Edge Security Vulnerabilities and Issues — Edge CVE List

Lucene search

MicrosoftEdge

63 matches found

CVE•added 2022/11/25 1:15 a.m.•1116 views

CVE-2022-4135

Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

9.6CVSS9.3AI score0.00114EPSS

CVE•added 2024/08/21 9:15 p.m.•333 views

CVE-2024-7971

Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

9.6CVSS6.8AI score0.00339EPSS

CVE•added 2022/08/09 8:15 p.m.•195 views

CVE-2022-33649

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

9.6CVSS9.1AI score0.01095EPSS

CVE•added 2024/01/26 1:15 a.m.•192 views

CVE-2024-21326

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

9.6CVSS9.1AI score0.00764EPSS

CVE•added 2023/09/15 10:15 p.m.•154 views

CVE-2023-36735

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

9.6CVSS9.2AI score0.00718EPSS

CVE•added 2020/09/11 5:15 p.m.•142 views

CVE-2020-1057

<p>A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited th...

9.3CVSS6.7AI score0.03106EPSS

CVE•added 2020/08/17 7:15 p.m.•130 views

CVE-2020-1555

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successf...

9.3CVSS7.9AI score0.1447EPSS

CVE•added 2020/06/09 8:15 p.m.•107 views

CVE-2020-1073

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'.

9.3CVSS7.9AI score0.13506EPSS

CVE•added 2016/02/10 11:59 a.m.•105 views

CVE-2016-0060

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0061, CVE-2016-0063,...

9.3CVSS8.6AI score0.47176EPSS

CVE•added 2015/09/09 12:59 a.m.•94 views

CVE-2015-2494

Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2486, CVE-2015-2487, CVE-2015-2490, CV...

9.3CVSS7.4AI score0.20844EPSS

CVE•added 2024/08/12 1:38 p.m.•92 views

CVE-2024-38219

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

9CVSS6.9AI score0.00372EPSS

CVE•added 2024/10/17 11:15 p.m.•92 views

CVE-2024-43566

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

9.8CVSS8.1AI score0.07186EPSS

CVE•added 2018/02/15 2:29 a.m.•90 views

CVE-2018-0834

Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0835, CVE-...

9.3CVSS7.3AI score0.8026EPSS

CVE•added 2020/03/12 4:15 p.m.•90 views

CVE-2020-0816

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'.

9.3CVSS9.2AI score0.20625EPSS

CVE•added 2016/10/14 2:59 a.m.•87 views

CVE-2016-7189

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Remote Code Execution Vulnerability."

9.3CVSS7.7AI score0.79906EPSS

CVE•added 2017/11/15 3:29 a.m.•85 views

CVE-2017-11827

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain ...

9.3CVSS7.3AI score0.22769EPSS

CVE•added 2016/06/16 1:59 a.m.•83 views

CVE-2016-3199

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3214.

9.3CVSS8.6AI score0.21571EPSS

CVE•added 2016/08/09 9:59 p.m.•82 views

CVE-2016-3319

The PDF library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allows remote attackers to execute arbitrary code via a crafted PDF file, aka "Microsoft PDF Remote Code Execution Vulnerability."

9.3CVSS7.3AI score0.37191EPSS

CVE•added 2023/12/07 9:15 p.m.•82 views

CVE-2023-35618

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

9.6CVSS9.2AI score0.00477EPSS

CVE•added 2015/09/09 12:59 a.m.•80 views

CVE-2015-2486

9.3CVSS7.4AI score0.20844EPSS

CVE•added 2017/05/15 5:29 p.m.•80 views

CVE-2017-0223

A remote code execution vulnerability exists in Microsoft Chakra Core in the way JavaScript engines render when handling objects in memory. aka "Scripting Engine Memory Corruption Vulnerability". This vulnerability is unique from CVE-2017-0252.

9.8CVSS9.4AI score0.36015EPSS

CVE•added 2018/02/15 2:29 a.m.•80 views

CVE-2018-0840

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting e...

9.3CVSS7.3AI score0.8026EPSS

CVE•added 2016/06/16 1:59 a.m.•77 views

CVE-2016-3203

Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allow remote attackers to execute arbitrary code via a crafted PDF document, aka "Windows PDF Remote Code Execution Vulnerability."

9.3CVSS7.9AI score0.49159EPSS

CVE•added 2019/05/16 7:29 p.m.•76 views

CVE-2019-0938

An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka 'Microsoft Edge Elevation of Privilege Vulnerability'.

