Lucene search

K
MicrosoftEdge

751 matches found

CVE
CVE
added 2017/03/17 12:59 a.m.86 views

CVE-2017-0094

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An at...

7.6CVSS7.9AI score0.80217EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.86 views

CVE-2017-0151

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An at...

7.6CVSS7.9AI score0.80217EPSS
CVE
CVE
added 2017/11/15 3:29 a.m.86 views

CVE-2017-11827

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain ...

9.3CVSS7.3AI score0.39673EPSS
CVE
CVE
added 2017/12/12 9:29 p.m.86 views

CVE-2017-11905

ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID...

7.6CVSS7.8AI score0.76161EPSS
CVE
CVE
added 2018/03/14 5:29 p.m.86 views

CVE-2018-0873

ChakraCore and Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-08...

7.6CVSS7.2AI score0.85621EPSS
CVE
CVE
added 2018/09/13 12:29 a.m.86 views

CVE-2018-8467

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8367, CVE-2018-8465, CVE-...

7.6CVSS7.4AI score0.79783EPSS
CVE
CVE
added 2018/12/12 12:29 a.m.86 views

CVE-2018-8583

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8617, CVE-2018-8618, CVE-...

7.6CVSS6.8AI score0.89893EPSS
CVE
CVE
added 2020/03/12 4:15 p.m.86 views

CVE-2020-0813

An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user’s computer or data.To exploit the vulnerability, an attacker must know the memory address of where the object...

7.5CVSS7.5AI score0.09201EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.85 views

CVE-2017-0015

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An at...

7.6CVSS7.9AI score0.80217EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.85 views

CVE-2017-0070

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An at...

7.6CVSS7.9AI score0.80217EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.85 views

CVE-2017-0136

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An at...

7.6CVSS7.9AI score0.80217EPSS
CVE
CVE
added 2017/10/13 1:29 p.m.85 views

CVE-2017-11811

ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". T...

7.6CVSS7.8AI score0.78672EPSS
CVE
CVE
added 2017/07/11 9:29 p.m.85 views

CVE-2017-8607

Microsoft browsers in Microsoft Windows 7, Windows Server 2008 and R2, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine...

7.6CVSS7.5AI score0.78054EPSS
CVE
CVE
added 2018/02/15 2:29 a.m.85 views

CVE-2018-0838

Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-...

7.6CVSS7.3AI score0.7974EPSS
CVE
CVE
added 2018/05/09 7:29 p.m.85 views

CVE-2018-1022

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-0945, CVE-2018-094...

7.6CVSS7.7AI score0.77602EPSS
CVE
CVE
added 2025/04/04 1:15 a.m.85 views

CVE-2025-25001

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

4.3CVSS6.9AI score0.00062EPSS
CVE
CVE
added 2016/06/16 1:59 a.m.84 views

CVE-2016-3199

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3214.

9.3CVSS8.6AI score0.21571EPSS
CVE
CVE
added 2016/08/09 9:59 p.m.84 views

CVE-2016-3319

The PDF library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allows remote attackers to execute arbitrary code via a crafted PDF file, aka "Microsoft PDF Remote Code Execution Vulnerability."

9.3CVSS7.3AI score0.37191EPSS
CVE
CVE
added 2016/11/10 6:59 a.m.84 views

CVE-2016-7195

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7198.

7.6CVSS7.8AI score0.30629EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.84 views

CVE-2017-0069

Microsoft Edge allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0012 and CVE-2017-0033.

4.3CVSS4.4AI score0.10334EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.84 views

CVE-2017-0150

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An at...

7.6CVSS7.9AI score0.80217EPSS
CVE
CVE
added 2017/07/11 9:29 p.m.84 views

CVE-2017-8619

Microsoft Edge on Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way affected Microsoft scripting engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CV...

7.6CVSS6.7AI score0.78054EPSS
CVE
CVE
added 2017/08/08 9:29 p.m.84 views

CVE-2017-8656

Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption...

7.6CVSS7.8AI score0.82712EPSS
CVE
CVE
added 2018/01/04 2:29 p.m.84 views

CVE-2018-0758

Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is uniqu...

7.6CVSS6.8AI score0.78365EPSS
CVE
CVE
added 2018/03/14 5:29 p.m.84 views

CVE-2018-0934

ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018...

7.6CVSS7.3AI score0.85621EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.83 views

CVE-2017-0012

Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0033 and CVE-2017-0069.

4.3CVSS4.3AI score0.10334EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.83 views

CVE-2017-0066

Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0135 and CVE-2017-0140.

4.2CVSS4.3AI score0.22472EPSS
CVE
CVE
added 2017/12/12 9:29 p.m.83 views

CVE-2017-11908

ChakraCore and Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-1189...

