Lucene search
K

109 matches found

Snyk
Snyk
added 2022/05/17 2:35 a.m.2 views

Out-of-Bounds

Overview Microsoft.ChakraCore is a core part of the Chakra Javascript engine that powers Microsoft Edge Affected versions of this package are vulnerable to Out-of-Bounds which can lead to remote code execution. This issue derives from the way JavaScript engines render when handling objects in...

9.8CVSS7.9AI score0.14682EPSS
Exploits0References2
CNVD
CNVD
added 2022/01/24 12:0 a.m.18 views

Microsoft ChakraCore has an unspecified vulnerability

Microsoft ChakraCore is the core part of an open source Chakra JavaScript scripting engine used in the Edge browser by Microsoft USA and can also be used as a standalone JavaScript engine. The vulnerability stems from an assertion pFuncBody-GetYieldRegister == oldYieldRegister failure in...

7.5CVSS1.6AI score0.02373EPSS
Exploits1References1
CNVD
CNVD
added 2020/12/09 12:0 a.m.1 views

Binary Vulnerability in Microsoft ChakraCore

Microsoft ChakraCore is a core part of the Chakra JavaScript engine for Microsoft's open source Microsoft Edge browser. A binary vulnerability exists in Microsoft ChakraCore, which can be exploited by attackers to cause a denial of service...

6.5AI score
Exploits0
CNVD
CNVD
added 2020/11/17 12:0 a.m.1 views

Null Pointer Reference Vulnerability in Microsoft ChakraCore

Microsoft ChakraCore is an open source ChakraJavaScript scripting engine used by Microsoft in the Edge browser, or as a stand-alone JavaScript engine. A null pointer reference vulnerability exists in Microsoft ChakraCore. An attacker could exploit this vulnerability to cause a software crash...

6.4AI score
Exploits0
Veracode
Veracode
added 2020/03/13 9:19 a.m.31 views

Remote Code Execution (RCE)

Microsoft Chakracore is vulnerable to remote code execution RCE. The vulnerability is possible due to lack of proper handling of raw objects and JS Maps to cache arbitrary data for a given locale...

7.5CVSS3.3AI score0.07527EPSS
Exploits0References3Affected Software2
Veracode
Veracode
added 2020/03/13 3:33 a.m.24 views

Remote Code Execution (RCE)

Microsoft Chakracore is vulnerable to remote code execution RCE. The vulnerability exists because it does not properly handle the memory upon an instruction entry to the try region and upon a Leave in the function ProcessEHRegionBoundary of LinearScan.cpp...

7.5CVSS3.1AI score0.08642EPSS
Exploits0References3Affected Software2
CNVD
CNVD
added 2020/03/11 12:0 a.m.4 views

Microsoft ChakraCore and Edge Remote Code Execution Vulnerability (CNVD-2020-20365)

Microsoft ChakraCore and Microsoft Edge are both products of Microsoft Corporation.ChakraCore is the core of an open-source Chakra JavaScript scripting engine used in the Edge browser, and is also available as a standalone JavaScript engine. Microsoft Edge is a web browser that comes with Windows...

7.6CVSS7.8AI score0.08642EPSS
Exploits0References1
Veracode
Veracode
added 2019/08/15 2:51 a.m.4 views

Remote Code Execution (RCE)

microsoft.chakracore is vulnerable to remote code execution RCE. The vulnerability exists due to the way that the Chakra scripting engine handles objects in memory in Microsoft Edge...

8.8CVSS7.5AI score0.03824EPSS
Exploits0References1Affected Software2
Veracode
Veracode
added 2019/08/15 2:43 a.m.26 views

Remote Code Execution (RCE)

microsoft.chakracore is vulnerable to remote code execution RCE. The vulnerability exists due to a chakra type confusion...

4.2CVSS2.8AI score0.01883EPSS
Exploits0References3Affected Software2
Veracode
Veracode
added 2019/08/15 2:18 a.m.32 views

Remote Code Execution (RCE)

microsoft chakracore is vulnerable to remote code execution. The vulnerability exists through a JIT type confusion attack in lib/Backend/GlobOptIntBounds.cpp...

4.2CVSS3.4AI score0.01934EPSS
Exploits0References3Affected Software2
Veracode
Veracode
added 2019/07/08 2:29 p.m.29 views

Remote Code Execution (RCE)

Microsoft ChakraCore is vulnerable to remote code execution. This could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user, potentially taking over the system with full user rights...

7.5CVSS7.9AI score0.12699EPSS
Exploits0References4Affected Software2
Veracode
Veracode
added 2019/07/08 1:51 p.m.20 views

Privilege Escalation

microsoft chakracore is vulnerable to privilege escalation. Improper handling of constructorCaches allows an attacker to exploit the vulnerability to gain elevated privileges...

8.1CVSS8.1AI score0.04362EPSS
Exploits0References4Affected Software2
Veracode
Veracode
added 2019/06/13 4:38 a.m.21 views

Remote Code Execution

Microsoft.ChakraCore is vulnerable to remote code execution. This is due to a flaw in the way they handles a native array, corrupting memory in such a way that an attacker could execute arbitrary code in the context of the current user...

7.5CVSS7.9AI score0.04124EPSS
Exploits0References5Affected Software2
Veracode
Veracode
added 2019/06/13 2:18 a.m.22 views

Information Disclosure

Microsoft Chakracore is vulnerable to information disclosure. Lack of bounds checking allows an attacker to corrupt memory and obtain confidential information about the user's application...

6.5CVSS6.8AI score0.05406EPSS
Exploits0References3Affected Software2
Veracode
Veracode
added 2019/05/17 2:1 p.m.19 views

Remote Code Execution (RCE)

Microsoft ChakraCore is vulnerable to remote code execution. This could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user, potentially taking over the system with full user rights...

7.5CVSS7.9AI score0.09215EPSS
Exploits0References2Affected Software2
Veracode
Veracode
added 2019/05/17 6:48 a.m.19 views

Remote Code Execution (RCE)

Microsoft ChakraCore is vulnerable to remote code execution. This could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user, potentially taking over the system with full user rights...

7.5CVSS7.9AI score0.09215EPSS
Exploits0References5Affected Software2
Veracode
Veracode
added 2019/05/17 6:23 a.m.23 views

Remote Code Execution (RCE)

Microsoft ChakraCore is vulnerable to remote code execution. This is due a type confusion bug in GlobOpt.cpp when the function ValueNumberDst returns. This could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user, potentially taking over...

7.5CVSS7.9AI score0.11107EPSS
Exploits0References6Affected Software2
Symantec
Symantec
added 2019/05/14 12:0 a.m.44 views

Microsoft Internet Explorer and Edge Scripting Engine Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsof...

0.3AI score
Exploits0Affected Software1
Veracode
Veracode
added 2018/12/11 5:13 a.m.33 views

Remote Code Execution (RCE)

microsoft.chakracore is vulnerable to remote code execution. This is due to an error in handling objects in memory when the JavaScript engines fails to render, which would allow an attacker to execute arbitrary code in the context of the authenticated user. This CVE ID is different from...

7.5CVSS8.9AI score0.09787EPSS
Exploits0References2Affected Software2
Veracode
Veracode
added 2018/12/11 5:7 a.m.36 views

Remote Code Execution (RCE)

microsoft.chakracore is vulnerable to remote code execution. This is due to a buffer overflow in TypeHandler caused by an invalid index reuse, which would allow an attacker to execute arbitrary code in the context of the authenticated user. This CVE ID is different from CVE-2017-8517 and...

7.5CVSS9.2AI score0.09787EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder