VYPR

Chakracore

by Microsoft

Source repositories

CVEs (229)

  • CVE-2018-8500CriOct 10, 2018
    risk 0.58cvss 9.8epss 0.18

    A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore.

  • CVE-2017-8658CriAug 11, 2017
    risk 0.58cvss 9.8epss 0.20

    A remote code execution vulnerability exists in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

  • CVE-2018-8279HigJul 11, 2018
    risk 0.57cvss 7.5epss 0.71

    A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8125, CVE-2018-8262, CVE-2018-8274,…

  • CVE-2018-8145HigMay 9, 2018
    risk 0.57cvss 7.5epss 0.67

    An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user's computer or data, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This…

  • CVE-2018-0953HigMay 9, 2018
    risk 0.57cvss 7.5epss 0.67

    A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945,…

  • CVE-2017-11918HigDec 12, 2017
    risk 0.57cvss 7.5epss 0.63

    ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption…

  • CVE-2017-11873HigNov 15, 2017
    risk 0.57cvss 7.5epss 0.70

    ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory…

  • CVE-2017-11861HigNov 15, 2017
    risk 0.57cvss 7.5epss 0.64

    Microsoft Edge in Windows 10 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption…

  • CVE-2017-11841HigNov 15, 2017
    risk 0.57cvss 7.5epss 0.60

    ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine…

  • CVE-2017-11840HigNov 15, 2017
    risk 0.57cvss 7.5epss 0.60

    ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine…

  • CVE-2017-11767CriNov 2, 2017
    risk 0.57cvss 9.8epss 0.10

    ChakraCore allows an attacker to gain the same user rights as the current user, due to the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

  • CVE-2017-11811HigOct 13, 2017
    risk 0.57cvss 7.5epss 0.65

    ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory…

  • CVE-2017-11809HigOct 13, 2017
    risk 0.57cvss 7.5epss 0.68

    ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory…

  • CVE-2017-11802HigOct 13, 2017
    risk 0.57cvss 7.5epss 0.69

    ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory…

  • CVE-2017-11799HigOct 13, 2017
    risk 0.57cvss 7.5epss 0.64

    ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory…

  • CVE-2017-8641HigAug 8, 2017
    risk 0.57cvss 7.5epss 0.72

    Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to…

  • CVE-2017-0152HigJul 17, 2017
    risk 0.54cvss 8.1epss 0.11

    A remote code execution vulnerability exists in the way affected Microsoft scripting engine render when handling objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the…

  • CVE-2017-11812HigOct 13, 2017
    risk 0.53cvss 7.5epss 0.47

    ChakraCore and Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption…

  • CVE-2018-8473HigOct 10, 2018
    risk 0.50cvss 7.5epss 0.15

    A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8509.

  • CVE-2018-8391HigSep 13, 2018
    risk 0.50cvss 7.5epss 0.11

    A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-8354, CVE-2018-8456, CVE-2018-8457,…

Page 1 of 12