Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MicrosoftEdge

135 matches found

CVE
CVEadded 2016/09/14 10:59 a.m.56 views

CVE-2016-3350

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3377.

7.6CVSS7.7AI score0.236EPSS
CVE
CVEadded 2016/11/10 6:59 a.m.56 views

CVE-2016-7209

Microsoft Edge allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability."

5.3CVSS5.7AI score0.06822EPSS
CVE
CVEadded 2016/12/20 6:59 a.m.56 views

CVE-2016-7281

The Web Workers implementation in Microsoft Internet Explorer 10 and 11 and Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Browser Security Feature Bypass Vulnerability."

5.3CVSS6.4AI score0.34492EPSS
CVE
CVEadded 2016/03/09 11:59 a.m.55 views

CVE-2016-0130

Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0116, CVE-2016-0123, CVE-2016-0124, and CVE-2016-0129.

7.6CVSS7.7AI score0.24353EPSS
CVE
CVEadded 2016/04/12 11:59 p.m.55 views

CVE-2016-0161

Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Edge Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0158.

6.5CVSS6.3AI score0.23982EPSS
CVE
CVEadded 2016/10/14 2:59 a.m.55 views

CVE-2016-3331

Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."

9.3CVSS7.6AI score0.23334EPSS
CVE
CVEadded 2016/10/14 2:59 a.m.55 views

CVE-2016-3382

The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as demonstrated by the Chakra JavaScript engine, aka "Scripting Engine Memory Corruption Vul...

9.3CVSS7.4AI score0.23334EPSS
CVE
CVEadded 2016/10/14 2:59 a.m.55 views

CVE-2016-3387

Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsoft Browser Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3388.

7.5CVSS6.2AI score0.47517EPSS
CVE
CVEadded 2016/10/14 2:59 a.m.55 views

CVE-2016-3389

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3386, CVE-2016-7190, and CVE-2016...

7.6CVSS7.6AI score0.79242EPSS
CVE
CVEadded 2016/08/09 9:59 p.m.54 views

CVE-2016-3329

Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to determine the existence of files via a crafted webpage, aka "Internet Explorer Information Disclosure Vulnerability."

5.3CVSS5.5AI score0.32707EPSS
CVE
CVEadded 2016/09/14 10:59 a.m.54 views

CVE-2016-3330

Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3294.

7.6CVSS7.8AI score0.23501EPSS
CVE
CVEadded 2016/06/16 1:59 a.m.53 views

CVE-2016-3214

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3199.

9.3CVSS8.6AI score0.21571EPSS
CVE
CVEadded 2016/12/20 6:59 a.m.52 views

CVE-2016-7280

Cross-site scripting (XSS) vulnerability in Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Edge Information Disclosure Vulnerability," a different vulnerability than CVE-2016-7206.

6.1CVSS5.8AI score0.09084EPSS
CVE
CVEadded 2016/07/13 1:59 a.m.51 views

CVE-2016-3244

Microsoft Edge allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Edge Security Feature Bypass."

4.3CVSS5.8AI score0.20014EPSS
CVE
CVEadded 2016/09/06 10:59 a.m.51 views

CVE-2016-7153

The HTTP/2 protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack.

5.3CVSS4.9AI score0.03915EPSS
CVE
CVEadded 2016/01/13 5:59 a.m.50 views

CVE-2016-0003

Microsoft Edge allows remote attackers to execute arbitrary code via unspecified vectors, aka "Microsoft Edge Memory Corruption Vulnerability."

9.6CVSS9.4AI score0.08219EPSS
CVE
CVEadded 2016/03/09 11:59 a.m.50 views

CVE-2016-0116

Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0123, CVE-2016-0124, CVE-2016-0129, and CVE-2016-0130.

7.6CVSS7.7AI score0.24353EPSS
CVE
CVEadded 2016/10/14 2:59 a.m.50 views

CVE-2016-3388

Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsoft Browser Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3387.

