threat
engine
.sh
Back
·
··:··
Home
/
Product
/
microsoft chakracore
Product
microsoft chakracore
255 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2023-37143
all versions
ChakraCore branch master cbb9b was discovered to contain a segmentation violation via the function BackwardPass::IsEmptyLoopAfterM
5.5
MEDIUM
CVE-2023-37142
all versions
ChakraCore branch master cbb9b was discovered to contain a segmentation violation via the function Js::EntryPointInfo::HasInlinees
5.5
MEDIUM
CVE-2023-37141
all versions
ChakraCore branch master cbb9b was discovered to contain a segmentation violation via the function Js::ProfilingHelpers::ProfiledN
5.5
MEDIUM
CVE-2023-37140
all versions
ChakraCore branch master cbb9b was discovered to contain a segmentation violation via the function Js::DiagScopeVariablesWalker::G
5.5
MEDIUM
CVE-2023-37139
all versions
ChakraCore branch master cbb9b was discovered to contain a stack overflow vulnerability via the function Js::ScopeSlots::IsDebugge
5.5
MEDIUM
CVE-2020-23315
all versions
There is an ASSERTION (pFuncBody-GetYieldRegister() == oldYieldRegister) failed in Js::DebugContext::RundownSourcesAndReparse in C
7.5
HIGH
CVE-2020-17131
< 1.11.0
Chakra Scripting Engine Memory Corruption Vulnerability
4.2
MEDIUM
CVE-2020-17054
>= 1.11.0 and < 1.11.23
Chakra Scripting Engine Memory Corruption Vulnerability
4.2
MEDIUM
CVE-2020-17048
all versions
Chakra Scripting Engine Memory Corruption Vulnerability
4.2
MEDIUM
CVE-2020-1180
< 1.11.22
<p>A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vul
4.2
MEDIUM
CVE-2020-1172
< 1.11.22
<p>A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vul
4.2
MEDIUM
CVE-2020-1057
< 1.11.22
<p>A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vul
4.2
MEDIUM
CVE-2020-0878
all versions
<p>A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability cou
4.2
MEDIUM
CVE-2020-1555
all versions
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTM
8.8
HIGH
CVE-2020-1219
< 1.11.20
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser M
7.5
HIGH
CVE-2020-1073
< 1.11.20
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
8.1
HIGH
CVE-2020-1065
< 1.11.19
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
7.5
HIGH
CVE-2020-1037
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2020-0970
< 1.11.18
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
7.5
HIGH
CVE-2020-0969
< 1.11.18
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2020-0848
< 1.11.17
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
7.5
HIGH
CVE-2020-0831
< 1.11.17
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
7.5
HIGH
CVE-2020-0830
< 1.11.17
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka
7.5
HIGH
CVE-2020-0829
< 1.11.17
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
7.5
HIGH
CVE-2020-0828
< 1.11.17
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
7.5
HIGH
CVE-2020-0827
< 1.11.17
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
7.5
HIGH
CVE-2020-0826
< 1.11.17
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
7.5
HIGH
CVE-2020-0825
< 1.11.17
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
7.5
HIGH
CVE-2020-0823
< 1.11.17
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
7.5
HIGH
CVE-2020-0813
all versions
An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an
7.5
HIGH
CVE-2020-0812
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2020-0811
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2020-0768
< 1.11.17
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka
7.5
HIGH
CVE-2020-0767
< 1.11.16
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
7.5
HIGH
CVE-2020-0713
< 1.11.16
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
7.5
HIGH
CVE-2020-0712
< 1.11.16
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
7.5
HIGH
CVE-2020-0711
< 1.11.16
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
7.5
HIGH
CVE-2020-0710
< 1.11.16
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
7.5
HIGH
CVE-2019-1428
< 1.11.15
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTM
7.5
HIGH
CVE-2019-1427
< 1.11.15
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTM
7.5
HIGH
CVE-2019-1426
< 1.11.15
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTM
7.5
HIGH
CVE-2019-1366
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-1335
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-1308
< 1.11.14
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-1307
< 1.11.14
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-1300
< 1.11.13
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-1298
< 1.11.13
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-1237
< 1.11.13
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-1217
< 1.11.13
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-1138
< 1.11.13
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-1107
< 1.11.11
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-1106
< 1.11.11
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-1103
< 1.11.11
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-1092
< 1.11.11
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-1062
< 1.11.11
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-1001
< 1.11.11
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka
7.5
HIGH
CVE-2019-1052
< 1.11.10
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
4.2
MEDIUM
CVE-2019-1051
< 1.11.10
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
4.2
MEDIUM
CVE-2019-1024
< 1.11.10
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
4.2
MEDIUM
CVE-2019-1023
< 1.11.10
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft E
6.5
MEDIUM
CVE-2019-1003
< 1.11.10
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
4.2
