Lucene search

K
MicrosoftEdge

751 matches found

CVE
CVE
added 2019/05/16 7:29 p.m.94 views

CVE-2019-0916

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0917, ...

7.6CVSS7.5AI score0.04538EPSS
CVE
CVE
added 2017/11/15 3:29 a.m.93 views

CVE-2017-11840

ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vuln...

7.6CVSS7.5AI score
CVE
CVE
added 2017/12/12 9:29 p.m.93 views

CVE-2017-11909

ChakraCore and Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CV...

7.6CVSS7.9AI score0.76161EPSS
CVE
CVE
added 2019/05/16 7:29 p.m.93 views

CVE-2019-0923

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, ...

7.6CVSS7.5AI score0.04538EPSS
CVE
CVE
added 2020/05/21 11:15 p.m.93 views

CVE-2020-1065

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'.

7.6CVSS7.6AI score0.04538EPSS
CVE
CVE
added 2020/07/14 11:15 p.m.93 views

CVE-2020-1462

An information disclosure vulnerability exists when Skype for Business is accessed via Microsoft Edge (EdgeHTML-based), aka 'Skype for Business via Microsoft Edge (EdgeHTML-based) Information Disclosure Vulnerability'.

4.3CVSS5.8AI score0.09831EPSS
CVE
CVE
added 2017/11/15 3:29 a.m.92 views

CVE-2017-11858

ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows a...

7.6CVSS7.6AI score
CVE
CVE
added 2018/01/04 2:29 p.m.92 views

CVE-2018-0762

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the ...

7.6CVSS6.7AI score0.78365EPSS
CVE
CVE
added 2018/03/14 5:29 p.m.92 views

CVE-2018-0891

ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allow information disclosure, due to...

4.3CVSS5.1AI score0.56551EPSS
CVE
CVE
added 2018/05/09 7:29 p.m.92 views

CVE-2018-0954

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID...

7.6CVSS7.7AI score0.77602EPSS
CVE
CVE
added 2019/04/09 12:29 a.m.92 views

CVE-2019-0746

An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'.

6.5CVSS6.6AI score0.22506EPSS
CVE
CVE
added 2019/05/16 7:29 p.m.92 views

CVE-2019-0917

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, ...

7.6CVSS7.5AI score0.04538EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.91 views

CVE-2017-0135

Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0066 and CVE-2017-0140.

4.2CVSS4.3AI score0.22472EPSS
CVE
CVE
added 2017/11/15 3:29 a.m.91 views

CVE-2017-11836

ChakraCore, and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to take control of an affected system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vuln...

7.6CVSS7.4AI score
CVE
CVE
added 2017/11/15 3:29 a.m.91 views

CVE-2017-11843

ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an at...

7.6CVSS7.5AI score
CVE
CVE
added 2017/12/12 9:29 p.m.91 views

CVE-2017-11911

ChakraCore and Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CV...

7.6CVSS7.9AI score0.76161EPSS
CVE
CVE
added 2017/12/12 9:29 p.m.91 views

CVE-2017-11914

ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique f...

7.6CVSS7.6AI score0.76161EPSS
CVE
CVE
added 2019/04/09 3:29 a.m.91 views

CVE-2019-0773

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771,...

7.6CVSS7.6AI score0.10875EPSS
CVE
CVE
added 2019/04/09 9:29 p.m.91 views

CVE-2019-0806

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0810, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861.

7.6CVSS7.5AI score0.44847EPSS
CVE
CVE
added 2019/05/16 7:29 p.m.91 views

CVE-2019-0933

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, ...

7.6CVSS7.5AI score0.04538EPSS
CVE
CVE
added 2019/06/12 2:29 p.m.91 views

CVE-2019-1081

An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.To exploit the vulnerability, in a web-based attack scenari...

6.5CVSS5.7AI score0.01125EPSS
CVE
CVE
added 2020/03/12 4:15 p.m.91 views

CVE-2020-0816

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'.

9.3CVSS9.2AI score0.20625EPSS
CVE
CVE
added 2020/07/14 11:15 p.m.91 views

CVE-2020-1433

An information disclosure vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka 'Microsoft Edge PDF Information Disclosure Vulnerability'.

6.5CVSS6.9AI score0.22806EPSS
CVE
CVE
added 2017/05/12 2:29 p.m.90 views

CVE-2017-0230

A remote code execution vulnerability exists in Microsoft Edge in the way JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0234, CVE-2017-0235, CVE-2017...

7.6CVSS7.7AI score0.55566EPSS
CVE
CVE
added 2017/11/15 3:29 a.m.90 views

CVE-2017-11841

ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vuln...

7.6CVSS7.5AI score
CVE
CVE
added 2018/01/04 2:29 p.m.90 views

CVE-2018-0772

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the ...

