CVE | Published | Severity | Details | Exploitability | Impact | Vector |
CVE‑2024‑7965 | 2024‑08‑21 21:15:09 | HIGH (9) | Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | 3 | 6 | NETWORK |
CVE‑2024‑49023 | 2024‑10‑18 01:15:41 | MEDIUM (5) | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 2 | 4 | NETWORK |
CVE‑2024‑43596 | 2024‑10‑17 23:15:17 | HIGH (9) | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 3 | 6 | NETWORK |
CVE‑2024‑43595 | 2024‑10‑17 23:15:16 | HIGH (9) | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 3 | 6 | NETWORK |
CVE‑2024‑43587 | 2024‑10‑17 23:15:16 | HIGH (8) | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 2 | 6 | NETWORK |
CVE‑2024‑43580 | 2024‑10‑17 23:15:16 | MEDIUM (5) | Microsoft Edge (Chromium-based) Spoofing Vulnerability | 3 | 3 | NETWORK |
CVE‑2024‑43579 | 2024‑10‑17 23:15:16 | HIGH (8) | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 3 | 6 | NETWORK |
CVE‑2024‑43578 | 2024‑10‑17 23:15:15 | HIGH (8) | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 3 | 6 | NETWORK |
CVE‑2024‑43566 | 2024‑10‑17 23:15:15 | CRITICAL (10) | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 4 | 6 | NETWORK |
CVE‑2024‑43496 | 2024‑09‑19 21:15:16 | HIGH (9) | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 3 | 6 | NETWORK |
CVE‑2024‑43489 | 2024‑09‑19 21:15:16 | HIGH (9) | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 3 | 6 | NETWORK |
CVE‑2024‑43472 | 2024‑08‑16 20:15:14 | HIGH (8) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2 | 6 | NETWORK |
CVE‑2024‑38222 | 2024‑09‑12 03:15:03 | MEDIUM (7) | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | 3 | 4 | NETWORK |
CVE‑2024‑38221 | 2024‑09‑19 21:15:14 | MEDIUM (4) | Microsoft Edge (Chromium-based) Spoofing Vulnerability | 3 | 1 | NETWORK |
CVE‑2024‑38219 | 2024‑08‑12 13:38:24 | CRITICAL (9) | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 2 | 6 | NETWORK |
CVE‑2024‑38210 | 2024‑08‑22 23:15:08 | HIGH (8) | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 2 | 6 | LOCAL |
CVE‑2024‑38209 | 2024‑08‑22 23:15:08 | HIGH (8) | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 2 | 6 | LOCAL |
CVE‑2024‑38208 | 2024‑08‑22 23:15:08 | MEDIUM (6) | Microsoft Edge for Android Spoofing Vulnerability | 3 | 3 | NETWORK |
CVE‑2024‑38207 | 2024‑08‑23 23:15:08 | MEDIUM (6) | Microsoft Edge (HTML-based) Memory Corruption Vulnerability | 3 | 3 | NETWORK |
CVE‑2024‑38103 | 2024‑07‑25 22:15:08 | MEDIUM (6) | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | 2 | 4 | NETWORK |
CVE‑2024‑38093 | 2024‑06‑20 20:15:19 | MEDIUM (4) | Microsoft Edge (Chromium-based) Spoofing Vulnerability | 3 | 1 | NETWORK |
CVE‑2024‑38083 | 2024‑06‑13 20:15:15 | MEDIUM (4) | Microsoft Edge (Chromium-based) Spoofing Vulnerability | 3 | 1 | NETWORK |
CVE‑2024‑38082 | 2024‑06‑20 20:15:18 | MEDIUM (5) | Microsoft Edge (Chromium-based) Spoofing Vulnerability | 3 | 1 | NETWORK |
CVE‑2024‑30057 | 2024‑06‑13 20:15:12 | MEDIUM (5) | Microsoft Edge for iOS Spoofing Vulnerability | 3 | 3 | NETWORK |
CVE‑2024‑29057 | 2024‑03‑22 22:15:50 | MEDIUM (4) | Microsoft Edge (Chromium-based) Spoofing Vulnerability | 3 | 1 | NETWORK |
CVE‑2024‑26247 | 2024‑03‑22 22:15:50 | MEDIUM (5) | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | 3 | 1 | NETWORK |
CVE‑2024‑26246 | 2024‑03‑14 23:15:46 | LOW (4) | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | 0 | 4 | PHYSICAL |
CVE‑2024‑26196 | 2024‑03‑21 02:52:17 | MEDIUM (4) | Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability | 3 | 1 | NETWORK |
CVE‑2024‑26163 | 2024‑03‑14 23:15:46 | MEDIUM (5) | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | 3 | 1 | NETWORK |
CVE‑2024‑21399 | 2024‑02‑02 01:15:09 | HIGH (8) | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 2 | 6 | NETWORK |
CVE‑2024‑21388 | 2024‑01‑30 18:15:48 | MEDIUM (7) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2 | 4 | NETWORK |
CVE‑2024‑21387 | 2024‑01‑26 01:15:11 | MEDIUM (5) | Microsoft Edge for Android Spoofing Vulnerability | 4 | 1 | NETWORK |
CVE‑2024‑21385 | 2024‑01‑26 01:15:11 | HIGH (8) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2 | 6 | NETWORK |
CVE‑2024‑21383 | 2024‑01‑26 01:15:10 | LOW (3) | Microsoft Edge (Chromium-based) Spoofing Vulnerability | 2 | 1 | LOCAL |
CVE‑2024‑21382 | 2024‑01‑26 01:15:10 | MEDIUM (4) | Microsoft Edge for Android Information Disclosure Vulnerability | 3 | 1 | NETWORK |
CVE‑2024‑21337 | 2024‑01‑11 22:15:47 | MEDIUM (5) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 1 | 4 | LOCAL |
CVE‑2024‑21336 | 2024‑01‑26 18:15:12 | LOW (3) | Microsoft Edge (Chromium-based) Spoofing Vulnerability | 1 | 1 | LOCAL |
CVE‑2024‑21326 | 2024‑01‑26 01:15:10 | CRITICAL (10) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 3 | 6 | NETWORK |
CVE‑2024‑20675 | 2024‑01‑11 21:15:13 | MEDIUM (6) | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | 3 | 3 | NETWORK |
CVE‑2023‑6702 | 2023‑12‑14 22:15:44 | HIGH (9) | Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | 3 | 6 | NETWORK |
CVE‑2023‑6345 | 2023‑11‑29 12:15:07 | CRITICAL (10) | Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High) | 3 | 6 | NETWORK |
CVE‑2023‑5217 | 2023‑09‑28 16:15:11 | HIGH (9) | Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | 3 | 6 | NETWORK |
CVE‑2023‑4863 | 2023‑09‑12 15:15:24 | HIGH (9) | Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) | 3 | 6 | NETWORK |
CVE‑2023‑4762 | 2023‑09‑05 22:15:10 | HIGH (9) | Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | 3 | 6 | NETWORK |
CVE‑2023‑44323 | 2023‑10‑30 15:15:41 | MEDIUM (6) | Adobe Acrobat for Edge version 118.0.2088.46 (and earlier) is affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2 | 4 | LOCAL |
CVE‑2023‑38187 | 2023‑07‑21 18:15:10 | MEDIUM (7) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2 | 4 | NETWORK |
CVE‑2023‑38174 | 2023‑12‑07 21:15:08 | MEDIUM (4) | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | 3 | 1 | NETWORK |
CVE‑2023‑38173 | 2023‑07‑21 18:15:10 | MEDIUM (4) | Microsoft Edge for Android Spoofing Vulnerability | 3 | 1 | NETWORK |
CVE‑2023‑38158 | 2023‑08‑21 20:15:09 | LOW (3) | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | 2 | 1 | NETWORK |
CVE‑2023‑38157 | 2023‑08‑07 18:15:10 | MEDIUM (7) | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | 3 | 4 | NETWORK |
CVE‑2023‑36888 | 2023‑07‑14 18:15:11 | MEDIUM (6) | Microsoft Edge for Android (Chromium-based) Tampering Vulnerability | 3 | 3 | NETWORK |
CVE‑2023‑36887 | 2023‑07‑14 18:15:11 | HIGH (8) | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 2 | 6 | LOCAL |
CVE‑2023‑36883 | 2023‑07‑14 18:15:11 | MEDIUM (4) | Microsoft Edge for iOS Spoofing Vulnerability | 3 | 1 | NETWORK |
CVE‑2023‑36880 | 2023‑12‑07 21:15:08 | MEDIUM (5) | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | 2 | 3 | NETWORK |
CVE‑2023‑36878 | 2023‑12‑15 01:15:08 | MEDIUM (4) | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | 3 | 1 | NETWORK |
CVE‑2023‑36787 | 2023‑08‑21 20:15:09 | HIGH (9) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 3 | 6 | NETWORK |
CVE‑2023‑36741 | 2023‑08‑26 01:15:08 | HIGH (8) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2 | 6 | NETWORK |
CVE‑2023‑36735 | 2023‑09‑15 22:15:14 | CRITICAL (10) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 3 | 6 | NETWORK |
CVE‑2023‑36727 | 2023‑09‑15 22:15:14 | MEDIUM (6) | Microsoft Edge (Chromium-based) Spoofing Vulnerability | 3 | 3 | NETWORK |
