Microsoft Chakracore vulnerabilities

242 known vulnerabilities affecting microsoft/chakracore.

Total CVEs

242

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL2HIGH215MEDIUM25

Vulnerabilities

Page 12 of 13

CVE-2017-11912HIGHCVSS 7.5fixed in 1.7.52017-12-12

CVE-2017-11912 [HIGH] CVE-2017-11912: ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Window ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engi

nvd

CVE-2017-11895HIGHCVSS 7.5fixed in 1.7.52017-12-12

CVE-2017-11895 [HIGH] CVE-2017-11895: ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8. ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handl

nvd

CVE-2017-11893HIGHCVSS 7.5PoCfixed in 1.7.52017-12-12

CVE-2017-11893 [HIGH] CVE-2017-11893: ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows a ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890

nvd

CVE-2017-11908HIGHCVSS 7.5fixed in 1.7.52017-12-12

CVE-2017-11908 [HIGH] CVE-2017-11908: ChakraCore and Windows 10 1709 allows an attacker to execute arbitrary code in the context of the cu ChakraCore and Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11

nvd

CVE-2017-11914HIGHCVSS 7.5PoCfixed in 1.7.52017-12-12

CVE-2017-11914 [HIGH] CVE-2017-11914: ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows a ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-1

nvd

CVE-2017-11910HIGHCVSS 7.5fixed in 1.7.52017-12-12

CVE-2017-11910 [HIGH] CVE-2017-11910: ChakraCore and Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker t ChakraCore and Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-1

nvd

CVE-2017-11919MEDIUMCVSS 5.3fixed in 1.7.52017-12-12

CVE-2017-11919 [MEDIUM] CVE-2017-11919: ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8. ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016, and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromi

nvd

CVE-2017-11809HIGHCVSS 7.5PoC≤ 1.7.22017-10-13

CVE-2017-11809 [HIGH] CVE-2017-11809: ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 201 ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-

nvd

CVE-2017-11797HIGHCVSS 7.5≤ 1.7.22017-10-13

CVE-2017-11797 [HIGH] CVE-2017-11797: ChakraCore allows an attacker to execute arbitrary code in the context of the current user, due to h ChakraCore allows an attacker to execute arbitrary code in the context of the current user, due to how the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801,

nvd

CVE-2017-11821HIGHCVSS 7.5≤ 1.7.22017-10-13

CVE-2017-11821 [HIGH] CVE-2017-11821: ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary c ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798,

nvd

CVE-2017-11792HIGHCVSS 7.5≤ 1.7.22017-10-13

CVE-2017-11792 [HIGH] CWE-119 CVE-2017-11792: ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allow an attacker to execute arbitrary co ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allow an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11793, CVE-2017-11796, CVE-2017-11798, CVE-2017-11799, CVE-2017

nvd

CVE-2017-11811HIGHCVSS 7.5PoCfixed in 1.7.32017-10-13

CVE-2017-11811 [HIGH] CVE-2017-11811: ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 201 ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-

nvd

CVE-2017-11807HIGHCVSS 7.5≤ 1.7.22017-10-13

CVE-2017-11807 [HIGH] CVE-2017-11807: ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary c ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798,

nvd

CVE-2017-11796HIGHCVSS 7.5≤ 1.7.22017-10-13

CVE-2017-11796 [HIGH] CVE-2017-11796: ChakraCore and Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the ChakraCore and Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-

nvd

CVE-2017-11806HIGHCVSS 7.5≤ 1.7.22017-10-13

CVE-2017-11806 [HIGH] CVE-2017-11806: ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary c ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798,

nvd

CVE-2017-11805HIGHCVSS 7.5≤ 1.7.22017-10-13

CVE-2017-11805 [HIGH] CVE-2017-11805: ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary c ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798,

nvd

CVE-2017-11808HIGHCVSS 7.5≤ 1.7.22017-10-13

CVE-2017-11808 [HIGH] CVE-2017-11808: ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 201 ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-

nvd

CVE-2017-11799HIGHCVSS 7.5PoC≤ 1.7.22017-10-13

CVE-2017-11799 [HIGH] CVE-2017-11799: ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 201 ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-

nvd

CVE-2017-11801HIGHCVSS 7.5≤ 1.7.22017-10-13

CVE-2017-11801 [HIGH] CVE-2017-11801: ChakraCore allows an attacker to execute arbitrary code in the context of the current user, due to h ChakraCore allows an attacker to execute arbitrary code in the context of the current user, due to how the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800,

nvd

CVE-2017-11812HIGHCVSS 7.5≤ 1.7.22017-10-13

CVE-2017-11812 [HIGH] CVE-2017-11812: ChakraCore and Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allo ChakraCore and Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-1

nvd

← Previous12 / 13Next →