Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
MicrosoftEdge

54 matches found

CVE
CVEadded 2025/01/24 10:15 p.m.226 views

CVE-2025-21262

User Interface (UI) Misrepresentation of Critical Information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network

5.4CVSS5.2AI score0.00128EPSS
CVE
CVEadded 2025/02/06 11:15 p.m.186 views

CVE-2025-21253

Microsoft Edge for IOS and Android Spoofing Vulnerability

5.3CVSS5.2AI score0.00257EPSS
CVE
CVEadded 2024/06/13 8:15 p.m.176 views

CVE-2024-30058

Microsoft Edge (Chromium-based) Spoofing Vulnerability

5.4CVSS5.7AI score0.00303EPSS
CVE
CVEadded 2024/06/13 8:15 p.m.172 views

CVE-2024-30057

Microsoft Edge for iOS Spoofing Vulnerability

5.4CVSS5.1AI score0.00484EPSS
CVE
CVEadded 2023/04/27 7:15 p.m.161 views

CVE-2023-28261

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

5.7CVSS5.8AI score0.00148EPSS
CVE
CVEadded 2024/01/11 10:15 p.m.155 views

CVE-2024-21337

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

5.2CVSS5.1AI score0.00893EPSS
CVE
CVEadded 2024/01/26 1:15 a.m.152 views

CVE-2024-21387

Microsoft Edge for Android Spoofing Vulnerability

5.3CVSS5.1AI score0.04212EPSS
CVE
CVEadded 2023/02/14 8:15 p.m.144 views

CVE-2023-21720

Microsoft Edge (Chromium-based) Tampering Vulnerability

5.3CVSS5.4AI score0.00205EPSS
CVE
CVEadded 2024/05/14 3:21 p.m.139 views

CVE-2024-30055

Microsoft Edge (Chromium-based) Spoofing Vulnerability

5.4CVSS6.5AI score0.01524EPSS
CVE
CVEadded 2024/04/19 5:15 p.m.127 views

CVE-2024-29991

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

5CVSS4.9AI score0.00197EPSS
CVE
CVEadded 2024/07/25 10:15 p.m.118 views

CVE-2024-38103

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

5.9CVSS5.4AI score0.00941EPSS
CVE
CVEadded 2025/07/11 5:15 p.m.108 views

CVE-2025-47964

Microsoft Edge (Chromium-based) Spoofing Vulnerability

5.4CVSS6.8AI score0.0004EPSS
CVE
CVEadded 2016/10/14 2:59 a.m.107 views

CVE-2016-3267

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the existence of unspecified files via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."

5.3CVSS5.5AI score0.34882EPSS
CVE
CVEadded 2025/07/11 5:15 p.m.107 views

CVE-2025-47182

Improper input validation in Microsoft Edge (Chromium-based) allows an authorized attacker to bypass a security feature locally.

5.6CVSS6.9AI score0.00049EPSS
CVE
CVEadded 2024/04/18 7:15 p.m.105 views

CVE-2024-29986

Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability

5.4CVSS5.1AI score0.00122EPSS
CVE
CVEadded 2025/03/07 7:15 p.m.104 views

CVE-2025-26643

The UI performs the wrong action in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

5.4CVSS5.2AI score0.00106EPSS
CVE
CVEadded 2022/02/07 5:15 p.m.98 views

CVE-2022-23261

Microsoft Edge (Chromium-based) Tampering Vulnerability

5.3CVSS5.4AI score0.01113EPSS
CVE
CVEadded 2022/10/11 7:15 p.m.95 views

CVE-2022-41035

Microsoft Edge (Chromium-based) Spoofing Vulnerability

5.3CVSS6.8AI score0.00216EPSS
CVE
CVEadded 2019/04/08 11:29 p.m.94 views

CVE-2019-0612

A security feature bypass vulnerability exists when Click2Play protection in Microsoft Edge improperly handles flash objects. By itself, this bypass vulnerability does not allow arbitrary code execution, aka 'Microsoft Edge Security Feature Bypass Vulnerability'.

