Edge
by Microsoft
Source repositories
CVEs (738)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-6151 | 0.02 | — | 0.20 | Dec 9, 2015 | Microsoft Internet Explorer 8 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than… | |||
| CVE-2015-6148 | 0.02 | — | 0.20 | Dec 9, 2015 | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than… | |||
| CVE-2015-6142 | 0.02 | — | 0.20 | Dec 9, 2015 | Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6140,… | |||
| CVE-2015-6088 | 0.02 | — | 0.31 | Nov 11, 2015 | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Browser ASLR Bypass." | |||
| CVE-2015-6064 | 0.02 | — | 0.20 | Nov 11, 2015 | Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than… | |||
| CVE-2015-2542 | 0.02 | — | 0.20 | Sep 9, 2015 | Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability." | |||
| CVE-2015-2494 | 0.02 | — | 0.20 | Sep 9, 2015 | Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2486,… | |||
| CVE-2015-2486 | 0.02 | — | 0.20 | Sep 9, 2015 | Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2487,… | |||
| CVE-2024-43477 | 0.01 | — | 0.01 | Aug 23, 2024 | Improper access control in Decentralized Identity Services resulted in a vulnerability that allows an unauthenticated attacker to disable Verifiable ID's on another tenant. | |||
| CVE-2023-21719 | 0.01 | — | 0.02 | Jan 23, 2023 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | |||
| CVE-2021-41351 | 0.01 | — | 0.04 | Nov 10, 2021 | Microsoft Edge (Chrome based) Spoofing on IE Mode | |||
| CVE-2021-26439 | 0.01 | — | 0.02 | Sep 2, 2021 | Microsoft Edge for Android Information Disclosure Vulnerability | |||
| CVE-2020-17052 | 0.01 | — | 0.02 | Nov 11, 2020 | Scripting Engine Memory Corruption Vulnerability | |||
| CVE-2020-1555 | 0.01 | — | 0.05 | Aug 17, 2020 | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An… | |||
| CVE-2020-1056 | 0.01 | — | 0.03 | May 21, 2020 | An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a… | |||
| CVE-2019-1356 | 0.01 | — | 0.06 | Oct 10, 2019 | An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory, aka 'Microsoft Edge based on Edge HTML Information Disclosure Vulnerability'. | |||
| CVE-2019-1023 | 0.01 | — | 0.05 | Jun 12, 2019 | An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. In a web-based… | |||
| CVE-2019-0990 | 0.01 | — | 0.05 | Jun 12, 2019 | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current… | |||
| CVE-2019-0926 | 0.01 | — | 0.08 | May 16, 2019 | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'. | |||
| CVE-2019-0884 | 0.01 | — | 0.08 | May 16, 2019 | A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0911, CVE-2019-0918. |
- CVE-2015-6151Dec 9, 2015risk 0.02cvss —epss 0.20
Microsoft Internet Explorer 8 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than…
- CVE-2015-6148Dec 9, 2015risk 0.02cvss —epss 0.20
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than…
- CVE-2015-6142Dec 9, 2015risk 0.02cvss —epss 0.20
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6140,…
- CVE-2015-6088Nov 11, 2015risk 0.02cvss —epss 0.31
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Browser ASLR Bypass."
- CVE-2015-6064Nov 11, 2015risk 0.02cvss —epss 0.20
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than…
- CVE-2015-2542Sep 9, 2015risk 0.02cvss —epss 0.20
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability."
- CVE-2015-2494Sep 9, 2015risk 0.02cvss —epss 0.20
Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2486,…
- CVE-2015-2486Sep 9, 2015risk 0.02cvss —epss 0.20
Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2487,…
- CVE-2024-43477Aug 23, 2024risk 0.01cvss —epss 0.01
Improper access control in Decentralized Identity Services resulted in a vulnerability that allows an unauthenticated attacker to disable Verifiable ID's on another tenant.
- CVE-2023-21719Jan 23, 2023risk 0.01cvss —epss 0.02
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
- CVE-2021-41351Nov 10, 2021risk 0.01cvss —epss 0.04
Microsoft Edge (Chrome based) Spoofing on IE Mode
- CVE-2021-26439Sep 2, 2021risk 0.01cvss —epss 0.02
Microsoft Edge for Android Information Disclosure Vulnerability
- CVE-2020-17052Nov 11, 2020risk 0.01cvss —epss 0.02
Scripting Engine Memory Corruption Vulnerability
- CVE-2020-1555Aug 17, 2020risk 0.01cvss —epss 0.05
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An…
- CVE-2020-1056May 21, 2020risk 0.01cvss —epss 0.03
An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a…
- CVE-2019-1356Oct 10, 2019risk 0.01cvss —epss 0.06
An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory, aka 'Microsoft Edge based on Edge HTML Information Disclosure Vulnerability'.
- CVE-2019-1023Jun 12, 2019risk 0.01cvss —epss 0.05
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. In a web-based…
- CVE-2019-0990Jun 12, 2019risk 0.01cvss —epss 0.05
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current…
- CVE-2019-0926May 16, 2019risk 0.01cvss —epss 0.08
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'.
- CVE-2019-0884May 16, 2019risk 0.01cvss —epss 0.08
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0911, CVE-2019-0918.
Page 26 of 37