Edge Security Vulnerabilities and Issues — Page 5 of Edge CVE List

Lucene search

MicrosoftEdge

901 matches found

CVE•added 2017/01/10 9:59 p.m.•112 views

CVE-2017-0002

Microsoft Edge allows remote attackers to bypass the Same Origin Policy via vectors involving the about:blank URL and data: URLs, aka "Microsoft Edge Elevation of Privilege Vulnerability."

8.8CVSS8.3AI score0.14732EPSS

CVE•added 2023/11/10 12:15 a.m.•112 views

CVE-2023-36024

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

7.1CVSS6.9AI score0.00139EPSS

CVE•added 2024/08/22 11:15 p.m.•112 views

CVE-2024-38210

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.01111EPSS

CVE•added 2019/06/12 2:29 p.m.•111 views

CVE-2019-1002

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who s...

7.6CVSS6.6AI score0.01153EPSS

CVE•added 2020/06/09 8:15 p.m.•111 views

CVE-2020-1219

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'.

7.6CVSS8.1AI score0.2928EPSS

CVE•added 2020/08/17 7:15 p.m.•111 views

CVE-2020-1568

A remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vu...

7.6CVSS8.1AI score0.03113EPSS

CVE•added 2021/11/10 1:19 a.m.•111 views

CVE-2021-41351

Microsoft Edge (Chrome based) Spoofing on IE Mode

4.3CVSS6.4AI score0.09764EPSS

CVE•added 2023/06/14 12:15 a.m.•111 views

CVE-2023-33145

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

6.5CVSS6.6AI score0.07104EPSS

CVE•added 2025/04/04 1:15 a.m.•111 views

CVE-2025-25000

Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

8.8CVSS7.3AI score0.00193EPSS

CVE•added 2019/01/08 9:29 p.m.•110 views

CVE-2019-0567

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0539, CVE-2019-0568.

7.6CVSS7.4AI score0.92032EPSS

CVE•added 2019/08/14 9:15 p.m.•110 views

CVE-2019-1141

7.6CVSS6.3AI score0.01308EPSS

CVE•added 2020/02/11 10:15 p.m.•110 views

CVE-2020-0663

An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a website that is used to ...

4.2CVSS5.5AI score0.01383EPSS

CVE•added 2025/04/12 2:15 a.m.•110 views

CVE-2025-29834

Out-of-bounds read in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

7.5CVSS7.4AI score0.00078EPSS

CVE•added 2025/07/11 5:15 p.m.•110 views

CVE-2025-47963

No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

6.5CVSS6.7AI score0.00067EPSS

CVE•added 2019/06/12 2:29 p.m.•109 views

CVE-2019-0992

7.6CVSS6.7AI score0.00856EPSS

CVE•added 2024/09/12 3:15 a.m.•109 views

CVE-2024-38222

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

6.5CVSS6.1AI score0.02681EPSS

CVE•added 2019/07/29 1:58 p.m.•108 views

CVE-2019-1103

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1106, CVE-2019-1107.

7.6CVSS7.4AI score0.04538EPSS

CVE•added 2019/10/10 2:15 p.m.•108 views

CVE-2019-1308

7.6CVSS7.4AI score0.03503EPSS

CVE•added 2025/07/11 5:15 p.m.•108 views

CVE-2025-47964

Microsoft Edge (Chromium-based) Spoofing Vulnerability

5.4CVSS6.8AI score0.0004EPSS

CVE•added 2016/10/14 2:59 a.m.•107 views

CVE-2016-3267

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the existence of unspecified files via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."

5.3CVSS5.5AI score0.34882EPSS

CVE•added 2019/09/11 10:15 p.m.•107 views

CVE-2019-1298

7.6CVSS7.4AI score0.04538EPSS

CVE•added 2020/06/09 8:15 p.m.•107 views

CVE-2020-1073

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'.