MEDIUM
CVE-2019-0993
< 1.11.10
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
4.2
MEDIUM
CVE-2019-0991
< 1.11.10
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
4.2
MEDIUM
CVE-2019-0990
< 1.11.10
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
6.5
MEDIUM
CVE-2019-0989
< 1.11.10
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
4.2
MEDIUM
CVE-2019-0937
< 1.11.9
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0933
< 1.11.9
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0927
< 1.11.9
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0925
< 1.11.9
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0924
< 1.11.9
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0922
< 1.11.9
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0917
< 1.11.9
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0916
< 1.11.9
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0915
< 1.11.9
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0914
< 1.11.9
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0913
< 1.11.9
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0912
< 1.11.9
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0911
< 1.11.9
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka
7.5
HIGH
CVE-2019-0861
< 1.11.8
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0860
< 1.11.8
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0829
< 1.11.8
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0812
< 1.11.8
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0810
< 1.11.8
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0806
< 1.11.8
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0739
< 1.11.8
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0773
< 1.11.7
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0771
< 1.11.7
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0769
< 1.11.7
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0746
all versions
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft E
6.5
MEDIUM
CVE-2019-0611
< 1.11.7
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0609
< 1.11.7
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka
7.5
HIGH
CVE-2019-0592
< 1.11.7
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0658
< 1.11.6
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft E
6.5
MEDIUM
CVE-2019-0655
< 1.11.6
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0652
< 1.11.6
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0651
< 1.11.6
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0649
< 1.11.6
A vulnerability exists in Microsoft Chakra JIT server, aka 'Scripting Engine Elevation of Privileged Vulnerability'.
8.1
HIGH
CVE-2019-0644
< 1.11.6
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0642
< 1.11.6
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0640
< 1.11.6
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0610
< 1.11.6
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0607
< 1.11.6
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0605
< 1.11.6
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0593
< 1.11.6
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0591
< 1.11.6
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0590
< 1.11.6
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0568
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0567
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0539
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8629
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8624
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8618
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8617
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8583
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8588
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8557
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8556
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8555
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8551
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8543
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8542
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8541
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8513
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8511
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8510
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8505
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8503
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8500
all versions
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scrip
9.8
CRITICAL
CVE-2018-8473
all versions
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory
7.5
HIGH
CVE-2018-8467
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8466
<= 1.10.1
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8465
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8459
<= 1.10.1
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scrip
7.5
HIGH
CVE-2018-8456
<= 1.10.1
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scrip
7.5
HIGH
CVE-2018-8452
all versions
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft b
4.3
MEDIUM
CVE-2018-8391
all versions
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scrip
7.5
HIGH
CVE-2018-8367
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8354
<= 1.10.1
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2018-8315
all versions
An information disclosure vulnerability exists when the browser scripting engine improperly handle object types, aka "Microsoft Sc
4.2
MEDIUM
CVE-2018-8390
<= 1.10.1
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scrip
7.5
HIGH
CVE-2018-8385
all versions
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka
