Edge
by Microsoft
Source repositories
CVEs (738)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-26436 | 0.00 | — | 0.02 | Sep 2, 2021 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||
| CVE-2021-1705 | 0.00 | — | 0.02 | Jan 12, 2021 | Microsoft Edge (HTML-based) Memory Corruption Vulnerability | |||
| CVE-2020-17058 | 0.00 | — | 0.03 | Nov 11, 2020 | Microsoft Browser Memory Corruption Vulnerability | |||
| CVE-2020-17054 | 0.00 | — | 0.02 | Nov 11, 2020 | Chakra Scripting Engine Memory Corruption Vulnerability | |||
| CVE-2020-17048 | 0.00 | — | 0.02 | Nov 11, 2020 | Chakra Scripting Engine Memory Corruption Vulnerability | |||
| CVE-2020-1180 | 0.00 | — | 0.02 | Sep 11, 2020 | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who… | |||
| CVE-2020-1172 | 0.00 | — | 0.02 | Sep 11, 2020 | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who… | |||
| CVE-2020-1057 | 0.00 | — | 0.02 | Sep 11, 2020 | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who… | |||
| CVE-2020-1569 | 0.00 | — | 0.03 | Aug 17, 2020 | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully… | |||
| CVE-2020-1568 | 0.00 | — | 0.03 | Aug 17, 2020 | A remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who… | |||
| CVE-2020-1242 | 0.00 | — | 0.04 | Jun 9, 2020 | An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests, aka 'Microsoft Edge Information Disclosure Vulnerability'. | |||
| CVE-2020-1220 | 0.00 | — | 0.02 | Jun 9, 2020 | A spoofing vulnerability exists when theMicrosoft Edge (Chromium-based) in IE Mode improperly handles specific redirects, aka 'Microsoft Edge (Chromium-based) in IE Mode Spoofing Vulnerability'. | |||
| CVE-2020-1059 | 0.00 | — | 0.02 | May 21, 2020 | A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka 'Microsoft Edge Spoofing Vulnerability'. | |||
| CVE-2020-0663 | 0.00 | — | 0.02 | Feb 11, 2020 | An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a… | |||
| CVE-2019-1428 | 0.00 | — | 0.09 | Nov 12, 2019 | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1427, CVE-2019-1429. | |||
| CVE-2019-1427 | 0.00 | — | 0.09 | Nov 12, 2019 | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1428, CVE-2019-1429. | |||
| CVE-2019-1413 | 0.00 | — | 0.01 | Nov 12, 2019 | A security feature bypass vulnerability exists when Microsoft Edge improperly handles extension requests and fails to request host permission for all_urls, aka 'Microsoft Edge Security Feature Bypass Vulnerability'. | |||
| CVE-2019-1196 | 0.00 | — | 0.02 | Aug 14, 2019 | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current… | |||
| CVE-2019-1197 | 0.00 | — | 0.02 | Aug 14, 2019 | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current… | |||
| CVE-2019-1195 | 0.00 | — | 0.02 | Aug 14, 2019 | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current… |
- CVE-2021-26436Sep 2, 2021risk 0.00cvss —epss 0.02
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
- CVE-2021-1705Jan 12, 2021risk 0.00cvss —epss 0.02
Microsoft Edge (HTML-based) Memory Corruption Vulnerability
- CVE-2020-17058Nov 11, 2020risk 0.00cvss —epss 0.03
Microsoft Browser Memory Corruption Vulnerability
- CVE-2020-17054Nov 11, 2020risk 0.00cvss —epss 0.02
Chakra Scripting Engine Memory Corruption Vulnerability
- CVE-2020-17048Nov 11, 2020risk 0.00cvss —epss 0.02
Chakra Scripting Engine Memory Corruption Vulnerability
- CVE-2020-1180Sep 11, 2020risk 0.00cvss —epss 0.02
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who…
- CVE-2020-1172Sep 11, 2020risk 0.00cvss —epss 0.02
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who…
- CVE-2020-1057Sep 11, 2020risk 0.00cvss —epss 0.02
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who…
- CVE-2020-1569Aug 17, 2020risk 0.00cvss —epss 0.03
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully…
- CVE-2020-1568Aug 17, 2020risk 0.00cvss —epss 0.03
A remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who…
- CVE-2020-1242Jun 9, 2020risk 0.00cvss —epss 0.04
An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests, aka 'Microsoft Edge Information Disclosure Vulnerability'.
- CVE-2020-1220Jun 9, 2020risk 0.00cvss —epss 0.02
A spoofing vulnerability exists when theMicrosoft Edge (Chromium-based) in IE Mode improperly handles specific redirects, aka 'Microsoft Edge (Chromium-based) in IE Mode Spoofing Vulnerability'.
- CVE-2020-1059May 21, 2020risk 0.00cvss —epss 0.02
A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka 'Microsoft Edge Spoofing Vulnerability'.
- CVE-2020-0663Feb 11, 2020risk 0.00cvss —epss 0.02
An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a…
- CVE-2019-1428Nov 12, 2019risk 0.00cvss —epss 0.09
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1427, CVE-2019-1429.
- CVE-2019-1427Nov 12, 2019risk 0.00cvss —epss 0.09
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1428, CVE-2019-1429.
- CVE-2019-1413Nov 12, 2019risk 0.00cvss —epss 0.01
A security feature bypass vulnerability exists when Microsoft Edge improperly handles extension requests and fails to request host permission for all_urls, aka 'Microsoft Edge Security Feature Bypass Vulnerability'.
- CVE-2019-1196Aug 14, 2019risk 0.00cvss —epss 0.02
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current…
- CVE-2019-1197Aug 14, 2019risk 0.00cvss —epss 0.02
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current…
- CVE-2019-1195Aug 14, 2019risk 0.00cvss —epss 0.02
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current…
Page 34 of 37