9.3CVSS7.9AI score0.13506EPSS

CVE•added 2021/01/12 8:15 p.m.•107 views

CVE-2021-1705

Microsoft Edge (HTML-based) Memory Corruption Vulnerability

7.6CVSS6.1AI score0.00976EPSS

CVE•added 2024/05/25 6:15 p.m.•107 views

CVE-2024-30056

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

7.1CVSS6.6AI score0.07395EPSS

CVE•added 2025/07/11 5:15 p.m.•107 views

CVE-2025-47182

Improper input validation in Microsoft Edge (Chromium-based) allows an authorized attacker to bypass a security feature locally.

5.6CVSS6.9AI score0.00049EPSS

CVE•added 2019/04/08 11:29 p.m.•106 views

CVE-2019-0592

7.6CVSS7.4AI score0.38317EPSS

CVE•added 2019/06/12 2:29 p.m.•106 views

CVE-2019-1052

7.6CVSS6.6AI score0.01407EPSS

CVE•added 2019/09/11 10:15 p.m.•106 views

CVE-2019-1300

7.6CVSS7.4AI score0.04538EPSS

CVE•added 2019/10/10 2:15 p.m.•106 views

CVE-2019-1307

7.6CVSS7.4AI score0.03503EPSS

CVE•added 2020/03/12 4:15 p.m.•106 views

CVE-2020-0831

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-20...

7.6CVSS7.8AI score0.28794EPSS

CVE•added 2022/06/29 5:15 p.m.•106 views

CVE-2022-33639

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

8.3CVSS7.7AI score0.00556EPSS

CVE•added 2022/08/09 8:15 p.m.•106 views

CVE-2022-35796

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

7.5CVSS8.3AI score0.00164EPSS

CVE•added 2016/02/10 11:59 a.m.•105 views

CVE-2016-0060

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0061, CVE-2016-0063,...

9.3CVSS8.6AI score0.47176EPSS

CVE•added 2017/05/12 2:29 p.m.•105 views

CVE-2017-0234

A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-201...

7.6CVSS7.7AI score0.55566EPSS

CVE•added 2019/06/12 2:29 p.m.•105 views

CVE-2019-1003

7.6CVSS6.7AI score0.01407EPSS

CVE•added 2019/07/29 2:6 p.m.•105 views

CVE-2019-1104

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'.

7.6CVSS7.7AI score0.03057EPSS

CVE•added 2024/04/18 7:15 p.m.•105 views

CVE-2024-29986

Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability

5.4CVSS5.1AI score0.00122EPSS

CVE•added 2019/05/16 7:29 p.m.•104 views

CVE-2019-0914

7.6CVSS7.5AI score0.04538EPSS

CVE•added 2019/06/12 2:29 p.m.•104 views

CVE-2019-0989

7.6CVSS6.6AI score0.01407EPSS

CVE•added 2019/06/12 2:29 p.m.•104 views

CVE-2019-0991

7.6CVSS6.6AI score0.01407EPSS

CVE•added 2022/12/13 7:15 p.m.•104 views

CVE-2022-44688

Microsoft Edge (Chromium-based) Spoofing Vulnerability

4.3CVSS5.3AI score0.00097EPSS

CVE•added 2024/10/17 11:15 p.m.•104 views

CVE-2024-43587

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

8.1CVSS6.5AI score0.02383EPSS

CVE•added 2025/01/17 8:15 p.m.•104 views

CVE-2025-21185

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

6.5CVSS6.9AI score0.0015EPSS

CVE•added 2025/03/07 7:15 p.m.•104 views

CVE-2025-26643

The UI performs the wrong action in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

5.4CVSS5.2AI score0.00106EPSS

CVE•added 2019/04/08 11:29 p.m.•103 views

CVE-2019-0609

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, ...

7.6CVSS7.6AI score0.10875EPSS

CVE•added 2019/06/12 2:29 p.m.•103 views

CVE-2019-1024

7.6CVSS6.6AI score0.01407EPSS

CVE•added 2019/06/12 2:29 p.m.•103 views

CVE-2019-1051

7.6CVSS6.7AI score0.06648EPSS

CVE•added 2019/07/15 7:15 p.m.•103 views

CVE-2019-1062

7.6CVSS7.4AI score0.04538EPSS

CVE•added 2019/09/11 10:15 p.m.•103 views

CVE-2019-1138