VYPR

Edge

by Microsoft

Source repositories

CVEs (738)

  • CVE-2017-8503HigAug 8, 2017
    risk 0.57cvss 8.8epss 0.01

    Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to escape from the AppContainer sandbox, aka "Microsoft Edge Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-8642.

  • CVE-2017-8601HigJul 11, 2017
    risk 0.57cvss 7.5epss 0.67

    Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge, aka "Scripting…

  • CVE-2017-8548HigJun 15, 2017
    risk 0.57cvss 7.5epss 0.68

    Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system when Microsoft Edge improperly handles objects in memory, aka "Scripting Engine Memory Corruption…

  • CVE-2016-7288HigDec 20, 2016
    risk 0.57cvss 7.5epss 0.70

    The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7286, CVE-2016-7296,…

  • CVE-2016-7287HigDec 20, 2016
    risk 0.57cvss 7.5epss 0.69

    The scripting engines in Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."

  • CVE-2016-7286HigDec 20, 2016
    risk 0.57cvss 7.5epss 0.69

    The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7288, CVE-2016-7296,…

  • CVE-2016-7241HigNov 10, 2016
    risk 0.57cvss 7.5epss 0.71

    Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."

  • CVE-2016-3247HigSep 14, 2016
    risk 0.57cvss 7.5epss 0.71

    Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."

  • CVE-2018-0840HigFeb 15, 2018
    risk 0.56cvss 7.5epss 0.54

    Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to…

  • CVE-2017-8751HigSep 13, 2017
    risk 0.56cvss 7.5epss 0.50

    Microsoft Edge in Microsoft Windows 1703 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft Edge accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability". This CVE ID is unique from…

  • CVE-2017-8734HigSep 13, 2017
    risk 0.56cvss 7.5epss 0.53

    Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft Edge accesses objects in memory, aka "Microsoft Edge Memory Corruption…

  • CVE-2017-8731HigSep 13, 2017
    risk 0.56cvss 7.5epss 0.52

    Microsoft Edge in Microsoft Windows 10 1607 and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft Edge accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability". This CVE ID…

  • CVE-2017-8657HigAug 8, 2017
    risk 0.56cvss 7.5epss 0.55

    Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka…

  • CVE-2017-8635HigAug 8, 2017
    risk 0.56cvss 7.5epss 0.56

    Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to…

  • CVE-2017-8496HigJun 15, 2017
    risk 0.56cvss 7.5epss 0.51

    Microsoft Edge in Windows 10 1607 and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability". This CVE ID is unique from…

  • CVE-2016-7194HigOct 14, 2016
    risk 0.56cvss 7.5epss 0.58

    The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3386,…

  • CVE-2025-9317HigNov 15, 2025
    risk 0.55cvss 8.4epss 0.00

    The vulnerability, if exploited, could allow a miscreant with read access to Edge Project files or Edge Offline Cache files to reverse engineer Edge users' app-native or Active Directory passwords through computational brute-forcing of weak hashes.

  • CVE-2018-8357HigAug 15, 2018
    risk 0.55cvss 8.3epss 0.08

    An elevation of privilege vulnerability exists in Microsoft browsers allowing sandbox escape, aka "Microsoft Browser Elevation of Privilege Vulnerability." This affects Internet Explorer 11, Microsoft Edge.

  • CVE-2016-4108HigMay 11, 2016
    risk 0.55cvss 7.5epss 0.38

    Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.

  • CVE-2016-1106HigMay 11, 2016
    risk 0.55cvss 7.5epss 0.37

    Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.

Page 4 of 37