5.3CVSS6.8AI score0.13975EPSS
CVE
CVEadded 2024/11/14 8:15 p.m.92 views

CVE-2024-49025

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

5.4CVSS5.1AI score0.0019EPSS
CVE
CVEadded 2020/05/21 11:15 p.m.85 views

CVE-2020-1195

An elevation of privilege vulnerability exists in Microsoft Edge (Chromium-based) when the Feedback extension improperly validates input, aka 'Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability'.

5.9CVSS5.9AI score0.0565EPSS
CVE
CVEadded 2021/09/02 11:15 p.m.81 views

CVE-2021-26439

Microsoft Edge for Android Information Disclosure Vulnerability

5.9CVSS4.7AI score0.0659EPSS
CVE
CVEadded 2016/08/09 9:59 p.m.80 views

CVE-2016-3326

Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to obtain sensitive information via a crafted web page, aka "Microsoft Browser Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3327.

5.3CVSS5.1AI score0.32707EPSS
CVE
CVEadded 2018/01/04 2:29 p.m.80 views

CVE-2018-0780

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This...

5.3CVSS5AI score0.72149EPSS
CVE
CVEadded 2019/03/06 12:0 a.m.78 views

CVE-2019-0641

A security feature bypass vulnerability exists in Microsoft Edge handles whitelisting, aka 'Microsoft Edge Security Feature Bypass Vulnerability'.

5.9CVSS7.1AI score0.09435EPSS
CVE
CVEadded 2024/10/17 11:15 p.m.78 views

CVE-2024-43580

Microsoft Edge (Chromium-based) Spoofing Vulnerability

5.4CVSS5.6AI score0.0021EPSS
CVE
CVEadded 2024/10/18 1:15 a.m.77 views

CVE-2024-49023

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

5.9CVSS5.9AI score0.0058EPSS
CVE
CVEadded 2017/05/12 2:29 p.m.76 views

CVE-2017-0241

An elevation of privilege vulnerability exists when Microsoft Edge renders a domain-less page in the URL, which could allow Microsoft Edge to perform actions in the context of the Intranet Zone and access functionality that is not typically available to the browser when browsing in the context of t...

5.4CVSS6.2AI score0.15019EPSS
CVE
CVEadded 2020/06/09 8:15 p.m.75 views

CVE-2020-1242

An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests, aka 'Microsoft Edge Information Disclosure Vulnerability'.

5.3CVSS5.9AI score0.03715EPSS
CVE
CVEadded 2017/12/12 9:29 p.m.74 views

CVE-2017-11919

ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016, and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 ...

5.3CVSS5.5AI score0.50436EPSS
CVE
CVEadded 2018/11/14 1:29 a.m.72 views

CVE-2018-8567

An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain, aka "Microsoft Edge Elevation of Privilege Vulnerability." This affects Microsof...

5.8CVSS5.8AI score0.00715EPSS
CVE
CVEadded 2016/06/16 1:59 a.m.71 views

CVE-2016-3215

Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 1511, and Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted PDF document, aka "Windows PDF Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3201.

5.5CVSS5.4AI score0.40028EPSS
CVE
CVEadded 2023/07/01 12:15 a.m.70 views

CVE-2021-34475

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

5.4CVSS5.5AI score0.00231EPSS
CVE
CVEadded 2016/09/06 10:59 a.m.67 views

CVE-2016-7152

The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack.

5.3CVSS4.9AI score0.03915EPSS
CVE
CVEadded 2018/10/10 1:29 p.m.67 views

CVE-2018-8512

A security feature bypass vulnerability exists in Microsoft Edge when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8...

5.8CVSS5.4AI score0.0344EPSS
CVE
CVEadded 2016/08/09 9:59 p.m.66 views

CVE-2016-3327

Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to obtain sensitive information via a crafted web page, aka "Microsoft Browser Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3326.

