Lucene search

K
MicrosoftEdge

901 matches found

CVE
CVE
added 2018/03/14 5:29 p.m.91 views

CVE-2018-0876

Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0889, CVE-2018-0893, CVE-2018-0925,...

7.6CVSS6.2AI score0.68995EPSS
CVE
CVE
added 2019/04/09 12:29 a.m.91 views

CVE-2019-0746

An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'.

6.5CVSS6.6AI score0.22506EPSS
CVE
CVE
added 2019/05/16 7:29 p.m.91 views

CVE-2019-0917

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, ...

7.6CVSS7.5AI score0.04538EPSS
CVE
CVE
added 2020/05/21 11:15 p.m.91 views

CVE-2020-1065

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'.

7.6CVSS7.6AI score0.04538EPSS
CVE
CVE
added 2018/02/15 2:29 a.m.90 views

CVE-2018-0834

Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0835, CVE-...

9.3CVSS7.3AI score0.8026EPSS
CVE
CVE
added 2019/04/09 3:29 a.m.90 views

CVE-2019-0773

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771,...

7.6CVSS7.6AI score0.10875EPSS
CVE
CVE
added 2019/04/09 9:29 p.m.90 views

CVE-2019-0806

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0810, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861.

7.6CVSS7.5AI score0.44847EPSS
CVE
CVE
added 2020/03/12 4:15 p.m.90 views

CVE-2020-0816

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'.

9.3CVSS9.2AI score0.20625EPSS
CVE
CVE
added 2020/07/14 11:15 p.m.90 views

CVE-2020-1433

An information disclosure vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka 'Microsoft Edge PDF Information Disclosure Vulnerability'.

6.5CVSS6.9AI score0.22806EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.89 views

CVE-2017-0141

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An at...

7.6CVSS7.9AI score0.80217EPSS
CVE
CVE
added 2018/03/14 5:29 p.m.89 views

CVE-2018-0872

ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2...

7.6CVSS7.2AI score0.85621EPSS
CVE
CVE
added 2019/03/06 12:0 a.m.89 views

CVE-2019-0593

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640,...

7.6CVSS7.7AI score0.34646EPSS
CVE
CVE
added 2019/05/16 7:29 p.m.89 views

CVE-2019-0933

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, ...

7.6CVSS7.5AI score0.04538EPSS
CVE
CVE
added 2019/06/12 2:29 p.m.89 views

CVE-2019-1081

An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.To exploit the vulnerability, in a web-based attack scenari...

6.5CVSS5.7AI score0.01125EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.88 views

CVE-2017-0023

The PDF library in Microsoft Edge; Windows 8.1; Windows Server 2012 and R2; Windows RT 8.1; and Windows 10, 1511, and 1607 allows remote attackers to execute arbitrary code via a crafted PDF file, aka "Microsoft PDF Remote Code Execution Vulnerability."

7.6CVSS7.8AI score0.27879EPSS
CVE
CVE
added 2017/05/12 2:29 p.m.88 views

CVE-2017-0235

A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-201...

7.6CVSS7.7AI score0.55566EPSS
CVE
CVE
added 2017/11/15 3:29 a.m.88 views

CVE-2017-11846

ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows a...

7.5CVSS7.5AI score
CVE
CVE
added 2017/08/10 6:29 p.m.88 views

CVE-2017-8518

Microsoft Edge allows a remote code execution vulnerability due to the way it accesses objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

7.6CVSS6AI score0.2401EPSS
CVE
CVE
added 2019/03/06 12:0 a.m.88 views

CVE-2019-0590

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640,...

7.6CVSS7.7AI score0.34646EPSS
CVE
CVE
added 2019/08/14 9:15 p.m.88 views

CVE-2019-1196

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who s...

7.6CVSS6.3AI score0.01308EPSS
CVE
CVE
added 2016/05/11 1:59 a.m.87 views

CVE-2016-0193

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0186 and CVE-2016-0191.

7.6CVSS7.7AI score0.27002EPSS
CVE
CVE
added 2016/10/14 2:59 a.m.87 views

CVE-2016-7189

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Remote Code Execution Vulnerability."

9.3CVSS7.7AI score0.79906EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.87 views

CVE-2017-0071

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An at...

7.6CVSS7.9AI score0.80217EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.87 views

CVE-2017-0134

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An at...

7.6CVSS7.9AI score0.80217EPSS
CVE
CVE
added 2019/03/06 12:0 a.m.87 views

CVE-2019-0658

An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0648.

6.5CVSS4.8AI score0.2445EPSS
CVE
CVE
added 2019/08/14 9:15 p.m.87 views

CVE-2019-1193

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerabili...