7.6CVSS7.9AI score0.76161EPSS
CVE
CVE
added 2017/12/12 9:29 p.m.83 views

CVE-2017-11919

ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016, and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 ...

5.3CVSS5.5AI score0.5589EPSS
CVE
CVE
added 2018/01/04 2:29 p.m.83 views

CVE-2018-0774

Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-076...

7.6CVSS6.7AI score0.78365EPSS
CVE
CVE
added 2018/05/09 7:29 p.m.83 views

CVE-2018-8145

An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user's computer or data, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Int...

7.6CVSS6.9AI score0.72843EPSS
CVE
CVE
added 2019/03/06 12:0 a.m.83 views

CVE-2019-0610

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0640,...

7.6CVSS7.7AI score0.34646EPSS
CVE
CVE
added 2019/03/06 12:0 a.m.83 views

CVE-2019-0640

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610,...

7.6CVSS7.7AI score0.34646EPSS
CVE
CVE
added 2019/03/06 12:0 a.m.83 views

CVE-2019-0651

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610,...

7.6CVSS7.7AI score0.34646EPSS
CVE
CVE
added 2019/04/09 9:29 p.m.83 views

CVE-2019-0810

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861.

7.6CVSS7.5AI score0.44847EPSS
CVE
CVE
added 2019/09/11 10:15 p.m.83 views

CVE-2019-1220

A security feature bypass vulnerability exists when Microsoft Browsers fail to validate the correct Security Zone of requests for specific URLs, aka 'Microsoft Browser Security Feature Bypass Vulnerability'.

4.3CVSS6AI score0.05935EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.83 views

CVE-2020-16884

A remote code execution vulnerability exists in the way that the IEToEdge Browser Helper Object (BHO) plugin on Internet Explorer handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An atta...

8.8CVSS5.5AI score0.02086EPSS
CVE
CVE
added 2021/09/02 11:15 p.m.83 views

CVE-2021-26439

Microsoft Edge for Android Information Disclosure Vulnerability

5.9CVSS4.7AI score0.0659EPSS
CVE
CVE
added 2024/07/19 2:15 a.m.83 views

CVE-2024-38156

Microsoft Edge (Chromium-based) Spoofing Vulnerability

6.1CVSS6.1AI score0.00358EPSS
CVE
CVE
added 2015/09/09 12:59 a.m.82 views

CVE-2015-2486

Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2487, CVE-2015-2490, CVE-2015-2492, CV...

9.3CVSS7.4AI score0.20844EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.82 views

CVE-2017-0138

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An at...

7.6CVSS7.9AI score0.80217EPSS
CVE
CVE
added 2017/05/12 2:29 p.m.82 views

CVE-2017-0266

A remote code execution vulnerability exists in Microsoft Edge in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Remote Code Execution Vulnerability."

7.6CVSS7.8AI score0.53213EPSS
CVE
CVE
added 2018/01/04 2:29 p.m.82 views

CVE-2018-0769

Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is uniqu...

7.6CVSS6.8AI score0.78365EPSS
CVE
CVE
added 2018/03/14 5:29 p.m.82 views

CVE-2018-0930

ChakraCore and Microsoft Edge in Microsoft Windows 10 1709 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-...

7.6CVSS7.2AI score0.85621EPSS
CVE
CVE
added 2019/07/15 7:15 p.m.82 views

CVE-2019-1001

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1004, CVE-2019-1056, CVE-2019-1059.

7.6CVSS7.5AI score0.04054EPSS
CVE
CVE
added 2025/04/04 1:15 a.m.82 views

CVE-2025-29796

User interface (ui) misrepresentation of critical information in Microsoft Edge for iOS allows an unauthorized attacker to perform spoofing over a network.

4.7CVSS6.4AI score0.00046EPSS
CVE
CVE
added 2016/04/12 11:59 p.m.81 views

CVE-2016-0158

Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Edge Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0161.

6.5CVSS6.3AI score0.23982EPSS
CVE
CVE
added 2016/08/09 9:59 p.m.81 views

CVE-2016-3326

Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to obtain sensitive information via a crafted web page, aka "Microsoft Browser Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3327.

5.3CVSS5.1AI score0.32707EPSS
CVE
CVE
added 2016/11/10 6:59 a.m.81 views

CVE-2016-7241

Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."

7.6CVSS7.6AI score0.73384EPSS
CVE
CVE
added 2017/05/15 5:29 p.m.81 views

CVE-2017-0223

A remote code execution vulnerability exists in Microsoft Chakra Core in the way JavaScript engines render when handling objects in memory. aka "Scripting Engine Memory Corruption Vulnerability". This vulnerability is unique from CVE-2017-0252.

9.8CVSS9.4AI score0.36015EPSS
Total number of security vulnerabilities751