CVE‑2023‑36562 | 2023‑09‑15 22:15:13 | HIGH (7) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 3 | 4 | NETWORK |
CVE‑2023‑36559 | 2023‑10‑13 21:15:52 | MEDIUM (4) | Microsoft Edge (Chromium-based) Spoofing Vulnerability | 2 | 3 | NETWORK |
CVE‑2023‑36409 | 2023‑11‑07 00:15:08 | MEDIUM (7) | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | 4 | 3 | NETWORK |
CVE‑2023‑36034 | 2023‑11‑03 01:15:08 | HIGH (7) | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 2 | 6 | LOCAL |
CVE‑2023‑36029 | 2023‑11‑03 01:15:08 | MEDIUM (4) | Microsoft Edge (Chromium-based) Spoofing Vulnerability | 3 | 1 | NETWORK |
CVE‑2023‑36027 | 2023‑11‑10 20:15:07 | MEDIUM (6) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 3 | 3 | NETWORK |
CVE‑2023‑36026 | 2023‑11‑16 20:15:28 | MEDIUM (4) | Microsoft Edge (Chromium-based) Spoofing Vulnerability | 3 | 1 | NETWORK |
CVE‑2023‑36024 | 2023‑11‑10 00:15:09 | HIGH (7) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 3 | 4 | NETWORK |
CVE‑2023‑36022 | 2023‑11‑03 01:15:08 | MEDIUM (7) | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 2 | 5 | LOCAL |
CVE‑2023‑36014 | 2023‑11‑10 00:15:09 | HIGH (7) | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 2 | 6 | LOCAL |
CVE‑2023‑36008 | 2023‑11‑16 20:15:28 | MEDIUM (7) | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 2 | 5 | LOCAL |
CVE‑2023‑35618 | 2023‑12‑07 21:15:07 | CRITICAL (10) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 3 | 6 | NETWORK |
CVE‑2023‑35392 | 2023‑07‑21 18:15:10 | MEDIUM (5) | Microsoft Edge (Chromium-based) Spoofing Vulnerability | 3 | 1 | NETWORK |
CVE‑2023‑33145 | 2023‑06‑14 00:15:13 | MEDIUM (7) | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | 3 | 4 | NETWORK |
CVE‑2023‑33143 | 2023‑06‑03 01:15:37 | HIGH (8) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2 | 5 | NETWORK |
CVE‑2023‑29354 | 2023‑05‑05 23:15:09 | MEDIUM (5) | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | 3 | 1 | NETWORK |
CVE‑2023‑29350 | 2023‑05‑05 23:15:09 | HIGH (8) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2 | 6 | NETWORK |
CVE‑2023‑29345 | 2023‑06‑07 18:15:10 | MEDIUM (6) | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | 3 | 3 | NETWORK |
CVE‑2023‑29334 | 2023‑04‑28 18:15:26 | MEDIUM (4) | Microsoft Edge (Chromium-based) Spoofing Vulnerability | 3 | 1 | NETWORK |
CVE‑2023‑28301 | 2023‑04‑11 21:15:28 | LOW (4) | Microsoft Edge (Chromium-based) Tampering Vulnerability | 2 | 1 | NETWORK |
CVE‑2023‑28286 | 2023‑04‑27 19:15:20 | MEDIUM (6) | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | 3 | 3 | NETWORK |
CVE‑2023‑28284 | 2023‑04‑11 21:15:27 | MEDIUM (4) | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | 3 | 1 | NETWORK |
CVE‑2023‑28261 | 2023‑04‑27 19:15:20 | MEDIUM (6) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 1 | 4 | LOCAL |
CVE‑2023‑24935 | 2023‑04‑11 21:15:21 | MEDIUM (6) | Microsoft Edge (Chromium-based) Spoofing Vulnerability | 3 | 3 | NETWORK |
CVE‑2023‑24892 | 2023‑03‑14 17:15:18 | HIGH (8) | Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability | 3 | 5 | NETWORK |
CVE‑2023‑23374 | 2023‑02‑14 20:15:17 | HIGH (8) | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 2 | 6 | NETWORK |
CVE‑2023‑21796 | 2023‑01‑24 00:15:11 | HIGH (8) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2 | 6 | NETWORK |
CVE‑2023‑21795 | 2023‑01‑24 00:15:11 | HIGH (8) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2 | 6 | NETWORK |
CVE‑2023‑21794 | 2023‑02‑14 20:15:15 | MEDIUM (4) | Microsoft Edge (Chromium-based) Spoofing Vulnerability | 3 | 1 | NETWORK |
CVE‑2023‑21775 | 2023‑01‑24 00:15:11 | HIGH (8) | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 2 | 6 | NETWORK |
CVE‑2023‑21720 | 2023‑02‑14 20:15:15 | MEDIUM (5) | Microsoft Edge (Chromium-based) Tampering Vulnerability | 2 | 4 | NETWORK |
CVE‑2023‑21719 | 2023‑01‑24 00:15:10 | MEDIUM (7) | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | 3 | 4 | NETWORK |
CVE‑2022‑44708 | 2022‑12‑13 19:15:15 | HIGH (8) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2 | 6 | NETWORK |
CVE‑2022‑44688 | 2022‑12‑13 19:15:14 | MEDIUM (4) | Microsoft Edge (Chromium-based) Spoofing Vulnerability | 3 | 1 | NETWORK |
CVE‑2022‑4135 | 2022‑11‑25 01:15:10 | CRITICAL (10) | Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | 3 | 6 | NETWORK |
CVE‑2022‑41115 | 2022‑12‑13 19:15:12 | MEDIUM (7) | Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability | 1 | 6 | NETWORK |
CVE‑2022‑41035 | 2022‑10‑11 19:15:21 | MEDIUM (5) | Microsoft Edge (Chromium-based) Spoofing Vulnerability | 2 | 4 | NETWORK |
CVE‑2022‑38012 | 2022‑09‑13 19:15:13 | HIGH (8) | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 1 | 6 | LOCAL |
CVE‑2022‑35796 | 2022‑08‑09 20:15:14 | HIGH (8) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2 | 6 | NETWORK |
CVE‑2022‑33680 | 2022‑07‑07 20:15:08 | HIGH (8) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2 | 6 | NETWORK |
CVE‑2022‑33649 | 2022‑08‑09 20:15:10 | CRITICAL (10) | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | 3 | 6 | NETWORK |
CVE‑2022‑33639 | 2022‑06‑29 17:15:08 | HIGH (8) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2 | 6 | NETWORK |
CVE‑2022‑33638 | 2022‑06‑29 17:15:08 | HIGH (8) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2 | 6 | NETWORK |
CVE‑2022‑33636 | 2022‑08‑09 20:15:10 | HIGH (8) | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 2 | 6 | NETWORK |
CVE‑2022‑30192 | 2022‑06‑29 17:15:08 | HIGH (8) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2 | 6 | NETWORK |
CVE‑2022‑30128 | 2022‑06‑01 20:15:08 | HIGH (8) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2 | 6 | NETWORK |
CVE‑2022‑30127 | 2022‑06‑01 20:15:08 | HIGH (8) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2 | 6 | NETWORK |
CVE‑2022‑29147 | 2023‑06‑29 01:15:50 | LOW (3) | Microsoft Edge (Chromium-based) Spoofing Vulnerability | 2 | 1 | NETWORK |
CVE‑2022‑29146 | 2023‑06‑29 01:15:50 | HIGH (8) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2 | 6 | NETWORK |
CVE‑2022‑29144 | 2023‑06‑29 01:15:50 | HIGH (8) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2 | 6 | NETWORK |
CVE‑2022‑26912 | 2022‑04‑05 20:15:09 | HIGH (8) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2 | 6 | NETWORK |
CVE‑2022‑26909 | 2022‑04‑05 20:15:09 | HIGH (8) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2 | 6 | NETWORK |
CVE‑2022‑26908 | 2022‑04‑05 20:15:09 | HIGH (8) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2 | 6 | NETWORK |
CVE‑2022‑26905 | 2022‑06‑01 20:15:08 | MEDIUM (4) | Microsoft Edge (Chromium-based) Spoofing Vulnerability | 3 | 1 | NETWORK |
CVE‑2022‑26900 | 2022‑04‑05 20:15:09 | HIGH (8) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2 | 6 | NETWORK |
CVE‑2022‑26899 | 2023‑06‑29 02:15:16 | HIGH (9) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 3 | 6 | NETWORK |
CVE‑2022‑26895 | 2022‑04‑05 20:15:09 | HIGH (8) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2 | 6 | NETWORK |
CVE‑2022‑26894 | 2022‑04‑05 20:15:09 | HIGH (8) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2 | 6 | NETWORK |
CVE‑2022‑26891 | 2022‑04‑05 20:15:09 | HIGH (8) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2 | 6 | NETWORK |
CVE‑2022‑24523 | 2022‑04‑05 20:15:09 | MEDIUM (4) | Microsoft Edge (Chromium-based) Spoofing Vulnerability | 3 | 1 | NETWORK |
CVE‑2022‑24475 | 2022‑04‑05 20:15:09 | HIGH (8) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2 | 6 | NETWORK |