7.6CVSS8.2AI score0.01267EPSS
CVE
CVE
added 2021/09/02 11:15 p.m.87 views

CVE-2021-26436

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

8.1CVSS6.7AI score0.01112EPSS
CVE
CVE
added 2017/08/08 9:29 p.m.86 views

CVE-2017-8645

Microsoft Edge in Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vul...

7.6CVSS7.8AI score0.81883EPSS
CVE
CVE
added 2019/04/09 9:29 p.m.86 views

CVE-2019-0764

A tampering vulnerability exists when Microsoft browsers do not properly validate input under specific conditions, aka 'Microsoft Browsers Tampering Vulnerability'.

6.5CVSS7.1AI score0.08947EPSS
CVE
CVE
added 2019/05/16 7:29 p.m.86 views

CVE-2019-0940

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'.

7.6CVSS7.5AI score0.32832EPSS
CVE
CVE
added 2024/08/22 11:15 p.m.86 views

CVE-2024-38209

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.01089EPSS
CVE
CVE
added 2025/02/15 12:15 a.m.86 views

CVE-2025-21401

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

4.5CVSS6.8AI score0.00083EPSS
CVE
CVE
added 2016/10/14 2:59 a.m.85 views

CVE-2016-7194

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3386, CVE-2016-3389, and CVE-2016...

7.6CVSS7.6AI score0.79242EPSS
CVE
CVE
added 2017/11/15 3:29 a.m.85 views

CVE-2017-11827

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain ...

9.3CVSS7.3AI score0.22769EPSS
CVE
CVE
added 2017/12/12 9:29 p.m.85 views

CVE-2017-11894

ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and and Internet Explorer adn Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the s...

7.6CVSS7.6AI score0.76161EPSS
CVE
CVE
added 2020/02/11 10:15 p.m.85 views

CVE-2020-0706

An information disclosure vulnerability exists in the way that affected Microsoft browsers handle cross-origin requests, aka 'Microsoft Browser Information Disclosure Vulnerability'.

4.3CVSS5.5AI score0.07537EPSS
CVE
CVE
added 2020/03/12 4:15 p.m.85 views

CVE-2020-0813

An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user’s computer or data.To exploit the vulnerability, an attacker must know the memory address of where the object...

7.5CVSS7.5AI score0.09201EPSS
CVE
CVE
added 2020/05/21 11:15 p.m.85 views

CVE-2020-1195

An elevation of privilege vulnerability exists in Microsoft Edge (Chromium-based) when the Feedback extension improperly validates input, aka 'Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability'.

5.9CVSS5.9AI score0.0565EPSS
CVE
CVE
added 2023/07/14 6:15 p.m.85 views

CVE-2023-36888

Microsoft Edge for Android (Chromium-based) Tampering Vulnerability

6.3CVSS6.3AI score0.00163EPSS
CVE
CVE
added 2024/10/17 11:15 p.m.85 views

CVE-2024-43596

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

8.8CVSS7AI score0.00723EPSS
CVE
CVE
added 2025/02/06 11:15 p.m.85 views

CVE-2025-21408

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

8.8CVSS8.9AI score0.00246EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.84 views

CVE-2017-0032

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An at...

7.6CVSS7.9AI score0.80217EPSS
CVE
CVE
added 2017/11/15 3:29 a.m.84 views

CVE-2017-11840

ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vuln...

7.6CVSS7.5AI score
CVE
CVE
added 2018/08/15 5:29 p.m.84 views

CVE-2018-8383

A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8388.

4.3CVSS5.6AI score0.01289EPSS
CVE
CVE
added 2025/04/04 1:15 a.m.84 views

CVE-2025-25001

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

4.3CVSS6.9AI score0.0007EPSS
CVE
CVE
added 2016/06/16 1:59 a.m.83 views

CVE-2016-3199

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3214.

9.3CVSS8.6AI score0.21571EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.83 views

CVE-2017-0011

Microsoft Edge allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0017, CVE-2017-0065, and CVE-2017-0068.

4.3CVSS4.1AI score0.28148EPSS
CVE
CVE
added 2017/11/15 3:29 a.m.83 views

CVE-2017-11858

ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows a...

7.6CVSS7.6AI score
CVE
CVE
added 2017/12/12 9:29 p.m.83 views

CVE-2017-11909

ChakraCore and Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CV...

7.6CVSS7.9AI score0.76161EPSS
CVE
CVE
added 2017/12/12 9:29 p.m.83 views

CVE-2017-11918

ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is un...

7.6CVSS7.6AI score0.76161EPSS
Total number of security vulnerabilities901