Lucene search

K
MicrosoftEdge

903 matches found

CVE
CVE
added 2018/03/14 5:29 p.m.88 views

CVE-2018-0874

ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2...

7.6CVSS7.2AI score0.85621EPSS
CVE
CVE
added 2019/03/06 12:0 a.m.88 views

CVE-2019-0658

An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0648.

6.5CVSS4.8AI score0.2445EPSS
CVE
CVE
added 2019/08/14 9:15 p.m.88 views

CVE-2019-1193

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerabili...

7.6CVSS8.2AI score0.01267EPSS
CVE
CVE
added 2021/09/02 11:15 p.m.88 views

CVE-2021-26436

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

8.1CVSS6.7AI score0.01112EPSS
CVE
CVE
added 2024/08/22 11:15 p.m.88 views

CVE-2024-38209

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.01282EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.87 views

CVE-2017-0137

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An at...

7.6CVSS7.9AI score0.80217EPSS
CVE
CVE
added 2017/12/12 9:29 p.m.87 views

CVE-2017-11889

ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This ...

7.6CVSS7.8AI score0.76161EPSS
CVE
CVE
added 2019/04/09 9:29 p.m.87 views

CVE-2019-0764

A tampering vulnerability exists when Microsoft browsers do not properly validate input under specific conditions, aka 'Microsoft Browsers Tampering Vulnerability'.

6.5CVSS7.1AI score0.07646EPSS
CVE
CVE
added 2019/05/16 7:29 p.m.87 views

CVE-2019-0940

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'.

7.6CVSS7.5AI score0.32832EPSS
CVE
CVE
added 2020/02/11 10:15 p.m.87 views

CVE-2020-0706

An information disclosure vulnerability exists in the way that affected Microsoft browsers handle cross-origin requests, aka 'Microsoft Browser Information Disclosure Vulnerability'.

4.3CVSS5.5AI score0.07537EPSS
CVE
CVE
added 2025/02/15 12:15 a.m.87 views

CVE-2025-21401

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

4.5CVSS6.8AI score0.00114EPSS
CVE
CVE
added 2016/09/06 10:59 a.m.86 views

CVE-2016-7152

The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack.

5.3CVSS4.9AI score0.03915EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.86 views

CVE-2017-0011

Microsoft Edge allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0017, CVE-2017-0065, and CVE-2017-0068.

4.3CVSS4.1AI score0.28148EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.86 views

CVE-2017-0094

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An at...

7.6CVSS7.9AI score0.80217EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.86 views

CVE-2017-0151

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An at...

7.6CVSS7.9AI score0.80217EPSS
CVE
CVE
added 2017/11/15 3:29 a.m.86 views

CVE-2017-11827

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain ...

9.3CVSS7.3AI score0.39673EPSS
CVE
CVE
added 2017/12/12 9:29 p.m.86 views

CVE-2017-11905

ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID...

7.6CVSS7.8AI score0.76161EPSS
CVE
CVE
added 2018/03/14 5:29 p.m.86 views

CVE-2018-0873

ChakraCore and Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-08...

7.6CVSS7.2AI score0.85621EPSS
CVE
CVE
added 2018/09/13 12:29 a.m.86 views

CVE-2018-8467

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8367, CVE-2018-8465, CVE-...

7.6CVSS7.4AI score0.79783EPSS
CVE
CVE
added 2018/12/12 12:29 a.m.86 views

CVE-2018-8583

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8617, CVE-2018-8618, CVE-...

7.6CVSS6.8AI score0.89893EPSS
CVE
CVE
added 2020/03/12 4:15 p.m.86 views

CVE-2020-0813

An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user’s computer or data.To exploit the vulnerability, an attacker must know the memory address of where the object...

7.5CVSS7.5AI score0.09201EPSS
CVE
CVE
added 2020/05/21 11:15 p.m.86 views

CVE-2020-1195

An elevation of privilege vulnerability exists in Microsoft Edge (Chromium-based) when the Feedback extension improperly validates input, aka 'Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability'.

5.9CVSS5.9AI score0.0565EPSS
CVE
CVE
added 2023/07/14 6:15 p.m.86 views

CVE-2023-36888

Microsoft Edge for Android (Chromium-based) Tampering Vulnerability

6.3CVSS6.3AI score0.00163EPSS
CVE
CVE
added 2024/10/17 11:15 p.m.86 views

CVE-2024-43596

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

8.8CVSS7AI score0.01234EPSS
CVE
CVE
added 2025/02/06 11:15 p.m.86 views

CVE-2025-21408

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

8.8CVSS8.9AI score0.00278EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.85 views

CVE-2017-0015

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An at...