5.3CVSS6.2AI score0.47517EPSS
CVE
CVEadded 2016/03/09 11:59 a.m.49 views

CVE-2016-0105

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0107, CVE-2016-0111,...

7.6CVSS7.6AI score0.44978EPSS
CVE
CVEadded 2016/12/20 6:59 a.m.49 views

CVE-2016-7181

Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."

7.6CVSS7.8AI score0.21224EPSS
CVE
CVEadded 2016/03/09 11:59 a.m.48 views

CVE-2016-0124

Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0116, CVE-2016-0123, CVE-2016-0129, and CVE-2016-0130.

7.6CVSS7.7AI score0.24353EPSS
CVE
CVEadded 2016/07/13 1:59 a.m.48 views

CVE-2016-3246

Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."

7.6CVSS7.9AI score0.18282EPSS
CVE
CVEadded 2016/09/14 10:59 a.m.48 views

CVE-2016-3294

Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3330.

7.6CVSS7.8AI score0.23501EPSS
CVE
CVEadded 2016/03/09 11:59 a.m.47 views

CVE-2016-0110

Microsoft Internet Explorer 10 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."

7.6CVSS7.7AI score0.24353EPSS
CVE
CVEadded 2016/03/09 11:59 a.m.47 views

CVE-2016-0129

Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0116, CVE-2016-0123, CVE-2016-0124, and CVE-2016-0130.

7.6CVSS7.7AI score0.24353EPSS
CVE
CVEadded 2016/02/10 11:59 a.m.46 views

CVE-2016-0080

Microsoft Edge mishandles exceptions during window-message dispatch operations, which allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Edge ASLR Bypass."

4.3CVSS5.8AI score0.1349EPSS
CVE
CVEadded 2016/11/10 6:59 a.m.46 views

CVE-2016-7204

Microsoft Edge allows remote attackers to access arbitrary "My Documents" files via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability."

3.1CVSS5AI score0.18602EPSS
CVE
CVEadded 2016/07/13 1:59 a.m.45 views

CVE-2016-3269

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3265.

9.3CVSS8.6AI score0.25587EPSS
CVE
CVEadded 2016/07/13 1:59 a.m.45 views

CVE-2016-3271

The VBScript engine in Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability."

6.5CVSS6.1AI score0.48184EPSS
CVE
CVEadded 2016/09/14 10:59 a.m.45 views

CVE-2016-3291

Microsoft Internet Explorer 11 and Microsoft Edge mishandle cross-origin requests, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."

2.6CVSS4.7AI score0.05161EPSS
CVE
CVEadded 2016/12/20 6:59 a.m.45 views

CVE-2016-7297

The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7286, CVE-2016-7288, and CVE-2016-7296.

7.6CVSS7.6AI score0.7786EPSS
CVE
CVEadded 2016/02/10 11:59 a.m.44 views

CVE-2016-0077

Microsoft Internet Explorer 9 through 11 and Microsoft Edge misparse HTTP responses, which allows remote attackers to spoof web sites via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability."

4.3CVSS5.7AI score0.09359EPSS
CVE
CVEadded 2016/03/09 11:59 a.m.44 views

CVE-2016-0123

Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0116, CVE-2016-0124, CVE-2016-0129, and CVE-2016-0130.

7.6CVSS7.7AI score0.24353EPSS
CVE
CVEadded 2016/10/14 2:59 a.m.43 views

CVE-2016-3392

The Edge Content Security Policy feature in Microsoft Edge does not properly validate documents, which allows remote attackers to bypass intended access restrictions via a crafted web site, aka "Microsoft Browser Security Feature Bypass Vulnerability."

5.3CVSS5.8AI score0.0943EPSS
CVE
CVEadded 2016/10/14 2:59 a.m.41 views

CVE-2016-3390

The scripting engines in Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as demonstrated by the Chakra JavaScript engine, aka "Scripting Engine Memory Corruption Vulnerability...

7.6CVSS7.4AI score0.22988EPSS
Total number of security vulnerabilities135