Edge
by Microsoft
Source repositories
CVEs (738)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-8324 | Med | 0.29 | 4.3 | 0.09 | Jul 11, 2018 | An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8289, CVE-2018-8297, CVE-2018-8325. | ||
| CVE-2018-8297 | Med | 0.29 | 4.3 | 0.09 | Jul 11, 2018 | An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8289, CVE-2018-8324, CVE-2018-8325. | ||
| CVE-2018-8289 | Med | 0.29 | 4.3 | 0.09 | Jul 11, 2018 | An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8297, CVE-2018-8324, CVE-2018-8325. | ||
| CVE-2018-0766 | Med | 0.29 | 4.3 | 0.08 | Jan 4, 2018 | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system, due to how the Microsoft Edge PDF Reader handles objects in memory, aka "Microsoft Edge Information… | ||
| CVE-2017-8726 | Med | 0.29 | 4.3 | 0.07 | Oct 13, 2017 | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how affected Microsoft scripting engines handle objects in memory, aka "Microsoft Edge Memory Corruption… | ||
| CVE-2017-8736 | Med | 0.29 | 4.3 | 0.08 | Sep 13, 2017 | Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to obtain specific… | ||
| CVE-2017-8555 | Med | 0.29 | 4.3 | 0.13 | Jun 15, 2017 | Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to trick a user into loading a page with malicious content when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents, aka "Microsoft Edge Security Feature Bypass… | ||
| CVE-2017-0069 | Med | 0.29 | 4.3 | 0.09 | Mar 17, 2017 | Microsoft Edge allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0012 and CVE-2017-0033. | ||
| CVE-2017-0068 | Med | 0.29 | 4.3 | 0.15 | Mar 17, 2017 | Browsers in Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011,… | ||
| CVE-2017-0033 | Med | 0.29 | 4.3 | 0.08 | Mar 17, 2017 | Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0012 and CVE-2017-0069. | ||
| CVE-2017-0012 | Med | 0.29 | 4.3 | 0.08 | Mar 17, 2017 | Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0033 and CVE-2017-0069. | ||
| CVE-2016-3244 | Med | 0.29 | 4.3 | 0.19 | Jul 13, 2016 | Microsoft Edge allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Edge Security Feature Bypass." | ||
| CVE-2016-0080 | Med | 0.29 | 4.3 | 0.15 | Feb 10, 2016 | Microsoft Edge mishandles exceptions during window-message dispatch operations, which allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Edge ASLR Bypass." | ||
| CVE-2016-0077 | Med | 0.29 | 4.3 | 0.10 | Feb 10, 2016 | Microsoft Internet Explorer 9 through 11 and Microsoft Edge misparse HTTP responses, which allows remote attackers to spoof web sites via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability." | ||
| CVE-2026-40416 | Med | 0.28 | 4.3 | 0.00 | May 12, 2026 | User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. | ||
| CVE-2026-35429 | Med | 0.28 | 4.3 | 0.01 | May 12, 2026 | User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. | ||
| CVE-2026-33118 | Med | 0.28 | 4.3 | 0.01 | Apr 10, 2026 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||
| CVE-2018-8530 | Med | 0.28 | 4.3 | 0.06 | Oct 10, 2018 | A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8512. | ||
| CVE-2018-8425 | Med | 0.28 | 4.3 | 0.03 | Sep 13, 2018 | A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge. | ||
| CVE-2018-8388 | Med | 0.28 | 4.3 | 0.04 | Aug 15, 2018 | A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8383. |
- risk 0.29cvss 4.3epss 0.09
An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8289, CVE-2018-8297, CVE-2018-8325.
- risk 0.29cvss 4.3epss 0.09
An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8289, CVE-2018-8324, CVE-2018-8325.
- risk 0.29cvss 4.3epss 0.09
An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8297, CVE-2018-8324, CVE-2018-8325.
- risk 0.29cvss 4.3epss 0.08
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system, due to how the Microsoft Edge PDF Reader handles objects in memory, aka "Microsoft Edge Information…
- risk 0.29cvss 4.3epss 0.07
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how affected Microsoft scripting engines handle objects in memory, aka "Microsoft Edge Memory Corruption…
- risk 0.29cvss 4.3epss 0.08
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to obtain specific…
- risk 0.29cvss 4.3epss 0.13
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to trick a user into loading a page with malicious content when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents, aka "Microsoft Edge Security Feature Bypass…
- risk 0.29cvss 4.3epss 0.09
Microsoft Edge allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0012 and CVE-2017-0033.
- risk 0.29cvss 4.3epss 0.15
Browsers in Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011,…
- risk 0.29cvss 4.3epss 0.08
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0012 and CVE-2017-0069.
- risk 0.29cvss 4.3epss 0.08
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0033 and CVE-2017-0069.
- risk 0.29cvss 4.3epss 0.19
Microsoft Edge allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Edge Security Feature Bypass."
- risk 0.29cvss 4.3epss 0.15
Microsoft Edge mishandles exceptions during window-message dispatch operations, which allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Edge ASLR Bypass."
- risk 0.29cvss 4.3epss 0.10
Microsoft Internet Explorer 9 through 11 and Microsoft Edge misparse HTTP responses, which allows remote attackers to spoof web sites via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability."
- risk 0.28cvss 4.3epss 0.00
User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
- risk 0.28cvss 4.3epss 0.01
User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
- risk 0.28cvss 4.3epss 0.01
Microsoft Edge (Chromium-based) Spoofing Vulnerability
- risk 0.28cvss 4.3epss 0.06
A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8512.
- risk 0.28cvss 4.3epss 0.03
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge.
- risk 0.28cvss 4.3epss 0.04
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8383.
Page 21 of 37