Exploitdb Exploits

150 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-103500 EXPLOITDB javascript VERIFIED
Google Chrome V8 - 'Genesis::InitializeGlobal' Out-of-Bounds Read/Write
by Google Security Research
CVE-2018-6064 EXPLOITDB HIGH javascript VERIFIED
Google Chrome <65.0.3325.146 - Heap Corruption
Type Confusion in the implementation of __defineGetter__ in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
by Google Security Research
CVSS 8.8
EIP-2026-104100 EXPLOITDB javascript
TeamCity < 9.0.2 - Disabled Registration Bypass
by allyshka
CVE-2018-25321 EXPLOITDB MEDIUM javascript
TP-Link TL-WR720N All Versions CSRF via Administrative Interfaces
TP-Link TL-WR720N wireless router contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious web requests. Attackers can modify port forwarding rules via VirtualServerRpm.htm or change WiFi security settings via WlanSecurityRpm.htm by tricking authenticated users into visiting attacker-controlled pages.
by Mans van Someren
CVSS 4.3
CVE-2018-0891 EXPLOITDB MEDIUM javascript VERIFIED
Internet Explorer - Information Disclosure via Scripting Engine Memory Handling
ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allow information disclosure, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0939.
by Google Security Research
CVSS 4.3
EIP-2026-103440 EXPLOITDB javascript VERIFIED
Chrome V8 JIT - Simplified-lowererer IrOpcode::kStoreField_ IrOpcode::kStoreElement Optimization Bug
by Google Security Research
EIP-2026-103439 EXPLOITDB javascript VERIFIED
Chrome V8 JIT - JSBuiltinReducer::ReduceObjectCreate Fails to Ensure that the Prototype is _null_
by Google Security Research
EIP-2026-103438 EXPLOITDB javascript VERIFIED
Chrome V8 JIT - Empty BytecodeJumpTable Out-of-Bounds Read
by Google Security Research
EIP-2026-103435 EXPLOITDB javascript VERIFIED
Chrome V8 JIT - 'GetSpecializationContext' Type Confusion
by Google Security Research
EIP-2026-103433 EXPLOITDB javascript VERIFIED
Chrome V8 - 'TranslatedState::MaterializeCapturedObjectAt' Type Confusion
by Google Security Research
EIP-2026-103431 EXPLOITDB javascript VERIFIED
Chrome V8 - 'PropertyArray' Integer Overflow
by Google Security Research
CVE-2018-0860 EXPLOITDB HIGH javascript VERIFIED
Microsoft Edge and ChakraCore - Remote Code Execution via Scripting Engine Memory Corruption
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0861, and CVE-2018-0866.
by Google Security Research
CVSS 7.5
CVE-2018-0840 EXPLOITDB HIGH javascript VERIFIED
Internet Explorer and Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.
by Google Security Research
CVSS 7.5
CVE-2018-0834 EXPLOITDB HIGH javascript VERIFIED
ChakraCore - Remote Code Execution via Memory Corruption in Scripting Engine
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.
by Google Security Research
CVSS 7.5
CVE-2018-0838 EXPLOITDB HIGH javascript VERIFIED
ChakraCore - Remote Code Execution via Memory Corruption
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.
by Google Security Research
CVSS 7.5
CVE-2018-0837 EXPLOITDB HIGH javascript VERIFIED
ChakraCore - Remote Code Execution via Memory Corruption in Scripting Engine
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.
by Google Security Research
CVSS 7.5
CVE-2018-0835 EXPLOITDB HIGH javascript VERIFIED
ChakraCore < 1.8.1 - Remote Code Execution via Memory Corruption in Scripting Engine
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.
by Google Security Research
CVSS 7.5
EIP-2026-103432 EXPLOITDB javascript VERIFIED
Chrome V8 - 'Runtime_RegExpReplace' Integer Overflow
by Google Security Research
CVE-2018-0776 EXPLOITDB HIGH javascript VERIFIED
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.
by Google Security Research
CVSS 7.5
CVE-2018-0777 EXPLOITDB HIGH javascript VERIFIED
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0778, and CVE-2018-0781.
by Google Security Research
CVSS 7.5
CVE-2018-0769 EXPLOITDB HIGH javascript VERIFIED
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.
by Google Security Research
CVSS 7.5
CVE-2018-0774 EXPLOITDB HIGH javascript VERIFIED
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.
by Google Security Research
CVSS 7.5
CVE-2018-0775 EXPLOITDB HIGH javascript VERIFIED
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.
by Google Security Research
CVSS 7.5
CVE-2017-11914 EXPLOITDB HIGH javascript VERIFIED
ChakraCore and Microsoft Edge - Privilege Escalation
ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930.
by Google Security Research
CVSS 7.5
CVE-2018-0780 EXPLOITDB MEDIUM javascript VERIFIED
Microsoft Edge - Information Disclosure via Scripting Engine Memory Handling
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0767 and CVE-2018-0800.
by Google Security Research
CVSS 5.3
By Source
All 150 Writeup 62,143 Exploitdb 50,076 Nomisec 22,365 Github 3,570 Metasploit 3,311 Vulncheck_xdb 927 Inthewild 514 Gitlab 475 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,544 ruby 6,001 c 3,624 perl 2,849 html 2,073 php 1,332 bash 462 java 370 c++ 259 javascript 228 shell 131 go 72 postscript 25 typescript 25