Chakracore@- Security Vulnerabilities and Issues — Chakracore@- CVE List

CVE•added 2018/08/15 5:29 p.m.•239 views

CVE-2018-8372

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8353, CVE-2018-835...

CVE•added 2018/08/15 5:29 p.m.•226 views

CVE-2018-8355

CVE•added 2018/08/15 5:29 p.m.•226 views

In wildWeb

CVE-2018-8385

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID...

CVE•added 2018/08/15 5:29 p.m.•205 views

CVE-2018-8359

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8371, CVE-2018-8372, CVE-2018-83...

CVE•added 2019/01/08 9:29 p.m.•150 views

CVE-2019-0539

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0567, CVE-2019-0568.

7.6CVSS7.4AI score0.92032EPSS

Web

CVE•added 2020/08/17 7:15 p.m.•130 views

CVE-2020-1555

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successf...

9.3CVSS7.9AI score0.1447EPSS

CVE•added 2020/11/11 7:15 a.m.•121 views

CVE-2020-17048

Chakra Scripting Engine Memory Corruption Vulnerability

8.1CVSS5AI score0.02691EPSS

CVE•added 2019/01/08 9:29 p.m.•119 views

CVE-2019-0567

7.6CVSS7.4AI score0.92032EPSS

CVE•added 2019/10/10 2:15 p.m.•114 views

CVE-2019-1335

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1307, CVE-2019-1308, CVE-2019-1366.

7.6CVSS7.4AI score0.03503EPSS

CVE•added 2019/01/08 9:29 p.m.•106 views

CVE-2019-0568

7.6CVSS7.4AI score0.92032EPSS

CVE•added 2018/12/12 12:29 a.m.•102 views

CVE-2018-8617

CVE•added 2019/10/10 2:15 p.m.•102 views

CVE-2019-1366

7.6CVSS7.4AI score0.03503EPSS

CVE•added 2018/02/15 2:29 a.m.•98 views

CVE-2018-0834

Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0835, CVE-...

9.3CVSS7.3AI score0.8026EPSS

CVE•added 2020/03/12 4:15 p.m.•96 views

CVE-2020-0811

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based)L, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0812.

7.6CVSS7.4AI score0.03426EPSS

CVE•added 2019/04/09 12:29 a.m.•91 views

CVE-2019-0746

An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'.

6.5CVSS6.6AI score0.22506EPSS

CVE•added 2017/11/15 3:29 a.m.•87 views

CVE-2017-11873

ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerabil...

CVE•added 2018/12/12 12:29 a.m.•85 views

CVE-2018-8583

CVE•added 2020/03/12 4:15 p.m.•85 views

CVE-2020-0813

An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the userâ€™s computer or data.To exploit the vulnerability, an attacker must know the memory address of where the object...

7.5CVSS7.5AI score0.09201EPSS

CVE•added 2018/09/13 12:29 a.m.•84 views

CVE-2018-8467

7.6CVSS7.4AI score0.79783EPSS

CVE•added 2018/02/15 2:29 a.m.•83 views

CVE-2018-0838

CVE•added 2018/12/12 12:29 a.m.•80 views

CVE-2018-8629

CVE•added 2020/03/12 4:15 p.m.•80 views

CVE-2020-0812

7.6CVSS7.4AI score0.03426EPSS

CVE•added 2018/02/15 2:29 a.m.•79 views

CVE-2018-0859

7.6CVSS7.4AI score0.8026EPSS

CVE•added 2017/11/15 3:29 a.m.•78 views

CVE-2017-11861

Microsoft Edge in Windows 10 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is ...

CVE•added 2017/11/15 3:29 a.m.•78 views

CVE-2017-11870

ChakraCore and Microsoft Edge in Windows 10 1703, 1709, and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from...

CVE•added 2018/11/14 1:29 a.m.•76 views

CVE-2018-8556

CVE•added 2018/11/14 1:29 a.m.•76 views

CVE-2018-8588

CVE•added 2017/11/15 3:29 a.m.•75 views

CVE-2017-11862

ChakraCore and Microsoft Edge in Windows 10 1709 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-20...

CVE•added 2018/11/14 1:29 a.m.•75 views

CVE-2018-8555

CVE•added 2018/12/12 12:29 a.m.•75 views

CVE-2018-8624

CVE•added 2017/11/15 3:29 a.m.•74 views

CVE-2017-11871

CVE•added 2017/11/15 3:29 a.m.•74 views

CVE-2017-11874

Microsoft Edge in Microsoft Windows 10 1703, 1709, Windows Server, version 1709, and ChakraCore allows an attacker to bypass Control Flow Guard (CFG) to run arbitrary code on a target system, due to how Microsoft Edge handles accessing memory in code compiled by the Edge Just-In-Time (JIT) compiler...

3.1CVSS5.2AI score0.24369EPSS

CVE•added 2018/11/14 1:29 a.m.•74 views

CVE-2018-8551

CVE•added 2020/05/21 11:15 p.m.•74 views

CVE-2020-1037

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Chakra Scripting Engine Memory Corruption Vulnerability'.

7.6CVSS8AI score0.04538EPSS

CVE•added 2018/02/15 2:29 a.m.•73 views

CVE-2018-0857

CVE•added 2018/11/14 1:29 a.m.•73 views

CVE-2018-8542

CVE•added 2018/09/13 12:29 a.m.•72 views

CVE-2018-8367

7.6CVSS7.4AI score0.79783EPSS

CVE•added 2018/02/15 2:29 a.m.•71 views

CVE-2018-0835

CVE•added 2018/11/14 1:29 a.m.•70 views

CVE-2018-8557

CVE•added 2018/02/15 2:29 a.m.•68 views

CVE-2018-0837

CVE•added 2018/11/14 1:29 a.m.•68 views

CVE-2018-8541

CVE•added 2018/02/15 2:29 a.m.•67 views

CVE-2018-0836

Microsoft Edge and ChakraCore in Microsoft Windows 10 1703 and 1709 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0837, CVE-2018-0838,...

CVE•added 2018/02/15 2:29 a.m.•67 views

CVE-2018-0856

CVE•added 2018/12/12 12:29 a.m.•67 views

CVE-2018-8618