Lucene search

K
MicrosoftEdge

751 matches found

CVE
CVE
added 2017/03/17 12:59 a.m.78 views

CVE-2017-0035

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An at...

7.6CVSS7.9AI score0.80217EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.78 views

CVE-2017-0065

Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0017, and CVE-2017-0068.

4.3CVSS4.1AI score0.27177EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.78 views

CVE-2017-0131

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An at...

7.6CVSS7.9AI score0.80217EPSS
CVE
CVE
added 2017/04/12 2:59 p.m.78 views

CVE-2017-0200

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user, aka "Microsoft Edge Memory Corruption Vulnerability."

7.6CVSS7.7AI score0.29434EPSS
CVE
CVE
added 2017/10/13 1:29 p.m.78 views

CVE-2017-11809

ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". T...

7.6CVSS7.8AI score0.78672EPSS
CVE
CVE
added 2017/11/15 3:29 a.m.78 views

CVE-2017-11862

ChakraCore and Microsoft Edge in Windows 10 1709 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-20...

7.6CVSS7.4AI score
CVE
CVE
added 2017/07/11 9:29 p.m.78 views

CVE-2017-8606

Microsoft browsers in Microsoft Windows 7, Windows Server 2008 and R2, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine...

7.6CVSS7.5AI score0.78054EPSS
CVE
CVE
added 2017/08/08 9:29 p.m.78 views

CVE-2017-8641

Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to the way that Micros...

7.6CVSS7.9AI score0.82712EPSS
CVE
CVE
added 2017/08/08 9:29 p.m.78 views

CVE-2017-8647

Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique fr...

7.6CVSS7.8AI score0.82712EPSS
CVE
CVE
added 2017/09/13 1:29 a.m.78 views

CVE-2017-8729

Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017...

7.6CVSS7.5AI score0.76981EPSS
CVE
CVE
added 2018/01/04 2:29 p.m.78 views

CVE-2018-0773

Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-076...

7.6CVSS6.7AI score0.78365EPSS
CVE
CVE
added 2018/01/04 2:29 p.m.78 views

CVE-2018-0777

Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is uniqu...

7.6CVSS6.8AI score0.78365EPSS
CVE
CVE
added 2018/04/12 1:29 a.m.78 views

CVE-2018-0979

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0980, CVE-2018-0990, CVE-...

7.6CVSS6.4AI score0.77602EPSS
CVE
CVE
added 2018/04/12 1:29 a.m.78 views

CVE-2018-0990

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-...

7.6CVSS6.4AI score0.77602EPSS
CVE
CVE
added 2019/03/06 12:0 a.m.78 views

CVE-2019-0642

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610,...

7.6CVSS7.7AI score0.34646EPSS
CVE
CVE
added 2019/06/12 2:29 p.m.78 views

CVE-2019-1038

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerabili...

7.6CVSS7AI score0.03992EPSS
CVE
CVE
added 2016/09/14 10:59 a.m.77 views

CVE-2016-3370

The PDF library in Microsoft Edge, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information via a crafted web site, aka "PDF Library Information Disclosure Vulnerability," a different vulnerability than...

6.5CVSS5.9AI score0.34166EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.77 views

CVE-2017-0010

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An at...

7.6CVSS7.9AI score0.80217EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.77 views

CVE-2017-0067

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An at...

7.6CVSS7.9AI score0.80217EPSS
CVE
CVE
added 2017/05/12 2:29 p.m.77 views

CVE-2017-0227

A remote code execution vulnerability exists in Microsoft Edge in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0221 and CVE-2017-0240.

7.6CVSS7.5AI score0.29434EPSS
CVE
CVE
added 2017/05/12 2:29 p.m.77 views

CVE-2017-0241

An elevation of privilege vulnerability exists when Microsoft Edge renders a domain-less page in the URL, which could allow Microsoft Edge to perform actions in the context of the Intranet Zone and access functionality that is not typically available to the browser when browsing in the context of t...

5.4CVSS6.2AI score0.15019EPSS
CVE
CVE
added 2017/09/13 1:29 a.m.77 views

CVE-2017-11764

Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This...

7.6CVSS7AI score0.76981EPSS
CVE
CVE
added 2017/10/13 1:29 p.m.77 views

CVE-2017-11792

ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allow an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11793, CV...

7.6CVSS7.8AI score0.78672EPSS
CVE
CVE
added 2017/10/13 1:29 p.m.77 views

CVE-2017-11806

ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, C...

7.6CVSS7.8AI score0.78672EPSS
CVE
CVE
added 2017/10/13 1:29 p.m.77 views

CVE-2017-11808

ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". T...