7.5
HIGH
CVE-2018-8384
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8381
<= 1.10.1
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8380
<= 1.10.1
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8372
all versions
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka
7.5
HIGH
CVE-2018-8359
all versions
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scrip
7.5
HIGH
CVE-2018-8355
all versions
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka
7.5
HIGH
CVE-2018-8266
<= 1.10.1
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8298
< 1.10.1
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scrip
7.5
HIGH
CVE-2018-8294
<= 1.10.0
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8291
< 1.10.1
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka
7.5
HIGH
CVE-2018-8290
<= 1.10.0
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8288
< 1.10.1
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka
7.5
HIGH
CVE-2018-8287
< 1.10.1
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka
7.5
HIGH
CVE-2018-8286
<= 1.10.0
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8283
< 1.10.1
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scrip
7.5
HIGH
CVE-2018-8280
<= 1.10.0
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8279
<= 1.10.0
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory
7.5
HIGH
CVE-2018-8275
<= 1.10.0
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory
7.5
HIGH
CVE-2018-8243
all versions
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scrip
7.5
HIGH
CVE-2018-8229
<= 1.8.4
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8227
<= 1.8.4
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8178
<= 1.8.3
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka "Microsoft Browser M
7.5
HIGH
CVE-2018-8177
<= 1.8.3
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8145
<= 1.8.3
An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an
7.5
HIGH
CVE-2018-8139
<= 1.8.3
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2018-8137
<= 1.8.3
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2018-8133
<= 1.8.3
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8130
<= 1.8.3
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8128
<= 1.8.3
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2018-1022
<= 1.8.3
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka
7.5
HIGH
CVE-2018-0954
<= 1.8.3
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka
7.5
HIGH
CVE-2018-0953
<= 1.8.3
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2018-0946
<= 1.8.3
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2018-0945
<= 1.8.3
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2018-0943
<= 1.8.3
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-1023
all versions
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka "Microsoft Browser M
7.5
HIGH
CVE-2018-0980
< 1.8.3
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-0934
< 1.8.2
ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how
7.5
HIGH
CVE-2018-0933
< 1.8.2
ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how
7.5
HIGH
CVE-2018-0925
all versions
ChakraCore allows remote code execution, due to how the ChakraCore scripting engine handles objects in memory, aka "Scripting Engi
7.5
HIGH
CVE-2018-0859
all versions
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code exe
7.5
HIGH
CVE-2018-0858
all versions
ChakraCore allows remote code execution, due to how the ChakraCore scripting engine handles objects in memory, aka "Scripting Engi
7.5
HIGH
CVE-2018-0857
all versions
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code exe
7.5
HIGH
CVE-2018-0856
all versions
Microsoft Edge and ChakraCore in Microsoft Windows 10 1703 and 1709 allows remote code execution, due to how the scripting engine
7.5
HIGH
CVE-2018-0838
all versions
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code exe
7.5
HIGH
CVE-2018-0837
all versions
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code exe
7.5
HIGH
CVE-2018-0836
all versions
Microsoft Edge and ChakraCore in Microsoft Windows 10 1703 and 1709 allows remote code execution, due to how the scripting engine
7.5
HIGH
CVE-2018-0835
all versions
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code exe
7.5
HIGH
CVE-2018-0834
all versions
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code exe
7.5
HIGH
CVE-2018-0818
all versions
Microsoft ChakraCore allows an attacker to bypass Control Flow Guard (CFG) in conjunction with another vulnerability to run arbitr
7.5
HIGH
CVE-2018-0800
<= 1.7.6
Microsoft Edge in Microsoft Windows 10 1709 allows an attacker to obtain information to further compromise the user's system, due
5.3
MEDIUM
CVE-2018-0781
< 1.7.6
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in
7.5
HIGH
CVE-2018-0780
< 1.7.6
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain informat
5.3
MEDIUM
CVE-2018-0778
< 1.7.6
Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the
7.5
HIGH
CVE-2018-0777
< 1.7.6
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in
7.5
HIGH
CVE-2018-0776
< 1.7.6
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in
7.5
HIGH
CVE-2018-0775
< 1.7.6
Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the
7.5
HIGH
CVE-2018-0774
< 1.7.6
Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the
7.5
HIGH
CVE-2018-0773
< 1.7.6
Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the
7.5
HIGH
CVE-2018-0772
< 1.7.6
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012
7.5
HIGH
CVE-2018-0770
< 1.7.6
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in
7.5
HIGH
CVE-2018-0769
< 1.7.6
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in
7.5
HIGH
CVE-2018-0768
