Edge@- Security Vulnerabilities and Issues — Page 9 of Edge@- CVE List

Lucene search

MicrosoftEdge-

481 matches found

CVE•added 2016/05/11 11:1 a.m.•57 views

CVE-2016-4113

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.

7.6CVSS8.2AI score0.05238EPSS

CVE•added 2017/05/15 5:29 p.m.•57 views

CVE-2017-0252

A remote code execution vulnerability exists in Microsoft Chakra Core in the way JavaScript engines render when handling objects in memory. aka "Scripting Engine Memory Corruption Vulnerability". This vulnerability is unique from CVE-2017-0223.

9.8CVSS9.4AI score0.36015EPSS

CVE•added 2018/05/09 7:29 p.m.•57 views

CVE-2018-8123

An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-1021.

4.3CVSS4.2AI score0.06705EPSS

CVE•added 2018/05/09 7:29 p.m.•57 views

CVE-2018-8128

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE...

7.6CVSS7.7AI score0.77559EPSS

CVE•added 2018/06/14 12:29 p.m.•57 views

CVE-2018-8236

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8110, CVE-2018-8111.

7.6CVSS7.6AI score0.2627EPSS

CVE•added 2018/07/11 12:29 a.m.•57 views

CVE-2018-8274

7.6CVSS6.6AI score0.85081EPSS

CVE•added 2018/07/11 12:29 a.m.•57 views

CVE-2018-8286

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8280, CVE-2018-8290, CVE-...

7.6CVSS6.4AI score0.29136EPSS

CVE•added 2015/08/14 10:59 a.m.•56 views

CVE-2015-2449

Microsoft Internet Explorer 7 through 11 and Edge allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "ASLR Bypass."

4.3CVSS6.4AI score0.19043EPSS

CVE•added 2015/11/11 12:59 p.m.•56 views

CVE-2015-6073

Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6068, CVE-2015-6072, CVE-2015-...

9.3CVSS7.4AI score0.28139EPSS

CVE•added 2015/12/09 11:59 a.m.•56 views

CVE-2015-6140

9.3CVSS7.4AI score0.2665EPSS

CVE•added 2016/07/13 1:59 a.m.•56 views

CVE-2016-3259

The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scrip...

9.3CVSS8.6AI score0.27132EPSS

CVE•added 2016/07/13 1:59 a.m.•56 views

CVE-2016-3265

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3269.

9.3CVSS8.6AI score0.25587EPSS

CVE•added 2016/07/13 1:59 a.m.•56 views

CVE-2016-3277

Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."

5.3CVSS5.8AI score0.17384EPSS

CVE•added 2016/09/14 10:59 a.m.•56 views

CVE-2016-3350

7.6CVSS7.7AI score0.236EPSS

CVE•added 2016/12/20 6:59 a.m.•56 views

CVE-2016-7281

The Web Workers implementation in Microsoft Internet Explorer 10 and 11 and Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Browser Security Feature Bypass Vulnerability."

5.3CVSS6.4AI score0.34492EPSS

CVE•added 2017/06/15 1:29 a.m.•56 views

CVE-2017-8548

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system when Microsoft Edge improperly handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID i...

7.6CVSS5.8AI score0.74995EPSS

CVE•added 2018/09/13 12:29 a.m.•56 views

CVE-2018-8354

7.6CVSS7.5AI score0.05379EPSS

CVE•added 2018/08/15 5:29 p.m.•56 views

CVE-2018-8357

An elevation of privilege vulnerability exists in Microsoft browsers allowing sandbox escape, aka "Microsoft Browser Elevation of Privilege Vulnerability." This affects Internet Explorer 11, Microsoft Edge.

8.3CVSS8.4AI score0.07467EPSS

CVE•added 2018/08/15 5:29 p.m.•56 views

CVE-2018-8358

A security feature bypass vulnerability exists when Microsoft Edge improperly handles redirect requests, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge.

4.3CVSS5.8AI score0.03253EPSS

CVE•added 2015/10/14 1:59 a.m.•55 views

CVE-2015-6058

Microsoft Edge mishandles HTML attributes in HTTP responses, which allows remote attackers to bypass a cross-site scripting (XSS) protection mechanism via unspecified vectors, aka "Microsoft Edge XSS Filter Bypass."

4.3CVSS5AI score0.18964EPSS

CVE•added 2015/12/09 11:59 a.m.•55 views

CVE-2015-6151

Microsoft Internet Explorer 8 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6083.

9.3CVSS7.5AI score0.1814EPSS

CVE•added 2016/04/12 11:59 p.m.•55 views

CVE-2016-0161

Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Edge Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0158.

6.5CVSS6.3AI score0.23982EPSS

CVE•added 2016/10/14 2:59 a.m.•55 views

CVE-2016-3331

9.3CVSS7.6AI score0.23334EPSS

CVE•added 2016/10/14 2:59 a.m.•55 views

CVE-2016-3382

The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as demonstrated by the Chakra JavaScript engine, aka "Scripting Engine Memory Corruption Vul...