7.6CVSS6.7AI score0.78365EPSS
CVE
CVE
added 2018/02/15 2:29 a.m.90 views

CVE-2018-0840

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting e...

9.3CVSS7.3AI score0.7974EPSS
CVE
CVE
added 2018/05/09 7:29 p.m.90 views

CVE-2018-0945

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE...

7.6CVSS7.7AI score0.77602EPSS
CVE
CVE
added 2019/03/06 12:0 a.m.90 views

CVE-2019-0593

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640,...

7.6CVSS7.7AI score0.34646EPSS
CVE
CVE
added 2016/05/11 1:59 a.m.89 views

CVE-2016-0193

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0186 and CVE-2016-0191.

7.6CVSS7.7AI score0.27002EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.89 views

CVE-2017-0023

The PDF library in Microsoft Edge; Windows 8.1; Windows Server 2012 and R2; Windows RT 8.1; and Windows 10, 1511, and 1607 allows remote attackers to execute arbitrary code via a crafted PDF file, aka "Microsoft PDF Remote Code Execution Vulnerability."

7.6CVSS7.8AI score0.27879EPSS
CVE
CVE
added 2017/11/15 3:29 a.m.89 views

CVE-2017-11837

ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attack...

7.6CVSS7.5AI score
CVE
CVE
added 2017/11/15 3:29 a.m.89 views

CVE-2017-11873

ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerabil...

7.6CVSS7.4AI score
CVE
CVE
added 2017/12/12 9:29 p.m.89 views

CVE-2017-11910

ChakraCore and Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique f...

7.6CVSS7.9AI score0.76161EPSS
CVE
CVE
added 2017/08/10 6:29 p.m.89 views

CVE-2017-8518

Microsoft Edge allows a remote code execution vulnerability due to the way it accesses objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

7.6CVSS6AI score0.2401EPSS
CVE
CVE
added 2018/01/04 2:29 p.m.89 views

CVE-2018-0780

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This...

5.3CVSS5AI score0.72149EPSS
CVE
CVE
added 2019/03/06 12:0 a.m.89 views

CVE-2019-0590

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640,...

7.6CVSS7.7AI score0.34646EPSS
CVE
CVE
added 2019/08/14 9:15 p.m.89 views

CVE-2019-1196

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who s...

7.6CVSS6.3AI score0.01308EPSS
CVE
CVE
added 2018/03/14 5:29 p.m.88 views

CVE-2018-0874

ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2...

7.6CVSS7.2AI score0.85621EPSS
CVE
CVE
added 2019/03/06 12:0 a.m.88 views

CVE-2019-0658

An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0648.

6.5CVSS4.8AI score0.2445EPSS
CVE
CVE
added 2019/08/14 9:15 p.m.88 views

CVE-2019-1193

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerabili...

7.6CVSS8.2AI score0.01267EPSS
CVE
CVE
added 2021/09/02 11:15 p.m.88 views

CVE-2021-26436

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

8.1CVSS6.7AI score0.01112EPSS
CVE
CVE
added 2016/09/06 10:59 a.m.87 views

CVE-2016-7153

The HTTP/2 protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack.

5.3CVSS4.9AI score0.02278EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.87 views

CVE-2017-0137

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An at...

7.6CVSS7.9AI score0.80217EPSS
CVE
CVE
added 2017/12/12 9:29 p.m.87 views

CVE-2017-11889

ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This ...

7.6CVSS7.8AI score0.76161EPSS
CVE
CVE
added 2019/04/09 9:29 p.m.87 views

CVE-2019-0764

A tampering vulnerability exists when Microsoft browsers do not properly validate input under specific conditions, aka 'Microsoft Browsers Tampering Vulnerability'.

6.5CVSS7.1AI score0.06811EPSS
CVE
CVE
added 2019/05/16 7:29 p.m.87 views

CVE-2019-0940

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'.

7.6CVSS7.5AI score0.46501EPSS
CVE
CVE
added 2020/02/11 10:15 p.m.87 views

CVE-2020-0706

An information disclosure vulnerability exists in the way that affected Microsoft browsers handle cross-origin requests, aka 'Microsoft Browser Information Disclosure Vulnerability'.

4.3CVSS5.5AI score0.07537EPSS
CVE
CVE
added 2020/05/21 11:15 p.m.87 views

CVE-2020-1195

An elevation of privilege vulnerability exists in Microsoft Edge (Chromium-based) when the Feedback extension improperly validates input, aka 'Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability'.

5.9CVSS5.9AI score0.0565EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.86 views

CVE-2017-0011

Microsoft Edge allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0017, CVE-2017-0065, and CVE-2017-0068.

4.3CVSS4.1AI score0.27177EPSS
Total number of security vulnerabilities751