Edge@- Security Vulnerabilities and Issues — Page 9 of Edge@- CVE List

Lucene search

MicrosoftEdge-

481 matches found

CVE•added 2016/02/10 11:59 a.m.•58 views

CVE-2016-0084

Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."

9.3CVSS8.7AI score0.20325EPSS

CVE•added 2016/04/12 11:59 p.m.•58 views

CVE-2016-0156

Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0155 and CVE-2016-0157.

7.6CVSS7.6AI score0.20272EPSS

CVE•added 2018/06/14 12:29 p.m.•58 views

CVE-2018-8110

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8111, CVE-2018-8236.

7.6CVSS7.6AI score0.2627EPSS

CVE•added 2018/06/14 12:29 p.m.•58 views

CVE-2018-8235

A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge.

4.3CVSS6AI score0.1224EPSS

CVE•added 2018/07/11 12:29 a.m.•58 views

CVE-2018-8324

An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8289, CVE-2018-8297, CVE-2018-8325.

4.3CVSS4.3AI score0.04728EPSS

CVE•added 2018/10/10 1:29 p.m.•58 views

CVE-2018-8473

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8509.

7.6CVSS7.6AI score0.07807EPSS

CVE•added 2018/10/10 1:29 p.m.•58 views

CVE-2018-8505

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8503, CVE-2018-8510, CVE-...

7.6CVSS7.4AI score0.07807EPSS

CVE•added 2016/01/13 5:59 a.m.•57 views

CVE-2016-0024

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via unspecified vectors, aka "Scripting Engine Memory Corruption Vulnerability."

9.3CVSS8.8AI score0.32396EPSS

CVE•added 2016/02/10 11:59 a.m.•57 views

CVE-2016-0062

Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."

9.3CVSS8.6AI score0.19386EPSS

CVE•added 2017/05/15 5:29 p.m.•57 views

CVE-2017-0252

A remote code execution vulnerability exists in Microsoft Chakra Core in the way JavaScript engines render when handling objects in memory. aka "Scripting Engine Memory Corruption Vulnerability". This vulnerability is unique from CVE-2017-0223.

9.8CVSS9.4AI score0.36015EPSS

CVE•added 2018/05/09 7:29 p.m.•57 views

CVE-2018-8123

4.3CVSS4.2AI score0.06705EPSS

CVE•added 2018/06/14 12:29 p.m.•57 views

CVE-2018-8236

7.6CVSS7.6AI score0.2627EPSS

CVE•added 2018/07/11 12:29 a.m.•57 views

CVE-2018-8274

7.6CVSS6.6AI score0.85081EPSS

CVE•added 2018/07/11 12:29 a.m.•57 views

CVE-2018-8286

7.6CVSS6.4AI score0.29136EPSS

CVE•added 2015/08/14 10:59 a.m.•56 views

CVE-2015-2449

Microsoft Internet Explorer 7 through 11 and Edge allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "ASLR Bypass."

4.3CVSS6.4AI score0.19043EPSS

CVE•added 2015/11/11 12:59 p.m.•56 views

CVE-2015-6073

9.3CVSS7.4AI score0.28139EPSS

CVE•added 2015/12/09 11:59 a.m.•56 views

CVE-2015-6140

9.3CVSS7.4AI score0.2665EPSS

CVE•added 2016/04/12 11:59 p.m.•56 views

CVE-2016-0161

Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Edge Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0158.

6.5CVSS6.3AI score0.23982EPSS

CVE•added 2016/07/13 1:59 a.m.•56 views

CVE-2016-3259

The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scrip...

9.3CVSS8.6AI score0.27132EPSS

CVE•added 2016/07/13 1:59 a.m.•56 views

CVE-2016-3265

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3269.

9.3CVSS8.6AI score0.25587EPSS

CVE•added 2016/07/13 1:59 a.m.•56 views

CVE-2016-3277

Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."

5.3CVSS5.8AI score0.17384EPSS

CVE•added 2016/09/14 10:59 a.m.•56 views

CVE-2016-3350

7.6CVSS7.7AI score0.236EPSS

CVE•added 2016/12/20 6:59 a.m.•56 views

CVE-2016-7281

The Web Workers implementation in Microsoft Internet Explorer 10 and 11 and Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Browser Security Feature Bypass Vulnerability."

5.3CVSS6.4AI score0.34492EPSS

CVE•added 2018/09/13 12:29 a.m.•56 views

CVE-2018-8354

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8391, CVE-2018-8456, CVE-2018-8457, CVE...

7.6CVSS7.5AI score0.05188EPSS

CVE•added 2018/08/15 5:29 p.m.•56 views

CVE-2018-8357

An elevation of privilege vulnerability exists in Microsoft browsers allowing sandbox escape, aka "Microsoft Browser Elevation of Privilege Vulnerability." This affects Internet Explorer 11, Microsoft Edge.