9.3CVSS7.4AI score0.23334EPSS

CVE•added 2016/10/14 2:59 a.m.•55 views

CVE-2016-3387

Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsoft Browser Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3388.

7.5CVSS6.2AI score0.47517EPSS

CVE•added 2016/10/14 2:59 a.m.•55 views

CVE-2016-3389

7.6CVSS7.6AI score0.79242EPSS

CVE•added 2017/06/15 1:29 a.m.•55 views

CVE-2017-8549

7.6CVSS5.8AI score0.74995EPSS

CVE•added 2018/10/10 1:29 p.m.•55 views

CVE-2018-8510

7.6CVSS7.4AI score0.07799EPSS

CVE•added 2015/10/14 1:59 a.m.•54 views

CVE-2015-6057

Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability."

5CVSS5.7AI score0.21101EPSS

CVE•added 2015/12/09 11:59 a.m.•54 views

CVE-2015-6155

Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."

9.3CVSS7.6AI score0.1814EPSS

CVE•added 2016/08/09 9:59 p.m.•54 views

CVE-2016-3329

Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to determine the existence of files via a crafted webpage, aka "Internet Explorer Information Disclosure Vulnerability."

5.3CVSS5.5AI score0.32707EPSS

CVE•added 2016/09/14 10:59 a.m.•54 views

CVE-2016-3330

Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3294.

7.6CVSS7.8AI score0.23501EPSS

CVE•added 2018/05/09 7:29 p.m.•54 views

CVE-2018-8177

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-0943, CVE-2018-8130, CVE-2018-8133, CVE-2...

7.6CVSS7.4AI score0.72843EPSS

CVE•added 2018/06/14 12:29 p.m.•54 views

CVE-2018-8227

7.6CVSS7.4AI score0.81924EPSS

CVE•added 2018/07/11 12:29 a.m.•54 views

CVE-2018-8262

7.6CVSS6.6AI score0.85081EPSS

CVE•added 2018/10/10 1:29 p.m.•54 views

CVE-2018-8530

A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8512.

4.3CVSS5.5AI score0.0344EPSS

CVE•added 2015/12/09 11:59 a.m.•53 views

CVE-2015-6139

Microsoft Internet Explorer 11 and Microsoft Edge mishandle content types, which allows remote attackers to execute arbitrary web script in a privileged context via a crafted web site, aka "Microsoft Browser Elevation of Privilege Vulnerability."

9.3CVSS7AI score0.23067EPSS

CVE•added 2015/12/09 11:59 a.m.•53 views

CVE-2015-6153

9.3CVSS7.4AI score0.2665EPSS

CVE•added 2016/06/16 1:59 a.m.•53 views

CVE-2016-3214

9.3CVSS8.6AI score0.21571EPSS

CVE•added 2018/02/15 2:29 a.m.•53 views

CVE-2018-0839

Microsoft Edge in Microsoft Windows 10 1703 allows information disclosure, due to how Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0763.

4.3CVSS4.2AI score0.10128EPSS

CVE•added 2018/05/09 7:29 p.m.•53 views

CVE-2018-1021

4.3CVSS4.2AI score0.06705EPSS

CVE•added 2018/07/11 12:29 a.m.•53 views

CVE-2018-8297

4.3CVSS4.3AI score0.04728EPSS

CVE•added 2015/11/11 11:59 a.m.•52 views

CVE-2015-6064

9.3CVSS7.5AI score0.32615EPSS

CVE•added 2016/12/20 6:59 a.m.•52 views

CVE-2016-7280

Cross-site scripting (XSS) vulnerability in Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Edge Information Disclosure Vulnerability," a different vulnerability than CVE-2016-7206.

6.1CVSS5.8AI score0.09084EPSS

CVE•added 2018/03/14 5:29 p.m.•52 views

CVE-2018-0879

Microsoft Edge in Windows 10 1709 allows information disclosure, due to how Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability".

7.5CVSS6.9AI score0.13525EPSS

CVE•added 2018/07/11 12:29 a.m.•52 views

CVE-2018-8289

4.3CVSS4.3AI score0.04728EPSS

CVE•added 2018/09/13 12:29 a.m.•52 views

CVE-2018-8366

An information disclosure vulnerability exists when the Microsoft Edge Fetch API incorrectly handles a filtered response type, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge.

3.1CVSS4.7AI score0.02144EPSS

CVE•added 2018/08/15 5:29 p.m.•52 views

CVE-2018-8388

A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8383.

4.3CVSS5.6AI score0.01289EPSS

CVE•added 2018/10/10 1:29 p.m.•52 views

CVE-2018-8509

7.6CVSS7.6AI score0.07799EPSS

CVE•added 2018/10/10 1:29 p.m.•52 views

CVE-2018-8511

7.6CVSS7.4AI score0.07799EPSS

Total number of security vulnerabilities481