CVE‑2022‑23264 | 2023‑06‑29 05:15:13 | MEDIUM (5) | Microsoft Edge (Chromium-based) Spoofing Vulnerability | 3 | 1 | NETWORK |
CVE‑2022‑23263 | 2022‑02‑07 17:15:13 | HIGH (8) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 1 | 6 | LOCAL |
CVE‑2022‑23262 | 2022‑02‑07 17:15:13 | MEDIUM (6) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 3 | 3 | NETWORK |
CVE‑2022‑23261 | 2022‑02‑07 17:15:13 | MEDIUM (5) | Microsoft Edge (Chromium-based) Tampering Vulnerability | 4 | 1 | NETWORK |
CVE‑2022‑23258 | 2022‑01‑25 22:15:08 | MEDIUM (4) | Microsoft Edge for Android Spoofing Vulnerability | 3 | 1 | NETWORK |
CVE‑2022‑22021 | 2022‑06‑15 22:15:13 | HIGH (8) | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 2 | 6 | NETWORK |
CVE‑2022‑21970 | 2022‑01‑11 21:15:15 | MEDIUM (6) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 1 | 5 | LOCAL |
CVE‑2022‑21954 | 2022‑01‑11 21:15:14 | MEDIUM (6) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 3 | 3 | NETWORK |
CVE‑2022‑21931 | 2022‑01‑11 21:15:14 | MEDIUM (4) | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 2 | 3 | NETWORK |
CVE‑2022‑21930 | 2022‑01‑11 21:15:14 | MEDIUM (4) | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 2 | 3 | NETWORK |
CVE‑2022‑21929 | 2022‑01‑11 21:15:14 | LOW (3) | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 1 | 1 | LOCAL |
CVE‑2021‑43221 | 2021‑11‑24 01:15:09 | MEDIUM (4) | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 2 | 3 | NETWORK |
CVE‑2021‑42308 | 2021‑11‑24 01:15:08 | LOW (3) | Microsoft Edge (Chromium-based) Spoofing Vulnerability | 2 | 1 | NETWORK |
CVE‑2021‑42307 | 2023‑07‑01 00:15:10 | MEDIUM (4) | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | 3 | 1 | NETWORK |
CVE‑2021‑41351 | 2021‑11‑10 01:19:29 | MEDIUM (4) | Microsoft Edge (Chrome based) Spoofing on IE Mode | 3 | 1 | NETWORK |
CVE‑2021‑38669 | 2021‑09‑15 12:15:16 | MEDIUM (6) | Microsoft Edge (Chromium-based) Tampering Vulnerability | 3 | 3 | NETWORK |
CVE‑2021‑38642 | 2021‑09‑02 23:15:07 | MEDIUM (6) | Microsoft Edge for iOS Spoofing Vulnerability | 3 | 3 | NETWORK |
CVE‑2021‑38641 | 2021‑09‑02 23:15:07 | MEDIUM (6) | Microsoft Edge for Android Spoofing Vulnerability | 3 | 3 | NETWORK |
CVE‑2021‑36931 | 2021‑08‑26 18:15:09 | MEDIUM (4) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2 | 3 | LOCAL |
CVE‑2021‑36930 | 2021‑09‑02 23:15:07 | MEDIUM (5) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2 | 3 | LOCAL |
CVE‑2021‑36929 | 2021‑08‑26 18:15:09 | MEDIUM (6) | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | 2 | 4 | LOCAL |
CVE‑2021‑36928 | 2021‑08‑26 18:15:09 | MEDIUM (6) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 1 | 5 | LOCAL |
CVE‑2021‑34506 | 2023‑07‑01 00:15:10 | MEDIUM (6) | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | 3 | 3 | NETWORK |
CVE‑2021‑34475 | 2023‑07‑01 00:15:10 | MEDIUM (5) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 3 | 3 | NETWORK |
CVE‑2021‑33741 | 2021‑06‑08 23:15:10 | HIGH (8) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 3 | 5 | NETWORK |
CVE‑2021‑31982 | 2023‑07‑01 00:15:10 | HIGH (9) | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | 3 | 6 | NETWORK |
CVE‑2021‑31937 | 2023‑06‑28 18:15:12 | HIGH (8) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 3 | 5 | NETWORK |
CVE‑2021‑26439 | 2021‑09‑02 23:15:07 | MEDIUM (5) | Microsoft Edge for Android Information Disclosure Vulnerability | 1 | 4 | PHYSICAL |
CVE‑2021‑26436 | 2021‑09‑02 23:15:07 | MEDIUM (6) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 3 | 3 | NETWORK |
CVE‑2021‑24113 | 2021‑02‑25 23:15:17 | MEDIUM (5) | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | 3 | 3 | NETWORK |
CVE‑2021‑24100 | 2021‑02‑25 23:15:16 | MEDIUM (5) | Microsoft Edge for Android Information Disclosure Vulnerability | 1 | 4 | LOCAL |
CVE‑2021‑21157 | 2021‑02‑22 22:15:13 | HIGH (9) | Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 3 | 6 | NETWORK |
CVE‑2021‑21141 | 2021‑02‑09 14:15:17 | MEDIUM (7) | Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass file extension policy via a crafted HTML page. | 3 | 4 | NETWORK |
CVE‑2021‑21140 | 2021‑02‑09 14:15:17 | MEDIUM (7) | Uninitialized use in USB in Google Chrome prior to 88.0.4324.96 allowed a local attacker to potentially perform out of bounds memory access via via a USB device. | 1 | 6 | PHYSICAL |
CVE‑2021‑21139 | 2021‑02‑09 14:15:17 | MEDIUM (7) | Inappropriate implementation in iframe sandbox in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | 3 | 4 | NETWORK |
CVE‑2021‑21137 | 2021‑02‑09 14:15:17 | MEDIUM (7) | Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page. | 3 | 4 | NETWORK |
CVE‑2021‑21136 | 2021‑02‑09 14:15:17 | MEDIUM (7) | Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 3 | 4 | NETWORK |
CVE‑2021‑21135 | 2021‑02‑09 14:15:17 | MEDIUM (7) | Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 3 | 4 | NETWORK |
CVE‑2021‑21134 | 2021‑02‑09 14:15:17 | MEDIUM (7) | Incorrect security UI in Page Info in Google Chrome on iOS prior to 88.0.4324.96 allowed a remote attacker to spoof security UI via a crafted HTML page. | 3 | 4 | NETWORK |
CVE‑2021‑21133 | 2021‑02‑09 14:15:16 | MEDIUM (7) | Insufficient policy enforcement in Downloads in Google Chrome prior to 88.0.4324.96 allowed an attacker who convinced a user to download files to bypass navigation restrictions via a crafted HTML page. | 3 | 4 | NETWORK |
CVE‑2021‑21132 | 2021‑02‑09 14:15:16 | CRITICAL (10) | Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension. | 3 | 6 | NETWORK |
CVE‑2021‑21131 | 2021‑02‑09 14:15:16 | MEDIUM (7) | Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. | 3 | 4 | NETWORK |
CVE‑2021‑21130 | 2021‑02‑09 14:15:16 | MEDIUM (7) | Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. | 3 | 4 | NETWORK |
CVE‑2021‑21129 | 2021‑02‑09 14:15:16 | MEDIUM (7) | Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. | 3 | 4 | NETWORK |
CVE‑2021‑21128 | 2021‑02‑09 14:15:16 | HIGH (9) | Heap buffer overflow in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 3 | 6 | NETWORK |
CVE‑2021‑21127 | 2021‑02‑09 14:15:16 | HIGH (9) | Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass content security policy via a crafted Chrome Extension. | 3 | 6 | NETWORK |
CVE‑2021‑21126 | 2021‑02‑09 14:15:16 | MEDIUM (7) | Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension. | 3 | 4 | NETWORK |
CVE‑2021‑21125 | 2021‑02‑09 14:15:16 | HIGH (8) | Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. | 3 | 5 | NETWORK |
CVE‑2021‑21124 | 2021‑02‑09 14:15:16 | CRITICAL (10) | Potential user after free in Speech Recognizer in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | 3 | 6 | NETWORK |
CVE‑2021‑21123 | 2021‑02‑09 14:15:16 | MEDIUM (7) | Insufficient data validation in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. | 3 | 4 | NETWORK |
CVE‑2021‑21122 | 2021‑02‑09 14:15:16 | HIGH (9) | Use after free in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 3 | 6 | NETWORK |
CVE‑2021‑21121 | 2021‑02‑09 14:15:16 | CRITICAL (10) | Use after free in Omnibox in Google Chrome on Linux prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | 3 | 6 | NETWORK |
CVE‑2021‑21120 | 2021‑02‑09 14:15:16 | HIGH (9) | Use after free in WebSQL in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 3 | 6 | NETWORK |
CVE‑2021‑21119 | 2021‑02‑09 14:15:16 | HIGH (9) | Use after free in Media in Google Chrome prior to 88.0.4324.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | 3 | 6 | NETWORK |