< 1.7.6
Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the
7.5
HIGH
CVE-2018-0767
< 1.7.6
Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to
5.3
MEDIUM
CVE-2018-0762
< 1.7.6
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012
7.5
HIGH
CVE-2018-0758
< 1.7.6
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in
7.5
HIGH
CVE-2017-11930
< 1.7.5
ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows
7.5
HIGH
CVE-2017-11919
< 1.7.5
ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows
5.3
MEDIUM
CVE-2017-11918
< 1.7.5
ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the s
7.5
HIGH
CVE-2017-11916
< 1.7.5
ChakraCore allows an attacker to execute arbitrary code in the context of the current user, due to how the ChakraCore scripting en
7.5
HIGH
CVE-2017-11914
< 1.7.5
ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same us
7.5
HIGH
CVE-2017-11912
< 1.7.5
ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Wind
7.5
HIGH
CVE-2017-11911
< 1.7.5
ChakraCore and Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the cont
7.5
HIGH
CVE-2017-11910
< 1.7.5
ChakraCore and Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in th
7.5
HIGH
CVE-2017-11909
< 1.7.5
ChakraCore and Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the cont
7.5
HIGH
CVE-2017-11908
< 1.7.5
ChakraCore and Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scr
7.5
HIGH
CVE-2017-11905
< 1.7.5
ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrar
7.5
HIGH
CVE-2017-11895
< 1.7.5
ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows
7.5
HIGH
CVE-2017-11894
< 1.7.5
ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Wind
7.5
HIGH
CVE-2017-11893
< 1.7.5
ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrar
7.5
HIGH
CVE-2017-11889
< 1.7.5
ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute ar
7.5
HIGH
CVE-2017-11874
all versions
Microsoft Edge in Microsoft Windows 10 1703, 1709, Windows Server, version 1709, and ChakraCore allows an attacker to bypass Contr
3.1
LOW
CVE-2017-11873
all versions
ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an
7.5
HIGH
CVE-2017-11871
all versions
ChakraCore and Microsoft Edge in Windows 10 1703, 1709, and Windows Server, version 1709 allows an attacker to gain the same user
7.5
HIGH
CVE-2017-11870
all versions
ChakraCore and Microsoft Edge in Windows 10 1703, 1709, and Windows Server, version 1709 allows an attacker to gain the same user
7.5
HIGH
CVE-2017-11866
all versions
ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 all
7.5
HIGH
CVE-2017-11862
all versions
ChakraCore and Microsoft Edge in Windows 10 1709 and Windows Server, version 1709 allows an attacker to gain the same user rights
7.5
HIGH
CVE-2017-11861
all versions
Microsoft Edge in Windows 10 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the
7.5
HIGH
CVE-2017-11858
all versions
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windo
7.5
HIGH
CVE-2017-11846
all versions
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windo
7.5
HIGH
CVE-2017-11843
all versions
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windo
7.5
HIGH
CVE-2017-11841
all versions
ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 all
7.5
HIGH
CVE-2017-11840
all versions
ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 all
7.5
HIGH
CVE-2017-11838
all versions
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows S
7.5
HIGH
CVE-2017-11837
all versions
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows S
7.5
HIGH
CVE-2017-11836
all versions
ChakraCore, and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, versi
7.5
HIGH
CVE-2017-11791
all versions
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, W
3.1
LOW
CVE-2017-11767
all versions
ChakraCore allows an attacker to gain the same user rights as the current user, due to the way that the ChakraCore scripting engin
9.8
CRITICAL
CVE-2017-11821
<= 1.7.2
ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the curr
7.5
HIGH
CVE-2017-11812
<= 1.7.2
ChakraCore and Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbi
7.5
HIGH
CVE-2017-11811
< 1.7.3
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execut
7.5
HIGH
CVE-2017-11809
<= 1.7.2
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execut
7.5
HIGH
CVE-2017-11808
<= 1.7.2
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execut
7.5
HIGH
CVE-2017-11807
<= 1.7.2
ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the curr
7.5
HIGH
CVE-2017-11806
<= 1.7.2
ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the curr
7.5
HIGH
CVE-2017-11805
<= 1.7.2
ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the curr
7.5
HIGH
CVE-2017-11804
all versions
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execut
7.5
HIGH
CVE-2017-11802
<= 1.7.2
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execut
7.5
HIGH
CVE-2017-11801
<= 1.7.2
ChakraCore allows an attacker to execute arbitrary code in the context of the current user, due to how the ChakraCore scripting en
7.5
HIGH
CVE-2017-11799
<= 1.7.2
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execut
7.5
HIGH
CVE-2017-11797
<= 1.7.2
ChakraCore allows an attacker to execute arbitrary code in the context of the current user, due to how the ChakraCore scripting en
7.5
HIGH
CVE-2017-11796
<= 1.7.2
ChakraCore and Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user,
7.5
HIGH
CVE-2017-11792
<= 1.7.2
ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allow an attacker to execute arbitrary code in the context of the curre
7.5
HIGH
CVE-2017-8658
<= 1.7.0
A remote code execution vulnerability exists in the way that the Chakra JavaScript engine renders when handling objects in memory,
9.8
CRITICAL
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin