Edge Security Vulnerabilities and Issues — Page 3 of Edge CVE List

Lucene search

MicrosoftEdge

751 matches found

CVE•added 2020/11/11 7:15 a.m.•122 views

CVE-2020-17048

Chakra Scripting Engine Memory Corruption Vulnerability

8.1CVSS5AI score0.02691EPSS

CVE•added 2019/01/08 9:29 p.m.•121 views

CVE-2019-0567

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0539, CVE-2019-0568.

7.6CVSS7.4AI score0.92032EPSS

CVE•added 2020/03/12 4:15 p.m.•120 views

CVE-2020-0830

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, ...

7.6CVSS7.7AI score0.28794EPSS

CVE•added 2024/07/25 10:15 p.m.•120 views

CVE-2024-38103

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

5.9CVSS5.4AI score0.00836EPSS

CVE•added 2020/03/12 4:15 p.m.•119 views

CVE-2020-0826

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-20...

7.6CVSS7.8AI score0.28794EPSS

CVE•added 2020/03/12 4:15 p.m.•119 views

CVE-2020-0827

7.6CVSS7.8AI score0.28794EPSS

CVE•added 2019/09/11 10:15 p.m.•118 views

CVE-2019-1217

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1138, CVE-2019-1237, CVE-2019-1298, CVE-2019-1300.

7.6CVSS7.4AI score0.04538EPSS

CVE•added 2017/09/13 1:29 a.m.•117 views

CVE-2017-8750

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the ...

7.6CVSS7.1AI score0.24219EPSS

CVE•added 2019/07/15 7:15 p.m.•117 views

CVE-2019-1092

7.6CVSS7.4AI score0.04538EPSS

CVE•added 2019/07/29 2:8 p.m.•117 views

CVE-2019-1106

7.6CVSS7.4AI score0.04538EPSS

CVE•added 2020/03/12 4:15 p.m.•117 views

CVE-2020-0828

7.6CVSS7.8AI score0.28794EPSS

CVE•added 2020/03/12 4:15 p.m.•117 views

CVE-2020-0848

7.6CVSS7.8AI score0.28794EPSS

CVE•added 2020/09/11 5:15 p.m.•117 views

CVE-2020-1180

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the v...

7.6CVSS7AI score0.01804EPSS

CVE•added 2017/05/12 2:29 p.m.•115 views

CVE-2017-0234

A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-201...

7.6CVSS7.7AI score0.55566EPSS

CVE•added 2019/10/10 2:15 p.m.•115 views

CVE-2019-1335

7.6CVSS7.4AI score0.03503EPSS

CVE•added 2020/03/12 4:15 p.m.•115 views

CVE-2020-0825

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-20...

7.6CVSS7.8AI score0.28794EPSS

CVE•added 2021/11/10 1:19 a.m.•114 views

CVE-2021-41351

Microsoft Edge (Chrome based) Spoofing on IE Mode

4.3CVSS6.4AI score0.09764EPSS

CVE•added 2017/01/10 9:59 p.m.•113 views

CVE-2017-0002

Microsoft Edge allows remote attackers to bypass the Same Origin Policy via vectors involving the about:blank URL and data: URLs, aka "Microsoft Edge Elevation of Privilege Vulnerability."

8.8CVSS8.3AI score0.14732EPSS

CVE•added 2019/06/12 2:29 p.m.•112 views

CVE-2019-1002

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who s...

7.6CVSS6.6AI score0.0117EPSS

CVE•added 2020/06/09 8:15 p.m.•112 views

CVE-2020-1219

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'.

7.6CVSS8.1AI score0.26445EPSS

CVE•added 2020/08/17 7:15 p.m.•112 views

CVE-2020-1568

A remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vu...

7.6CVSS8.1AI score0.03113EPSS

CVE•added 2016/10/14 2:59 a.m.•111 views

CVE-2016-7190

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3386, CVE-2016-3389, and CVE-2016...

7.6CVSS7.6AI score0.78358EPSS

CVE•added 2019/08/14 9:15 p.m.•111 views

CVE-2019-1141

7.6CVSS6.3AI score0.01308EPSS

CVE•added 2020/02/11 10:15 p.m.•111 views

CVE-2020-0663

An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a website that is used to ...

4.2CVSS5.5AI score0.01395EPSS

CVE•added 2019/06/12 2:29 p.m.•110 views

CVE-2019-0992

7.6CVSS6.7AI score0.00793EPSS

CVE•added 2024/09/12 3:15 a.m.•110 views

CVE-2024-38222

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

6.5CVSS6.1AI score0.0159EPSS

CVE•added 2016/10/14 2:59 a.m.•109 views

CVE-2016-3267

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the existence of unspecified files via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."

5.3CVSS5.5AI score0.22204EPSS

CVE•added 2019/07/29 1:58 p.m.•109 views

CVE-2019-1103

7.6CVSS7.4AI score0.04538EPSS

CVE•added 2019/10/10 2:15 p.m.•109 views

CVE-2019-1308

7.6CVSS7.4AI score0.03503EPSS

CVE•added 2019/01/08 9:29 p.m.•108 views

CVE-2019-0568

7.6CVSS7.4AI score0.92032EPSS

CVE•added 2019/04/08 11:29 p.m.•108 views

CVE-2019-0592

7.6CVSS7.4AI score0.38317EPSS

CVE•added 2019/06/12 2:29 p.m.•108 views

CVE-2019-1003

7.6CVSS6.7AI score0.01427EPSS

CVE•added 2019/09/11 10:15 p.m.•108 views

CVE-2019-1298

7.6CVSS7.4AI score0.04538EPSS

CVE•added 2019/09/11 10:15 p.m.•108 views

CVE-2019-1300

7.6CVSS7.4AI score0.04538EPSS

CVE•added 2020/03/12 4:15 p.m.•108 views

CVE-2020-0831

7.6CVSS7.8AI score0.28794EPSS

CVE•added 2020/06/09 8:15 p.m.•108 views

CVE-2020-1073

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'.

9.3CVSS7.9AI score0.13506EPSS

CVE•added 2021/01/12 8:15 p.m.•108 views

CVE-2021-1705

Microsoft Edge (HTML-based) Memory Corruption Vulnerability

7.6CVSS6.1AI score0.00976EPSS

CVE•added 2019/06/12 2:29 p.m.•107 views

CVE-2019-1052

7.6CVSS6.6AI score0.01427EPSS

CVE•added 2019/10/10 2:15 p.m.•107 views

CVE-2019-1307

7.6CVSS7.4AI score0.03503EPSS

CVE•added 2016/02/10 11:59 a.m.•106 views

CVE-2016-0060

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0061, CVE-2016-0063,...

9.3CVSS8.6AI score0.40616EPSS

CVE•added 2019/05/16 7:29 p.m.•106 views

CVE-2019-0914

7.6CVSS7.5AI score0.04538EPSS

CVE•added 2019/07/29 2:6 p.m.•106 views

CVE-2019-1104

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'.

7.6CVSS7.7AI score0.03057EPSS

CVE•added 2017/12/12 9:29 p.m.•105 views

CVE-2017-11912

ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same ...

7.6CVSS7.6AI score0.76161EPSS

CVE•added 2019/06/12 2:29 p.m.•105 views

CVE-2019-0989

7.6CVSS6.6AI score0.01427EPSS

CVE•added 2019/06/12 2:29 p.m.•105 views

CVE-2019-0991

7.6CVSS6.6AI score0.01427EPSS

CVE•added 2016/09/06 10:59 a.m.•104 views

CVE-2016-7152

The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack.

5.3CVSS4.9AI score0.02278EPSS

CVE•added 2017/09/13 1:29 a.m.•104 views

CVE-2017-8741

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the con...

7.6CVSS7.2AI score0.76981EPSS

CVE•added 2019/04/08 11:29 p.m.•104 views

CVE-2019-0609

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, ...

7.6CVSS7.6AI score0.10875EPSS

CVE•added 2019/05/16 7:29 p.m.•104 views

CVE-2019-0911

7.6CVSS7.3AI score0.04621EPSS

CVE•added 2019/06/12 2:29 p.m.•104 views

CVE-2019-1024

7.6CVSS6.6AI score0.01427EPSS

Total number of security vulnerabilities751