7.6CVSS7.9AI score0.80217EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.85 views

CVE-2017-0070

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An at...

7.6CVSS7.9AI score0.80217EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.85 views

CVE-2017-0136

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An at...

7.6CVSS7.9AI score0.80217EPSS
CVE
CVE
added 2017/10/13 1:29 p.m.85 views

CVE-2017-11811

ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". T...

7.6CVSS7.8AI score0.78672EPSS
Web
CVE
CVE
added 2017/07/11 9:29 p.m.85 views

CVE-2017-8607

Microsoft browsers in Microsoft Windows 7, Windows Server 2008 and R2, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine...

7.6CVSS7.5AI score0.78054EPSS
CVE
CVE
added 2018/02/15 2:29 a.m.85 views

CVE-2018-0838

Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-...

7.6CVSS7.3AI score0.7974EPSS
CVE
CVE
added 2018/05/09 7:29 p.m.85 views

CVE-2018-1022

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-0945, CVE-2018-094...

7.6CVSS7.7AI score0.77559EPSS
CVE
CVE
added 2025/04/04 1:15 a.m.85 views

CVE-2025-25001

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

4.3CVSS6.9AI score0.00052EPSS
CVE
CVE
added 2016/06/16 1:59 a.m.84 views

CVE-2016-3199

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3214.

9.3CVSS8.6AI score0.21571EPSS
CVE
CVE
added 2016/08/09 9:59 p.m.84 views

CVE-2016-3319

The PDF library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allows remote attackers to execute arbitrary code via a crafted PDF file, aka "Microsoft PDF Remote Code Execution Vulnerability."

9.3CVSS7.3AI score0.37191EPSS
CVE
CVE
added 2016/11/10 6:59 a.m.84 views

CVE-2016-7195

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7198.

7.6CVSS7.8AI score0.30629EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.84 views

CVE-2017-0069

Microsoft Edge allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0012 and CVE-2017-0033.

4.3CVSS4.4AI score0.10334EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.84 views

CVE-2017-0150

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An at...

7.6CVSS7.9AI score0.80217EPSS
CVE
CVE
added 2017/07/11 9:29 p.m.84 views

CVE-2017-8619

Microsoft Edge on Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way affected Microsoft scripting engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CV...

7.6CVSS6.7AI score0.78054EPSS
CVE
CVE
added 2017/08/08 9:29 p.m.84 views

CVE-2017-8656

Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption...

7.6CVSS7.8AI score0.82712EPSS
CVE
CVE
added 2018/01/04 2:29 p.m.84 views

CVE-2018-0758

Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is uniqu...

7.6CVSS6.8AI score0.79277EPSS
CVE
CVE
added 2018/03/14 5:29 p.m.84 views

CVE-2018-0934

ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018...

7.6CVSS7.3AI score0.85621EPSS
CVE
CVE
added 2023/07/01 12:15 a.m.84 views

CVE-2021-31982

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

8.8CVSS8.6AI score0.03313EPSS
CVE
CVE
added 2022/01/11 9:15 p.m.84 views

CVE-2022-21954

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

6.1CVSS6.3AI score0.00815EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.83 views

CVE-2017-0012

Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0033 and CVE-2017-0069.

4.3CVSS4.3AI score0.10334EPSS
Web
CVE
CVE
added 2017/03/17 12:59 a.m.83 views

CVE-2017-0066

Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0135 and CVE-2017-0140.

4.2CVSS4.3AI score0.22472EPSS
CVE
CVE
added 2017/12/12 9:29 p.m.83 views

CVE-2017-11908

ChakraCore and Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-1189...

7.6CVSS7.9AI score0.76161EPSS
CVE
CVE
added 2017/12/12 9:29 p.m.83 views

CVE-2017-11919

ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016, and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 ...

5.3CVSS5.5AI score0.5589EPSS
CVE
CVE
added 2018/01/04 2:29 p.m.83 views

CVE-2018-0774

Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-076...

7.6CVSS6.7AI score0.79277EPSS
CVE
CVE
added 2018/05/09 7:29 p.m.83 views

CVE-2018-8145

An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user's computer or data, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Int...

7.6CVSS6.9AI score0.72843EPSS
Total number of security vulnerabilities903