CVE‑2021‑21118 | 2021‑02‑09 14:15:16 | HIGH (9) | Insufficient data validation in V8 in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | 3 | 6 | NETWORK |
CVE‑2021‑1705 | 2021‑01‑12 20:15:34 | MEDIUM (4) | Microsoft Edge (HTML-based) Memory Corruption Vulnerability | 2 | 3 | NETWORK |
CVE‑2020‑17153 | 2020‑12‑10 00:15:16 | MEDIUM (4) | Microsoft Edge for Android Spoofing Vulnerability | 3 | 1 | NETWORK |
CVE‑2020‑17058 | 2020‑11‑11 07:15:17 | HIGH (8) | Microsoft Browser Memory Corruption Vulnerability | 2 | 6 | NETWORK |
CVE‑2020‑16009 | 2020‑11‑03 03:15:16 | HIGH (9) | Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 3 | 6 | NETWORK |
CVE‑2020‑1569 | 2020‑08‑17 19:15:21 | HIGH (8) | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge, and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements by adding specially crafted content that could exploit the vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by way of enticement in an email or Instant Messenger message, or by getting them to open an attachment sent through email. The security update addresses the vulnerability by modifying how Microsoft Edge handles objects in memory. | 2 | 6 | LOCAL |
CVE‑2020‑1568 | 2020‑08‑17 19:15:21 | HIGH (8) | A remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit the vulnerability, in a web-based attack scenario, an attacker could host a website that contains malicious PDF content. In addition, compromised websites and websites that accept or host user-provided content could contain specially crafted PDF content that could exploit the vulnerability. However, in all cases an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action. For example, an attacker could trick a user into clicking a link that takes the user to the attacker's site. The security update addresses the vulnerability by modifying how Microsoft Edge PDF Reader handles objects in memory. | 2 | 6 | NETWORK |
CVE‑2020‑1555 | 2020‑08‑17 19:15:20 | HIGH (9) | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory. | 3 | 6 | NETWORK |
CVE‑2020‑1462 | 2020‑07‑14 23:15:21 | MEDIUM (4) | An information disclosure vulnerability exists when Skype for Business is accessed via Microsoft Edge (EdgeHTML-based), aka 'Skype for Business via Microsoft Edge (EdgeHTML-based) Information Disclosure Vulnerability'. | 3 | 1 | NETWORK |
CVE‑2020‑1433 | 2020‑07‑14 23:15:19 | MEDIUM (7) | An information disclosure vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka 'Microsoft Edge PDF Information Disclosure Vulnerability'. | 3 | 4 | NETWORK |
CVE‑2020‑1242 | 2020‑06‑09 20:15:16 | MEDIUM (5) | An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests, aka 'Microsoft Edge Information Disclosure Vulnerability'. | 2 | 4 | NETWORK |
CVE‑2020‑1219 | 2020‑06‑09 20:15:15 | HIGH (8) | A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'. | 2 | 6 | NETWORK |
CVE‑2020‑1195 | 2020‑05‑21 23:15:19 | MEDIUM (6) | An elevation of privilege vulnerability exists in Microsoft Edge (Chromium-based) when the Feedback extension improperly validates input, aka 'Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability'. | 2 | 4 | NETWORK |
CVE‑2020‑1096 | 2020‑05‑21 23:15:14 | HIGH (8) | A remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka 'Microsoft Edge PDF Remote Code Execution Vulnerability'. | 2 | 6 | NETWORK |
CVE‑2020‑1059 | 2020‑05‑21 23:15:12 | MEDIUM (4) | A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka 'Microsoft Edge Spoofing Vulnerability'. | 3 | 1 | NETWORK |
CVE‑2020‑1056 | 2020‑05‑21 23:15:12 | HIGH (8) | An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability, aka 'Microsoft Edge Elevation of Privilege Vulnerability'. | 3 | 5 | NETWORK |
CVE‑2020‑1037 | 2020‑05‑21 23:15:12 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. | 2 | 6 | NETWORK |
CVE‑2020‑0969 | 2020‑04‑15 15:15:18 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. | 2 | 6 | NETWORK |
CVE‑2020‑0878 | 2020‑09‑11 17:15:14 | MEDIUM (4) | <p>A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, the attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p> <p>An attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft browsers, and then convince a user to view the website. The attacker could also take advantage of compromised websites, or websites that accept or host user-provided content or advertisements, by adding specially crafted content that could exploit the vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically via an enticement in email or instant message, or by getting them to open an email attachment.</p> <p>The security update addresses the vulnerability by modifying how Microsoft browsers handle objects in memory.</p> | 2 | 3 | NETWORK |
CVE‑2020‑0830 | 2020‑03‑12 16:15:18 | HIGH (8) | A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848. | 2 | 6 | NETWORK |
CVE‑2020‑0816 | 2020‑03‑12 16:15:17 | HIGH (9) | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'. | 3 | 6 | NETWORK |
CVE‑2020‑0812 | 2020‑03‑12 16:15:17 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based)L, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0811. | 2 | 6 | NETWORK |
CVE‑2020‑0811 | 2020‑03‑12 16:15:17 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based)L, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0812. | 2 | 6 | NETWORK |
CVE‑2020‑0768 | 2020‑03‑12 16:15:14 | HIGH (8) | A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848. | 2 | 6 | NETWORK |
CVE‑2020‑0706 | 2020‑02‑11 22:15:17 | MEDIUM (4) | An information disclosure vulnerability exists in the way that affected Microsoft browsers handle cross-origin requests, aka 'Microsoft Browser Information Disclosure Vulnerability'. | 3 | 1 | NETWORK |
CVE‑2020‑0663 | 2020‑02‑11 22:15:14 | MEDIUM (4) | An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability, aka 'Microsoft Edge Elevation of Privilege Vulnerability'. | 2 | 3 | NETWORK |
CVE‑2019‑1428 | 2019‑11‑12 19:15:15 | HIGH (8) | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1427, CVE-2019-1429. | 2 | 6 | NETWORK |
CVE‑2019‑1427 | 2019‑11‑12 19:15:15 | HIGH (8) | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1428, CVE-2019-1429. | 2 | 6 | NETWORK |
CVE‑2019‑1426 | 2019‑11‑12 19:15:15 | HIGH (8) | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1427, CVE-2019-1428, CVE-2019-1429. | 2 | 6 | NETWORK |
CVE‑2019‑1413 | 2019‑11‑12 19:15:14 | MEDIUM (4) | A security feature bypass vulnerability exists when Microsoft Edge improperly handles extension requests and fails to request host permission for all_urls, aka 'Microsoft Edge Security Feature Bypass Vulnerability'. | 3 | 1 | NETWORK |
CVE‑2019‑1366 | 2019‑10‑10 14:15:18 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1307, CVE-2019-1308, CVE-2019-1335. | 2 | 6 | NETWORK |
CVE‑2019‑1357 | 2019‑10‑10 14:15:18 | MEDIUM (4) | A spoofing vulnerability exists when Microsoft Browsers improperly handle browser cookies, aka 'Microsoft Browser Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-0608. | 3 | 1 | NETWORK |
CVE‑2019‑1356 | 2019‑10‑10 14:15:18 | MEDIUM (7) | An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory, aka 'Microsoft Edge based on Edge HTML Information Disclosure Vulnerability'. | 3 | 4 | NETWORK |
CVE‑2019‑1335 | 2019‑10‑10 14:15:17 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1307, CVE-2019-1308, CVE-2019-1366. | 2 | 6 | NETWORK |