9CVSS7.4AI score0.00663EPSS

CVE•added 2015/08/14 10:59 a.m.•74 views

CVE-2015-2441

Microsoft Internet Explorer 7 through 11 and Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2452.

9.3CVSS7.6AI score0.22819EPSS

CVE•added 2016/07/13 1:59 a.m.•69 views

CVE-2016-3260

The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engin...

9.3CVSS8.6AI score0.22641EPSS

CVE•added 2016/10/14 2:59 a.m.•68 views

CVE-2016-3386

9.3CVSS7.6AI score0.79242EPSS

CVE•added 2017/10/13 1:29 p.m.•68 views

CVE-2017-11812

ChakraCore and Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CV...

9.3CVSS7.8AI score0.78672EPSS

CVE•added 2015/08/14 10:59 a.m.•67 views

CVE-2015-2442

Microsoft Internet Explorer 8 through 11 and Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2444.

9.3CVSS7.6AI score0.25579EPSS

CVE•added 2015/09/09 12:59 a.m.•67 views

CVE-2015-2542

Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability."

9.3CVSS7.5AI score0.14833EPSS

CVE•added 2015/09/09 12:59 a.m.•65 views

CVE-2015-2485

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2491 and CVE-2015-2541.

9.3CVSS7.5AI score0.20844EPSS

CVE•added 2016/06/16 1:59 a.m.•64 views

CVE-2016-3222

Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."

9.3CVSS8.6AI score0.69898EPSS

CVE•added 2015/08/14 10:59 a.m.•63 views

CVE-2015-2446

Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2447.

9.3CVSS7.6AI score0.34462EPSS

CVE•added 2015/12/09 11:59 a.m.•63 views

CVE-2015-6159

Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6140, CVE-2015-6142, CVE-2015-...

9.3CVSS7.4AI score0.2665EPSS

CVE•added 2018/02/15 2:29 a.m.•62 views

CVE-2018-0861

Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-201...

9.3CVSS7.3AI score0.8026EPSS

CVE•added 2015/11/11 12:59 p.m.•61 views

CVE-2015-6078

9.3CVSS7.5AI score0.23334EPSS

CVE•added 2015/12/09 11:59 a.m.•60 views

CVE-2015-6142

9.3CVSS7.4AI score0.2665EPSS

CVE•added 2016/02/10 11:59 a.m.•59 views

CVE-2016-0061

9.3CVSS8.6AI score0.47176EPSS

CVE•added 2016/02/10 11:59 a.m.•58 views

CVE-2016-0084

Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."

9.3CVSS8.7AI score0.20325EPSS

CVE•added 2016/07/13 1:59 a.m.•58 views

CVE-2016-3248

The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scrip...

9.3CVSS8.6AI score0.27132EPSS

CVE•added 2016/01/13 5:59 a.m.•57 views

CVE-2016-0024

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via unspecified vectors, aka "Scripting Engine Memory Corruption Vulnerability."

9.3CVSS8.8AI score0.32396EPSS

CVE•added 2016/02/10 11:59 a.m.•57 views

CVE-2016-0062

9.3CVSS8.6AI score0.19386EPSS

CVE•added 2017/05/15 5:29 p.m.•57 views

CVE-2017-0252

9.8CVSS9.4AI score0.36015EPSS

CVE•added 2015/11/11 12:59 p.m.•56 views

CVE-2015-6073

9.3CVSS7.4AI score0.28139EPSS

CVE•added 2015/12/09 11:59 a.m.•56 views

CVE-2015-6140

9.3CVSS7.4AI score0.2665EPSS

CVE•added 2016/07/13 1:59 a.m.•56 views

CVE-2016-3259

9.3CVSS8.6AI score0.27132EPSS

CVE•added 2016/07/13 1:59 a.m.•56 views

CVE-2016-3265

9.3CVSS8.6AI score0.25587EPSS

CVE•added 2015/12/09 11:59 a.m.•55 views

CVE-2015-6151

Microsoft Internet Explorer 8 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6083.

9.3CVSS7.5AI score0.1814EPSS

CVE•added 2016/10/14 2:59 a.m.•55 views

CVE-2016-3331

9.3CVSS7.6AI score0.23334EPSS

CVE•added 2016/10/14 2:59 a.m.•55 views

CVE-2016-3382

The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as demonstrated by the Chakra JavaScript engine, aka "Scripting Engine Memory Corruption Vul...

9.3CVSS7.4AI score0.23334EPSS

Total number of security vulnerabilities63