8.3CVSS8.4AI score0.08567EPSS

CVE•added 2018/08/15 5:29 p.m.•56 views

CVE-2018-8358

A security feature bypass vulnerability exists when Microsoft Edge improperly handles redirect requests, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge.

4.3CVSS5.8AI score0.05796EPSS

CVE•added 2015/10/14 1:59 a.m.•55 views

CVE-2015-6058

Microsoft Edge mishandles HTML attributes in HTTP responses, which allows remote attackers to bypass a cross-site scripting (XSS) protection mechanism via unspecified vectors, aka "Microsoft Edge XSS Filter Bypass."

4.3CVSS5AI score0.18964EPSS

CVE•added 2015/12/09 11:59 a.m.•55 views

CVE-2015-6151

Microsoft Internet Explorer 8 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6083.

9.3CVSS7.5AI score0.1814EPSS

CVE•added 2016/09/14 10:59 a.m.•55 views

CVE-2016-3330

7.6CVSS7.8AI score0.23501EPSS

CVE•added 2016/10/14 2:59 a.m.•55 views

CVE-2016-3331

9.3CVSS7.6AI score0.23334EPSS

CVE•added 2016/10/14 2:59 a.m.•55 views

CVE-2016-3382

The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as demonstrated by the Chakra JavaScript engine, aka "Scripting Engine Memory Corruption Vul...

9.3CVSS7.4AI score0.23334EPSS

CVE•added 2016/10/14 2:59 a.m.•55 views

CVE-2016-3387

Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsoft Browser Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3388.

7.5CVSS6.2AI score0.44855EPSS

CVE•added 2018/06/14 12:29 p.m.•55 views

CVE-2018-8234

4.3CVSS5.5AI score0.07811EPSS

CVE•added 2018/10/10 1:29 p.m.•55 views

CVE-2018-8510

7.6CVSS7.4AI score0.07807EPSS

CVE•added 2015/10/14 1:59 a.m.•54 views

CVE-2015-6057

Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability."

5CVSS5.7AI score0.21101EPSS

CVE•added 2015/12/09 11:59 a.m.•54 views

CVE-2015-6155

Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."

9.3CVSS7.6AI score0.1814EPSS

CVE•added 2016/08/09 9:59 p.m.•54 views

CVE-2016-3329

Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to determine the existence of files via a crafted webpage, aka "Internet Explorer Information Disclosure Vulnerability."

5.3CVSS5.5AI score0.32707EPSS

CVE•added 2018/05/09 7:29 p.m.•54 views

CVE-2018-8177

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-0943, CVE-2018-8130, CVE-2018-8133, CVE-2...

7.6CVSS7.4AI score0.72843EPSS

CVE•added 2018/06/14 12:29 p.m.•54 views

CVE-2018-8227

7.6CVSS7.4AI score0.81924EPSS

CVE•added 2018/07/11 12:29 a.m.•54 views

CVE-2018-8262

7.6CVSS6.6AI score0.85081EPSS

CVE•added 2018/10/10 1:29 p.m.•54 views

CVE-2018-8530

4.3CVSS5.5AI score0.03377EPSS

CVE•added 2015/12/09 11:59 a.m.•53 views

CVE-2015-6139

Microsoft Internet Explorer 11 and Microsoft Edge mishandle content types, which allows remote attackers to execute arbitrary web script in a privileged context via a crafted web site, aka "Microsoft Browser Elevation of Privilege Vulnerability."

9.3CVSS7AI score0.23067EPSS

CVE•added 2015/12/09 11:59 a.m.•53 views

CVE-2015-6153

9.3CVSS7.4AI score0.2665EPSS

CVE•added 2016/06/16 1:59 a.m.•53 views

CVE-2016-3214

9.3CVSS8.6AI score0.21571EPSS

CVE•added 2016/12/20 6:59 a.m.•53 views

CVE-2016-7297

The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7286, CVE-2016-7288, and CVE-2016-7296.

7.6CVSS7.6AI score0.7786EPSS

CVE•added 2018/05/09 7:29 p.m.•53 views

CVE-2018-1021

4.3CVSS4.2AI score0.06705EPSS

CVE•added 2018/07/11 12:29 a.m.•53 views

CVE-2018-8297

4.3CVSS4.3AI score0.04728EPSS

CVE•added 2015/11/11 11:59 a.m.•52 views

CVE-2015-6064

9.3CVSS7.5AI score0.32615EPSS

CVE•added 2016/12/20 6:59 a.m.•52 views

CVE-2016-7280

Cross-site scripting (XSS) vulnerability in Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Edge Information Disclosure Vulnerability," a different vulnerability than CVE-2016-7206.

6.1CVSS5.8AI score0.09084EPSS

CVE•added 2018/03/14 5:29 p.m.•52 views

CVE-2018-0879

Microsoft Edge in Windows 10 1709 allows information disclosure, due to how Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability".

7.5CVSS6.9AI score0.13422EPSS

Total number of security vulnerabilities481