CVE‑2019‑1308 | 2019‑10‑10 14:15:15 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1307, CVE-2019-1335, CVE-2019-1366. | 2 | 6 | NETWORK |
CVE‑2019‑1307 | 2019‑10‑10 14:15:15 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1308, CVE-2019-1335, CVE-2019-1366. | 2 | 6 | NETWORK |
CVE‑2019‑1300 | 2019‑09‑11 22:15:19 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1138, CVE-2019-1217, CVE-2019-1237, CVE-2019-1298. | 2 | 6 | NETWORK |
CVE‑2019‑1299 | 2019‑09‑11 22:15:19 | MEDIUM (7) | An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory, aka 'Microsoft Edge based on Edge HTML Information Disclosure Vulnerability'. | 3 | 4 | NETWORK |
CVE‑2019‑1298 | 2019‑09‑11 22:15:19 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1138, CVE-2019-1217, CVE-2019-1237, CVE-2019-1300. | 2 | 6 | NETWORK |
CVE‑2019‑1237 | 2019‑09‑11 22:15:15 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1138, CVE-2019-1217, CVE-2019-1298, CVE-2019-1300. | 2 | 6 | NETWORK |
CVE‑2019‑1220 | 2019‑09‑11 22:15:15 | MEDIUM (4) | A security feature bypass vulnerability exists when Microsoft Browsers fail to validate the correct Security Zone of requests for specific URLs, aka 'Microsoft Browser Security Feature Bypass Vulnerability'. | 3 | 1 | NETWORK |
CVE‑2019‑1217 | 2019‑09‑11 22:15:15 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1138, CVE-2019-1237, CVE-2019-1298, CVE-2019-1300. | 2 | 6 | NETWORK |
CVE‑2019‑1197 | 2019‑08‑14 21:15:18 | MEDIUM (4) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory. | 2 | 3 | NETWORK |
CVE‑2019‑1196 | 2019‑08‑14 21:15:18 | MEDIUM (4) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory. | 2 | 3 | NETWORK |
CVE‑2019‑1195 | 2019‑08‑14 21:15:18 | MEDIUM (4) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory. | 2 | 3 | NETWORK |
CVE‑2019‑1193 | 2019‑08‑14 21:15:17 | MEDIUM (6) | A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, the attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft browsers, and then convince a user to view the website. The attacker could also take advantage of compromised websites, or websites that accept or host user-provided content or advertisements, by adding specially crafted content that could exploit the vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically via an enticement in email or instant message, or by getting them to open an email attachment. The security update addresses the vulnerability by modifying how Microsoft browsers handle objects in memory. | 1 | 6 | NETWORK |
CVE‑2019‑1192 | 2019‑08‑14 21:15:17 | MEDIUM (4) | A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of different origins. The vulnerability allows Microsoft browsers to bypass Same-Origin Policy (SOP) restrictions, and to allow requests that should otherwise be ignored. An attacker who successfully exploited the vulnerability could force the browser to send data that would otherwise be restricted. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft browsers and then convince a user to view the website. The attacker could also take advantage of compromised websites, and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how affected Microsoft browsers handle different-origin requests. | 3 | 1 | NETWORK |
CVE‑2019‑1141 | 2019‑08‑14 21:15:14 | MEDIUM (4) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory. | 2 | 3 | NETWORK |
CVE‑2019‑1140 | 2019‑08‑14 21:15:14 | HIGH (9) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory. | 3 | 6 | NETWORK |
CVE‑2019‑1139 | 2019‑08‑14 21:15:14 | MEDIUM (4) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory. | 2 | 3 | NETWORK |
CVE‑2019‑1138 | 2019‑09‑11 22:15:14 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1217, CVE-2019-1237, CVE-2019-1298, CVE-2019-1300. | 2 | 6 | NETWORK |
CVE‑2019‑1131 | 2019‑08‑14 21:15:14 | MEDIUM (4) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory. | 2 | 3 | NETWORK |
CVE‑2019‑1107 | 2019‑07‑15 19:15:20 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1103, CVE-2019-1106. | 0 | 0 | NETWORK |
CVE‑2019‑1106 | 2019‑07‑15 19:15:20 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1103, CVE-2019-1107. | 0 | 0 | NETWORK |
CVE‑2019‑1104 | 2019‑07‑15 19:15:19 | HIGH (8) | A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'. | 0 | 0 | NETWORK |
CVE‑2019‑1103 | 2019‑07‑15 19:15:19 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1106, CVE-2019-1107. | 0 | 0 | NETWORK |
CVE‑2019‑1092 | 2019‑07‑15 19:15:19 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1062, CVE-2019-1103, CVE-2019-1106, CVE-2019-1107. | 0 | 0 | NETWORK |
CVE‑2019‑1081 | 2019‑06‑12 14:29:04 | MEDIUM (4) | An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory, aka 'Microsoft Browser Information Disclosure Vulnerability'. | 0 | 0 | NETWORK |
CVE‑2019‑1062 | 2019‑07‑15 19:15:17 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1092, CVE-2019-1103, CVE-2019-1106, CVE-2019-1107. | 0 | 0 | NETWORK |
CVE‑2019‑1052 | 2019‑06‑12 14:29:04 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051. | 0 | 0 | NETWORK |
CVE‑2019‑1051 | 2019‑06‑12 14:29:04 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1052. | 0 | 0 | NETWORK |
CVE‑2019‑1038 | 2019‑06‑12 14:29:04 | HIGH (8) | A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'. | 0 | 0 | NETWORK |
CVE‑2019‑1030 | 2019‑08‑14 21:15:14 | MEDIUM (4) | An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, in a web-based attack scenario, an attacker could host a website in an attempt to exploit the vulnerability. In addition, compromised websites and websites that accept or host user-provided content could contain specially crafted content that could exploit the vulnerability. However, in all cases an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action. For example, an attacker could trick a user into clicking a link that takes the user to the attacker's site. The update addresses the vulnerability by modifying how Microsoft Edge based on Edge HTML handles objects in memory. | 3 | 1 | NETWORK |
CVE‑2019‑1024 | 2019‑06‑12 14:29:03 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1051, CVE-2019-1052. | 0 | 0 | NETWORK |
CVE‑2019‑1023 | 2019‑06‑12 14:29:03 | MEDIUM (4) | An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0990. | 0 | 0 | NETWORK |
CVE‑2019‑1003 | 2019‑06‑12 14:29:03 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052. | 0 | 0 | NETWORK |
CVE‑2019‑1002 | 2019‑06‑12 14:29:02 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052. | 0 | 0 | NETWORK |
CVE‑2019‑1001 | 2019‑07‑15 19:15:16 | HIGH (8) | A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1004, CVE-2019-1056, CVE-2019-1059. | 0 | 0 | NETWORK |
CVE‑2019‑0993 | 2019‑06‑12 14:29:02 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052. | 0 | 0 | NETWORK |
CVE‑2019‑0992 | 2019‑06‑12 14:29:02 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052. | 0 | 0 | NETWORK |
CVE‑2019‑0991 | 2019‑06‑12 14:29:02 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052. | 0 | 0 | NETWORK |
CVE‑2019‑0990 | 2019‑06‑12 14:29:02 | MEDIUM (4) | An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1023. | 0 | 0 | NETWORK |
CVE‑2019‑0989 | 2019‑06‑12 14:29:02 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052. | 0 | 0 | NETWORK |
CVE‑2019‑0940 | 2019‑05‑16 19:29:04 | HIGH (8) | A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'. | 0 | 0 | NETWORK |
CVE‑2019‑0938 | 2019‑05‑16 19:29:04 | MEDIUM (7) | An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka 'Microsoft Edge Elevation of Privilege Vulnerability'. | 0 | 0 | NETWORK |
