore - Remote Code Execution via Type Confusion
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0943, CVE-2018-8130, CVE-2018-8145, CVE-2018-8177.
by Google Security Research
CVSS 7.5
EIP-2026-101139 EXPLOITDB javascript
Sony Playstation 4 (PS4) 5.1 - Kernel (PoC)
by qwertyoruiop
CVE-2018-0953 EXPLOITDB HIGH javascript VERIFIED
Microsoft Edge and ChakraCore - Remote Code Execution via Scripting Engine Memory Corruption
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.
by Google Security Research
CVSS 7.5
CVE-2018-0980 EXPLOITDB HIGH javascript VERIFIED
Microsoft Edge and ChakraCore < 1.8.3 - Remote Code Execution via Memory Corruption
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019.
by Google Security Research
CVSS 7.5
EIP-2026-103437 EXPLOITDB javascript VERIFIED
Chrome V8 JIT - Arrow Function Scope Fixing Bug
by Google Security Research
EIP-2026-103434 EXPLOITDB javascript VERIFIED
Chrome V8 JIT - 'AwaitedPromise' Update Bug
by Google Security Research
EIP-2026-103436 EXPLOITDB javascript VERIFIED
Chrome V8 JIT - 'NodeProperties::InferReceiverMaps' Type Confusion
by Google Security Research
EIP-2026-103504 EXPLOITDB javascript VERIFIED
Google Chrome V8 JIT - 'LoadElimination::ReduceTransitionElementsKind' Type Confusion
by Google Security Research
CVE-2018-0933 EXPLOITDB HIGH javascript VERIFIED
Microsoft Edge and ChakraCore < 1.8.2 - Remote Code Execution via Memory Corruption
ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937.
by Google Security Research
CVSS 7.5
CVE-2018-0934 EXPLOITDB HIGH javascript VERIFIED
Microsoft Edge and ChakraCore - Remote Code Execution via Memory Corruption
ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0936, and CVE-2018-0937.
by Google Security Research
CVSS 7.5
CVE-2018-0934 EXPLOITDB HIGH javascript VERIFIED
Microsoft Edge and ChakraCore - Remote Code Execution via Memory Corruption
ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0936, and CVE-2018-0937.
by Google Security Research
CVSS 7.5
By Source
All 150 Writeup 62,046 Exploitdb 50,076 Nomisec 22,338 Github 3,520 Metasploit 3,299 Vulncheck_xdb 927 Inthewild 514 Gitlab 470 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,515 ruby 5,989 c 3,622 perl 2,849 html 2,072 php 1,332 bash 462 java 370 c++ 257 javascript 228 shell 130 go 72 postscript 25 typescript 25