7.6CVSS7.8AI score0.78672EPSS
CVE
CVE
added 2017/10/13 1:29 p.m.77 views

CVE-2017-11812

ChakraCore and Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CV...

9.3CVSS7.8AI score0.78672EPSS
CVE
CVE
added 2017/10/13 1:29 p.m.77 views

CVE-2017-11821

ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, C...

7.6CVSS7.8AI score0.78672EPSS
CVE
CVE
added 2017/08/08 9:29 p.m.77 views

CVE-2017-8635

Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to the way that JavaSc...

7.6CVSS7.9AI score0.82712EPSS
CVE
CVE
added 2018/02/15 2:29 a.m.77 views

CVE-2018-0860

Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-...

7.6CVSS7.3AI score0.7974EPSS
CVE
CVE
added 2018/05/09 7:29 p.m.77 views

CVE-2018-0953

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE...

7.6CVSS7.7AI score0.77602EPSS
CVE
CVE
added 2018/04/12 1:29 a.m.77 views

CVE-2018-0995

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-...

7.6CVSS6.4AI score0.77602EPSS
CVE
CVE
added 2018/05/09 7:29 p.m.77 views

CVE-2018-8139

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE...

7.6CVSS7.7AI score0.77602EPSS
CVE
CVE
added 2018/11/14 1:29 a.m.77 views

CVE-2018-8556

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-...

7.6CVSS6.5AI score0.05799EPSS
CVE
CVE
added 2018/11/14 1:29 a.m.77 views

CVE-2018-8588

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-...

7.6CVSS6.5AI score0.05799EPSS
CVE
CVE
added 2019/05/16 7:29 p.m.77 views

CVE-2019-0926

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'.

7.6CVSS7.5AI score0.04054EPSS
CVE
CVE
added 2019/05/16 7:29 p.m.77 views

CVE-2019-0938

An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka 'Microsoft Edge Elevation of Privilege Vulnerability'.

9CVSS7.4AI score0.00663EPSS
CVE
CVE
added 2020/05/21 11:15 p.m.77 views

CVE-2020-1056

An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a website that is used to ...

8.1CVSS8.2AI score0.14772EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.77 views

CVE-2020-1242

An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests, aka 'Microsoft Edge Information Disclosure Vulnerability'.

5.3CVSS5.9AI score0.03715EPSS
CVE
CVE
added 2016/05/11 1:59 a.m.76 views

CVE-2016-0186

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0191 and CVE-2016-0193.

7.6CVSS7.7AI score0.27002EPSS
CVE
CVE
added 2016/11/10 6:59 a.m.76 views

CVE-2016-7227

The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the existence of local files via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability."

3.1CVSS4.8AI score0.16141EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.76 views

CVE-2017-0033

Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0012 and CVE-2017-0069.

4.3CVSS4.3AI score0.10334EPSS
CVE
CVE
added 2017/11/15 3:29 a.m.76 views

CVE-2017-11871

ChakraCore and Microsoft Edge in Windows 10 1703, 1709, and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from...

7.6CVSS7.4AI score
CVE
CVE
added 2017/07/11 9:29 p.m.76 views

CVE-2017-8601

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corrup...

7.6CVSS7.5AI score0.78054EPSS
CVE
CVE
added 2017/08/08 9:29 p.m.76 views

CVE-2017-8640

Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corrupti...

7.6CVSS7.8AI score0.82712EPSS
CVE
CVE
added 2017/09/13 1:29 a.m.76 views

CVE-2017-8736

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to obtain specific information used in the paren...

4.3CVSS4.8AI score0.16518EPSS
CVE
CVE
added 2017/09/13 1:29 a.m.76 views

CVE-2017-8738

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability"...

7.6CVSS7AI score0.76981EPSS
CVE
CVE
added 2018/11/14 1:29 a.m.76 views

CVE-2018-8555

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-...

7.6CVSS6.5AI score0.05799EPSS
CVE
CVE
added 2018/12/12 12:29 a.m.76 views

CVE-2018-8624

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8617, CVE-...

7.6CVSS6.8AI score0.89893EPSS
CVE
CVE
added 2019/03/06 12:0 a.m.76 views

CVE-2019-0591

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640,...

7.6CVSS7.7AI score0.34646EPSS
CVE
CVE
added 2019/03/06 12:0 a.m.76 views

CVE-2019-0655

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610,...

7.6CVSS7.7AI score0.34646EPSS
Total number of security vulnerabilities751