CVE‑2019‑0937 | 2019‑05‑16 19:29:04 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933. | 0 | 0 | NETWORK |
CVE‑2019‑0933 | 2019‑05‑16 19:29:04 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0937. | 0 | 0 | NETWORK |
CVE‑2019‑0927 | 2019‑05‑16 19:29:03 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0933, CVE-2019-0937. | 0 | 0 | NETWORK |
CVE‑2019‑0926 | 2019‑05‑16 19:29:03 | HIGH (8) | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'. | 0 | 0 | NETWORK |
CVE‑2019‑0925 | 2019‑05‑16 19:29:03 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937. | 0 | 0 | NETWORK |
CVE‑2019‑0924 | 2019‑05‑16 19:29:03 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937. | 0 | 0 | NETWORK |
CVE‑2019‑0923 | 2019‑05‑16 19:29:03 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937. | 0 | 0 | NETWORK |
CVE‑2019‑0922 | 2019‑05‑16 19:29:03 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937. | 0 | 0 | NETWORK |
CVE‑2019‑0917 | 2019‑05‑16 19:29:03 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937. | 0 | 0 | NETWORK |
CVE‑2019‑0916 | 2019‑05‑16 19:29:03 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937. | 0 | 0 | NETWORK |
CVE‑2019‑0915 | 2019‑05‑16 19:29:03 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937. | 0 | 0 | NETWORK |
CVE‑2019‑0914 | 2019‑05‑16 19:29:03 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937. | 0 | 0 | NETWORK |
CVE‑2019‑0913 | 2019‑05‑16 19:29:02 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937. | 0 | 0 | NETWORK |
CVE‑2019‑0912 | 2019‑05‑16 19:29:02 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937. | 0 | 0 | NETWORK |
CVE‑2019‑0911 | 2019‑05‑16 19:29:02 | HIGH (8) | A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0884, CVE-2019-0918. | 0 | 0 | NETWORK |
CVE‑2019‑0884 | 2019‑05‑16 19:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0911, CVE-2019-0918. | 2 | 6 | NETWORK |
CVE‑2019‑0861 | 2019‑04‑09 21:29:03 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860. | 0 | 0 | NETWORK |
CVE‑2019‑0860 | 2019‑04‑09 21:29:03 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0812, CVE-2019-0829, CVE-2019-0861. | 0 | 0 | NETWORK |
CVE‑2019‑0833 | 2019‑04‑09 21:29:02 | MEDIUM (4) | An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka 'Microsoft Edge Information Disclosure Vulnerability'. | 0 | 0 | NETWORK |
CVE‑2019‑0829 | 2019‑04‑09 21:29:02 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0812, CVE-2019-0860, CVE-2019-0861. | 0 | 0 | NETWORK |
CVE‑2019‑0812 | 2019‑04‑09 21:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861. | 0 | 0 | NETWORK |
CVE‑2019‑0810 | 2019‑04‑09 21:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861. | 2 | 6 | NETWORK |
CVE‑2019‑0806 | 2019‑04‑09 21:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0810, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861. | 0 | 0 | NETWORK |
CVE‑2019‑0780 | 2019‑04‑09 03:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'. | 0 | 0 | NETWORK |
CVE‑2019‑0779 | 2019‑04‑09 03:29:01 | HIGH (8) | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'. | 0 | 0 | NETWORK |
CVE‑2019‑0773 | 2019‑04‑09 03:29:00 | HIGH (8) | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0783. | 0 | 0 | NETWORK |
CVE‑2019‑0771 | 2019‑04‑09 03:29:00 | HIGH (8) | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0773, CVE-2019-0783. | 0 | 0 | NETWORK |
CVE‑2019‑0770 | 2019‑04‑09 03:29:00 | HIGH (8) | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783. | 0 | 0 | NETWORK |
CVE‑2019‑0769 | 2019‑04‑09 02:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783. | 0 | 0 | NETWORK |
CVE‑2019‑0764 | 2019‑04‑09 21:29:01 | MEDIUM (4) | A tampering vulnerability exists when Microsoft browsers do not properly validate input under specific conditions, aka 'Microsoft Browsers Tampering Vulnerability'. | 0 | 0 | NETWORK |
CVE‑2019‑0762 | 2019‑04‑09 02:29:01 | MEDIUM (4) | A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of different origins, aka 'Microsoft Browsers Security Feature Bypass Vulnerability'. | 0 | 0 | NETWORK |
CVE‑2019‑0746 | 2019‑04‑09 00:29:01 | MEDIUM (4) | An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'. | 0 | 0 | NETWORK |
CVE‑2019‑0739 | 2019‑04‑09 21:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0752, CVE-2019-0753, CVE-2019-0862. | 0 | 0 | NETWORK |
CVE‑2019‑0678 | 2019‑04‑09 00:29:00 | MEDIUM (4) | An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability, aka 'Microsoft Edge Elevation of Privilege Vulnerability'. | 0 | 0 | NETWORK |
CVE‑2019‑0658 | 2019‑03‑05 23:29:02 | MEDIUM (4) | An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0648. | 0 | 0 | NETWORK |
CVE‑2019‑0655 | 2019‑03‑05 23:29:02 | HIGH (8) | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652. | 0 | 0 | NETWORK |
CVE‑2019‑0654 | 2019‑03‑05 23:29:02 | MEDIUM (4) | A spoofing vulnerability exists when Microsoft browsers improperly handles specific redirects, aka 'Microsoft Browser Spoofing Vulnerability'. | 0 | 0 | NETWORK |
CVE‑2019‑0652 | 2019‑03‑05 23:29:02 | HIGH (8) | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0655. | 0 | 0 | NETWORK |
CVE‑2019‑0651 | 2019‑03‑05 23:29:02 | HIGH (8) | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0652, CVE-2019-0655. | 0 | 0 | NETWORK |
CVE‑2019‑0650 | 2019‑03‑05 23:29:02 | HIGH (8) | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0634, CVE-2019-0645. | 0 | 0 | NETWORK |
CVE‑2019‑0649 | 2019‑03‑05 23:29:02 | MEDIUM (7) | A vulnerability exists in Microsoft Chakra JIT server, aka 'Scripting Engine Elevation of Privileged Vulnerability'. | 0 | 0 | NETWORK |
CVE‑2019‑0645 | 2019‑03‑05 23:29:02 | HIGH (8) | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0634, CVE-2019-0650. | 0 | 0 | NETWORK |
CVE‑2019‑0644 | 2019‑03‑05 23:29:02 | HIGH (8) | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655. | 0 | 0 | NETWORK |
CVE‑2019‑0643 | 2019‑03‑05 23:29:02 | MEDIUM (4) | An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests, aka 'Microsoft Edge Information Disclosure Vulnerability'. | 0 | 0 | NETWORK |
CVE‑2019‑0642 | 2019‑03‑05 23:29:02 | HIGH (8) | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655. | 0 | 0 | NETWORK |
CVE‑2019‑0641 | 2019‑03‑05 23:29:02 | MEDIUM (4) | A security feature bypass vulnerability exists in Microsoft Edge handles whitelisting, aka 'Microsoft Edge Security Feature Bypass Vulnerability'. | 0 | 0 | NETWORK |
CVE‑2019‑0640 | 2019‑03‑05 23:29:02 | HIGH (8) | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655. | 0 | 0 | NETWORK |
CVE‑2019‑0634 | 2019‑03‑05 23:29:01 | HIGH (8) | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0645, CVE-2019-0650. | 0 | 0 | NETWORK |
CVE‑2019‑0612 | 2019‑04‑08 23:29:00 | LOW (3) | A security feature bypass vulnerability exists when Click2Play protection in Microsoft Edge improperly handles flash objects. By itself, this bypass vulnerability does not allow arbitrary code execution, aka 'Microsoft Edge Security Feature Bypass Vulnerability'. | 0 | 0 | NETWORK |
CVE‑2019‑0611 | 2019‑04‑08 23:29:00 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0592. | 0 | 0 | NETWORK |
CVE‑2019‑0610 | 2019‑03‑05 23:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655. | 0 | 0 | NETWORK |
CVE‑2019‑0609 | 2019‑04‑08 23:29:00 | HIGH (8) | A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783. | 0 | 0 | NETWORK |
