Chakracore
by Microsoft
Source repositories
CVEs (229)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-0591 | 0.01 | — | 0.11 | Mar 6, 2019 | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607,… | |||
| CVE-2019-0644 | 0.01 | — | 0.11 | Mar 6, 2019 | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605,… | |||
| CVE-2019-0652 | 0.01 | — | 0.11 | Mar 6, 2019 | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605,… | |||
| CVE-2019-0610 | 0.01 | — | 0.11 | Mar 6, 2019 | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605,… | |||
| CVE-2019-0640 | 0.01 | — | 0.11 | Mar 6, 2019 | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605,… | |||
| CVE-2019-0642 | 0.01 | — | 0.11 | Mar 6, 2019 | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605,… | |||
| CVE-2018-8617 | 0.01 | — | 0.62 | Dec 12, 2018 | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583,… | |||
| CVE-2018-8384 | Hig | 0.01 | 7.5 | 0.62 | Aug 15, 2018 | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-8266, CVE-2018-8380,… | ||
| CVE-2018-8355 | Hig | 0.01 | 7.5 | 0.68 | Aug 15, 2018 | A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from… | ||
| CVE-2018-8139 | Hig | 0.01 | 7.5 | 0.67 | May 9, 2018 | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945,… | ||
| CVE-2018-0980 | Hig | 0.01 | 7.5 | 0.67 | Apr 12, 2018 | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979,… | ||
| CVE-2023-37139 | 0.00 | — | 0.01 | Jul 18, 2023 | ChakraCore branch master cbb9b was discovered to contain a stack overflow vulnerability via the function Js::ScopeSlots::IsDebuggerScopeSlotArray(). | |||
| CVE-2023-37143 | 0.00 | — | 0.01 | Jul 18, 2023 | ChakraCore branch master cbb9b was discovered to contain a segmentation violation via the function BackwardPass::IsEmptyLoopAfterMemOp(). | |||
| CVE-2023-37142 | 0.00 | — | 0.01 | Jul 18, 2023 | ChakraCore branch master cbb9b was discovered to contain a segmentation violation via the function Js::EntryPointInfo::HasInlinees(). | |||
| CVE-2023-37141 | 0.00 | — | 0.01 | Jul 18, 2023 | ChakraCore branch master cbb9b was discovered to contain a segmentation violation via the function Js::ProfilingHelpers::ProfiledNewScArray(). | |||
| CVE-2020-23315 | 0.00 | — | 0.02 | Jan 20, 2022 | There is an ASSERTION (pFuncBody->GetYieldRegister() == oldYieldRegister) failed in Js::DebugContext::RundownSourcesAndReparse in ChakraCore version 1.12.0.0-beta. | |||
| CVE-2020-17131 | 0.00 | — | 0.02 | Dec 9, 2020 | Chakra Scripting Engine Memory Corruption Vulnerability | |||
| CVE-2020-1073 | 0.00 | — | 0.09 | Jun 9, 2020 | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. | |||
| CVE-2020-1065 | 0.00 | — | 0.08 | May 21, 2020 | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. | |||
| CVE-2020-1037 | 0.00 | — | 0.08 | May 21, 2020 | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. |
- CVE-2019-0591Mar 6, 2019risk 0.01cvss —epss 0.11
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607,…
- CVE-2019-0644Mar 6, 2019risk 0.01cvss —epss 0.11
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605,…
- CVE-2019-0652Mar 6, 2019risk 0.01cvss —epss 0.11
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605,…
- CVE-2019-0610Mar 6, 2019risk 0.01cvss —epss 0.11
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605,…
- CVE-2019-0640Mar 6, 2019risk 0.01cvss —epss 0.11
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605,…
- CVE-2019-0642Mar 6, 2019risk 0.01cvss —epss 0.11
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605,…
- CVE-2018-8617Dec 12, 2018risk 0.01cvss —epss 0.62
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583,…
- risk 0.01cvss 7.5epss 0.62
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-8266, CVE-2018-8380,…
- risk 0.01cvss 7.5epss 0.68
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from…
- risk 0.01cvss 7.5epss 0.67
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945,…
- risk 0.01cvss 7.5epss 0.67
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979,…
- CVE-2023-37139Jul 18, 2023risk 0.00cvss —epss 0.01
ChakraCore branch master cbb9b was discovered to contain a stack overflow vulnerability via the function Js::ScopeSlots::IsDebuggerScopeSlotArray().
- CVE-2023-37143Jul 18, 2023risk 0.00cvss —epss 0.01
ChakraCore branch master cbb9b was discovered to contain a segmentation violation via the function BackwardPass::IsEmptyLoopAfterMemOp().
- CVE-2023-37142Jul 18, 2023risk 0.00cvss —epss 0.01
ChakraCore branch master cbb9b was discovered to contain a segmentation violation via the function Js::EntryPointInfo::HasInlinees().
- CVE-2023-37141Jul 18, 2023risk 0.00cvss —epss 0.01
ChakraCore branch master cbb9b was discovered to contain a segmentation violation via the function Js::ProfilingHelpers::ProfiledNewScArray().
- CVE-2020-23315Jan 20, 2022risk 0.00cvss —epss 0.02
There is an ASSERTION (pFuncBody->GetYieldRegister() == oldYieldRegister) failed in Js::DebugContext::RundownSourcesAndReparse in ChakraCore version 1.12.0.0-beta.
- CVE-2020-17131Dec 9, 2020risk 0.00cvss —epss 0.02
Chakra Scripting Engine Memory Corruption Vulnerability
- CVE-2020-1073Jun 9, 2020risk 0.00cvss —epss 0.09
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'.
- CVE-2020-1065May 21, 2020risk 0.00cvss —epss 0.08
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'.
- CVE-2020-1037May 21, 2020risk 0.00cvss —epss 0.08
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Chakra Scripting Engine Memory Corruption Vulnerability'.
Page 8 of 12