5.3CVSS5.1AI score0.32707EPSS
CVE
CVEadded 2019/06/12 2:29 p.m.66 views

CVE-2019-1054

A security feature bypass vulnerability exists in Edge that allows for bypassing Mark of the Web Tagging (MOTW). Failing to set the MOTW means that a large number of Microsoft security technologies are bypassed.In a web-based attack scenario, an attacker could host a malicious website that is desig...

5.1CVSS5.9AI score0.01088EPSS
CVE
CVEadded 2021/02/25 11:15 p.m.66 views

CVE-2021-24100

Microsoft Edge for Android Information Disclosure Vulnerability

5CVSS5.1AI score0.04111EPSS
CVE
CVEadded 2018/01/04 2:29 p.m.65 views

CVE-2018-0800

Microsoft Edge in Microsoft Windows 10 1709 allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0767 and CVE-2018...

5.3CVSS4.9AI score0.72149EPSS
CVE
CVEadded 2018/01/04 2:29 p.m.64 views

CVE-2018-0803

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to access information from one domain and inject it into another domain, due to how Microsoft Edge enforces cross-domain policies, aka "Microsoft Edge Elevation of Privilege Vulnerability...

5.8CVSS4.7AI score0.03626EPSS
CVE
CVEadded 2016/07/13 1:59 a.m.62 views

CVE-2016-3273

The XSS Filter in Microsoft Internet Explorer 9 through 11 and Microsoft Edge does not properly restrict JavaScript code, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."

5.3CVSS5.6AI score0.22915EPSS
CVE
CVEadded 2018/01/04 2:29 p.m.61 views

CVE-2018-0767

Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE I...

5.3CVSS5AI score0.72149EPSS
CVE
CVEadded 2017/06/15 1:29 a.m.59 views

CVE-2017-8530

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to trick a user into loading a page with malicious content when Microsoft Edge does not properly enforce same-origin policies, aka "Microsoft Edge Security Feature Bypass Vulnerability". Th...

5.8CVSS4.6AI score0.06082EPSS
CVE
CVEadded 2016/10/14 2:59 a.m.58 views

CVE-2016-3391

Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow context-dependent attackers to discover credentials by leveraging access to a memory dump, aka "Microsoft Browser Information Disclosure Vulnerability."

5.3CVSS5.6AI score0.25022EPSS
CVE
CVEadded 2016/07/13 1:59 a.m.56 views

CVE-2016-3277

Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."

5.3CVSS5.8AI score0.17384EPSS
CVE
CVEadded 2016/11/10 6:59 a.m.56 views

CVE-2016-7209

Microsoft Edge allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability."

5.3CVSS5.7AI score0.06822EPSS
CVE
CVEadded 2016/12/20 6:59 a.m.56 views

CVE-2016-7281

The Web Workers implementation in Microsoft Internet Explorer 10 and 11 and Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Browser Security Feature Bypass Vulnerability."

5.3CVSS6.4AI score0.34492EPSS
CVE
CVEadded 2017/08/08 9:29 p.m.55 views

CVE-2017-8637

Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to bypass Arbitrary Code Guard (ACG) due to how Microsoft Edge accesses memory in code compiled by the Edge Just-In-Time (JIT) compiler, aka "Scripting Engine Security Feature Bypass Vulnerability".

5.3CVSS6.5AI score0.18274EPSS
CVE
CVEadded 2017/08/08 9:29 p.m.55 views

CVE-2017-8650

Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to exploit a security feature bypass due to Microsoft Edge not properly enforcing same-origin policies, aka "Microsoft Edge Security Feature Bypass Vulnerability".

5.8CVSS6.6AI score0.00718EPSS
CVE
CVEadded 2015/10/14 1:59 a.m.54 views

CVE-2015-6057

Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability."

5CVSS5.7AI score0.21101EPSS
Total number of security vulnerabilities54