CVE‑2019‑0608 | 2019‑10‑10 14:15:14 | MEDIUM (4) | A spoofing vulnerability exists when Microsoft Browsers does not properly parse HTTP content, aka 'Microsoft Browser Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-1357. | 3 | 1 | NETWORK |
CVE‑2019‑0607 | 2019‑03‑05 23:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655. | 0 | 0 | NETWORK |
CVE‑2019‑0605 | 2019‑03‑05 23:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655. | 0 | 0 | NETWORK |
CVE‑2019‑0593 | 2019‑03‑05 23:29:00 | HIGH (8) | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655. | 0 | 0 | NETWORK |
CVE‑2019‑0592 | 2019‑04‑08 23:29:00 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0611. | 0 | 0 | NETWORK |
CVE‑2019‑0591 | 2019‑03‑05 23:29:00 | HIGH (8) | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655. | 0 | 0 | NETWORK |
CVE‑2019‑0590 | 2019‑03‑05 23:29:00 | HIGH (8) | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655. | 0 | 0 | NETWORK |
CVE‑2019‑0568 | 2019‑01‑08 21:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0539, CVE-2019-0567. | 0 | 0 | NETWORK |
CVE‑2019‑0567 | 2019‑01‑08 21:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0539, CVE-2019-0568. | 0 | 0 | NETWORK |
CVE‑2019‑0566 | 2019‑01‑08 21:29:01 | MEDIUM (7) | An elevation of privilege vulnerability exists in Microsoft Edge Browser Broker COM object, aka "Microsoft Edge Elevation of Privilege Vulnerability." This affects Microsoft Edge. | 0 | 0 | NETWORK |
CVE‑2019‑0565 | 2019‑01‑08 21:29:01 | HIGH (8) | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. | 0 | 0 | NETWORK |
CVE‑2019‑0539 | 2019‑01‑08 21:29:00 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0567, CVE-2019-0568. | 0 | 0 | NETWORK |
CVE‑2018‑8629 | 2018‑12‑12 00:29:02 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8617, CVE-2018-8618, CVE-2018-8624. | 0 | 0 | NETWORK |
CVE‑2018‑8624 | 2018‑12‑12 00:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8617, CVE-2018-8618, CVE-2018-8629. | 0 | 0 | NETWORK |
CVE‑2018‑8618 | 2018‑12‑12 00:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8617, CVE-2018-8624, CVE-2018-8629. | 0 | 0 | NETWORK |
CVE‑2018‑8617 | 2018‑12‑12 00:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8618, CVE-2018-8624, CVE-2018-8629. | 0 | 0 | NETWORK |
CVE‑2018‑8588 | 2018‑11‑14 01:29:02 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8551, CVE-2018-8555, CVE-2018-8556, CVE-2018-8557. | 0 | 0 | NETWORK |
CVE‑2018‑8583 | 2018‑12‑12 00:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8617, CVE-2018-8618, CVE-2018-8624, CVE-2018-8629. | 0 | 0 | NETWORK |
CVE‑2018‑8567 | 2018‑11‑14 01:29:02 | MEDIUM (6) | An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain, aka "Microsoft Edge Elevation of Privilege Vulnerability." This affects Microsoft Edge. | 0 | 0 | NETWORK |
CVE‑2018‑8564 | 2018‑11‑14 01:29:01 | MEDIUM (4) | A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge. | 0 | 0 | NETWORK |
CVE‑2018‑8557 | 2018‑11‑14 01:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8551, CVE-2018-8555, CVE-2018-8556, CVE-2018-8588. | 0 | 0 | NETWORK |
CVE‑2018‑8556 | 2018‑11‑14 01:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8551, CVE-2018-8555, CVE-2018-8557, CVE-2018-8588. | 0 | 0 | NETWORK |
CVE‑2018‑8555 | 2018‑11‑14 01:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8551, CVE-2018-8556, CVE-2018-8557, CVE-2018-8588. | 0 | 0 | NETWORK |
CVE‑2018‑8551 | 2018‑11‑14 01:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8555, CVE-2018-8556, CVE-2018-8557, CVE-2018-8588. | 0 | 0 | NETWORK |
CVE‑2018‑8545 | 2018‑11‑14 01:29:01 | MEDIUM (4) | An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. | 0 | 0 | NETWORK |
CVE‑2018‑8543 | 2018‑11‑14 01:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8551, CVE-2018-8555, CVE-2018-8556, CVE-2018-8557, CVE-2018-8588. | 0 | 0 | NETWORK |
CVE‑2018‑8542 | 2018‑11‑14 01:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8543, CVE-2018-8551, CVE-2018-8555, CVE-2018-8556, CVE-2018-8557, CVE-2018-8588. | 0 | 0 | NETWORK |
CVE‑2018‑8541 | 2018‑11‑14 01:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8542, CVE-2018-8543, CVE-2018-8551, CVE-2018-8555, CVE-2018-8556, CVE-2018-8557, CVE-2018-8588. | 0 | 0 | NETWORK |
CVE‑2018‑8530 | 2018‑10‑10 13:29:06 | MEDIUM (4) | A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8512. | 0 | 0 | NETWORK |
CVE‑2018‑8513 | 2018‑10‑10 13:29:06 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8503, CVE-2018-8505, CVE-2018-8510, CVE-2018-8511. | 0 | 0 | NETWORK |
CVE‑2018‑8512 | 2018‑10‑10 13:29:06 | MEDIUM (6) | A security feature bypass vulnerability exists in Microsoft Edge when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8530. | 0 | 0 | NETWORK |
CVE‑2018‑8511 | 2018‑10‑10 13:29:06 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8503, CVE-2018-8505, CVE-2018-8510, CVE-2018-8513. | 0 | 0 | NETWORK |
CVE‑2018‑8510 | 2018‑10‑10 13:29:05 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8503, CVE-2018-8505, CVE-2018-8511, CVE-2018-8513. | 0 | 0 | NETWORK |
CVE‑2018‑8509 | 2018‑10‑10 13:29:05 | HIGH (8) | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8473. | 0 | 0 | NETWORK |
CVE‑2018‑8505 | 2018‑10‑10 13:29:05 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8503, CVE-2018-8510, CVE-2018-8511, CVE-2018-8513. | 0 | 0 | NETWORK |
CVE‑2018‑8503 | 2018‑10‑10 13:29:05 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8505, CVE-2018-8510, CVE-2018-8511, CVE-2018-8513. | 0 | 0 | NETWORK |
CVE‑2018‑8473 | 2018‑10‑10 13:29:03 | HIGH (8) | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8509. | 0 | 0 | NETWORK |
CVE‑2018‑8469 | 2018‑09‑13 00:29:07 | MEDIUM (4) | An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft Edge Elevation of Privilege Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8463. | 0 | 0 | NETWORK |
CVE‑2018‑8467 | 2018‑09‑13 00:29:07 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8367, CVE-2018-8465, CVE-2018-8466. | 0 | 0 | NETWORK |
CVE‑2018‑8466 | 2018‑09‑13 00:29:07 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8367, CVE-2018-8465, CVE-2018-8467. | 0 | 0 | NETWORK |
CVE‑2018‑8465 | 2018‑09‑13 00:29:06 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8367, CVE-2018-8466, CVE-2018-8467. | 0 | 0 | NETWORK |
CVE‑2018‑8464 | 2018‑09‑13 00:29:06 | HIGH (9) | An remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka "Microsoft Edge PDF Remote Code Execution Vulnerability." This affects Microsoft Edge. | 0 | 0 | NETWORK |
CVE‑2018‑8463 | 2018‑09‑13 00:29:06 | MEDIUM (4) | An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft Edge Elevation of Privilege Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8469. | 0 | 0 | NETWORK |
CVE‑2018‑8459 | 2018‑09‑13 00:29:06 | HIGH (8) | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8354, CVE-2018-8391, CVE-2018-8456, CVE-2018-8457. | 0 | 0 | NETWORK |
CVE‑2018‑8457 | 2018‑09‑13 00:29:06 | HIGH (8) | A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-8354, CVE-2018-8391, CVE-2018-8456, CVE-2018-8459. | 0 | 0 | NETWORK |
CVE‑2018‑8456 | 2018‑09‑13 00:29:06 | HIGH (8) | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8354, CVE-2018-8391, CVE-2018-8457, CVE-2018-8459. | 0 | 0 | NETWORK |
CVE‑2018‑8452 | 2018‑09‑13 00:29:05 | MEDIUM (4) | An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers, aka "Scripting Engine Information Disclosure Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. | 0 | 0 | NETWORK |
CVE‑2018‑8425 | 2018‑09‑13 00:29:03 | MEDIUM (4) | A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge. | 0 | 0 | NETWORK |
CVE‑2018‑8403 | 2018‑08‑15 17:29:10 | HIGH (8) | A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability." This affects Internet Explorer 11, Microsoft Edge, Internet Explorer 10. | 0 | 0 | NETWORK |
CVE‑2018‑8390 | 2018‑08‑15 17:29:09 | HIGH (8) | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389. | 0 | 0 | NETWORK |
CVE‑2018‑8388 | 2018‑08‑15 17:29:08 | MEDIUM (4) | A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8383. | 0 | 0 | NETWORK |
CVE‑2018‑8387 | 2018‑08‑15 17:29:08 | HIGH (8) | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8377. | 0 | 0 | NETWORK |
CVE‑2018‑8385 | 2018‑08‑15 17:29:08 | HIGH (8) | A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8389, CVE-2018-8390. | 0 | 0 | NETWORK |
CVE‑2018‑8383 | 2018‑08‑15 17:29:08 | MEDIUM (4) | A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8388. | 0 | 0 | NETWORK |
CVE‑2018‑8381 | 2018‑08‑15 17:29:08 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8266, CVE-2018-8380, CVE-2018-8384. | 0 | 0 | NETWORK |
CVE‑2018‑8380 | 2018‑08‑15 17:29:08 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8266, CVE-2018-8381, CVE-2018-8384. | 0 | 0 | NETWORK |
CVE‑2018‑8377 | 2018‑08‑15 17:29:07 | HIGH (8) | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8387. | 0 | 0 | NETWORK |
CVE‑2018‑8372 | 2018‑08‑15 17:29:07 | HIGH (8) | A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390. | 0 | 0 | NETWORK |
CVE‑2018‑8370 | 2018‑08‑15 17:29:06 | MEDIUM (4) | A information disclosure vulnerability exists when WebAudio Library improperly handles audio requests, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. | 0 | 0 | NETWORK |
CVE‑2018‑8367 | 2018‑09‑13 00:29:02 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8465, CVE-2018-8466, CVE-2018-8467. | 0 | 0 | NETWORK |
CVE‑2018‑8366 | 2018‑09‑13 00:29:01 | LOW (3) | An information disclosure vulnerability exists when the Microsoft Edge Fetch API incorrectly handles a filtered response type, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. | 0 | 0 | NETWORK |
CVE‑2018‑8358 | 2018‑08‑15 17:29:06 | MEDIUM (4) | A security feature bypass vulnerability exists when Microsoft Edge improperly handles redirect requests, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge. | 0 | 0 | NETWORK |
CVE‑2018‑8357 | 2018‑08‑15 17:29:06 | MEDIUM (5) | An elevation of privilege vulnerability exists in Microsoft browsers allowing sandbox escape, aka "Microsoft Browser Elevation of Privilege Vulnerability." This affects Internet Explorer 11, Microsoft Edge. | 0 | 0 | NETWORK |
CVE‑2018‑8355 | 2018‑08‑15 17:29:06 | HIGH (8) | A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8353, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390. | 0 | 0 | NETWORK |
CVE‑2018‑8354 | 2018‑09‑13 00:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8391, CVE-2018-8456, CVE-2018-8457, CVE-2018-8459. | 0 | 0 | NETWORK |
CVE‑2018‑8351 | 2018‑08‑15 17:29:05 | MEDIUM (4) | An information disclosure vulnerability exists when affected Microsoft browsers improperly allow cross-frame interaction, aka "Microsoft Browser Information Disclosure Vulnerability." This affects Internet Explorer 11, Microsoft Edge, Internet Explorer 10. | 0 | 0 | NETWORK |
CVE‑2018‑8325 | 2018‑07‑11 00:29:02 | MEDIUM (4) | An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8289, CVE-2018-8297, CVE-2018-8324. | 0 | 0 | NETWORK |
CVE‑2018‑8324 | 2018‑07‑11 00:29:02 | MEDIUM (4) | An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8289, CVE-2018-8297, CVE-2018-8325. | 0 | 0 | NETWORK |
CVE‑2018‑8315 | 2018‑09‑13 00:29:01 | MEDIUM (4) | An information disclosure vulnerability exists when the browser scripting engine improperly handle object types, aka "Microsoft Scripting Engine Information Disclosure Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. | 0 | 0 | NETWORK |
CVE‑2018‑8301 | 2018‑07‑11 00:29:02 | HIGH (8) | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8125, CVE-2018-8262, CVE-2018-8274, CVE-2018-8275, CVE-2018-8279. | 0 | 0 | NETWORK |
CVE‑2018‑8297 | 2018‑07‑11 00:29:02 | MEDIUM (4) | An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8289, CVE-2018-8324, CVE-2018-8325. | 0 | 0 | NETWORK |
CVE‑2018‑8294 | 2018‑07‑11 00:29:02 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8280, CVE-2018-8286, CVE-2018-8290. | 0 | 0 | NETWORK |
CVE‑2018‑8291 | 2018‑07‑11 00:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8288, CVE-2018-8296, CVE-2018-8298. | 0 | 0 | NETWORK |
CVE‑2018‑8290 | 2018‑07‑11 00:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8280, CVE-2018-8286, CVE-2018-8294. | 0 | 0 | NETWORK |
CVE‑2018‑8289 | 2018‑07‑11 00:29:01 | MEDIUM (4) | An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8297, CVE-2018-8324, CVE-2018-8325. | 0 | 0 | NETWORK |
CVE‑2018‑8288 | 2018‑07‑11 00:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8291, CVE-2018-8296, CVE-2018-8298. | 0 | 0 | NETWORK |
CVE‑2018‑8287 | 2018‑07‑11 00:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8288, CVE-2018-8291, CVE-2018-8296, CVE-2018-8298. | 0 | 0 | NETWORK |
CVE‑2018‑8286 | 2018‑07‑11 00:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8280, CVE-2018-8290, CVE-2018-8294. | 0 | 0 | NETWORK |
CVE‑2018‑8280 | 2018‑07‑11 00:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8286, CVE-2018-8290, CVE-2018-8294. | 0 | 0 | NETWORK |
CVE‑2018‑8279 | 2018‑07‑11 00:29:01 | HIGH (8) | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8125, CVE-2018-8262, CVE-2018-8274, CVE-2018-8275, CVE-2018-8301. | 0 | 0 | NETWORK |
CVE‑2018‑8278 | 2018‑07‑11 00:29:01 | MEDIUM (6) | A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge. | 0 | 0 | NETWORK |
CVE‑2018‑8276 | 2018‑07‑11 00:29:01 | MEDIUM (4) | A security feature bypass vulnerability exists in the Microsoft Chakra scripting engine that allows Control Flow Guard (CFG) to be bypassed, aka "Scripting Engine Security Feature Bypass Vulnerability." This affects Microsoft Edge, ChakraCore. | 0 | 0 | NETWORK |
CVE‑2018‑8275 | 2018‑07‑11 00:29:01 | HIGH (8) | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8125, CVE-2018-8262, CVE-2018-8274, CVE-2018-8279, CVE-2018-8301. | 0 | 0 | NETWORK |
CVE‑2018‑8274 | 2018‑07‑11 00:29:01 | HIGH (8) | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8125, CVE-2018-8262, CVE-2018-8275, CVE-2018-8279, CVE-2018-8301. | 0 | 0 | NETWORK |
CVE‑2018‑8266 | 2018‑08‑15 17:29:03 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8380, CVE-2018-8381, CVE-2018-8384. | 0 | 0 | NETWORK |
CVE‑2018‑8262 | 2018‑07‑11 00:29:01 | HIGH (8) | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8125, CVE-2018-8274, CVE-2018-8275, CVE-2018-8279, CVE-2018-8301. | 0 | 0 | NETWORK |
CVE‑2018‑8236 | 2018‑06‑14 12:29:02 | HIGH (8) | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8110, CVE-2018-8111. | 0 | 0 | NETWORK |
CVE‑2018‑8235 | 2018‑06‑14 12:29:02 | MEDIUM (4) | A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge. | 0 | 0 | NETWORK |
CVE‑2018‑8234 | 2018‑06‑14 12:29:02 | MEDIUM (4) | An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-0871. | 0 | 0 | NETWORK |
CVE‑2018‑8229 | 2018‑06‑14 12:29:02 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8227. | 0 | 0 | NETWORK |
CVE‑2018‑8227 | 2018‑06‑14 12:29:02 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8229. | 0 | 0 | NETWORK |
CVE‑2018‑8179 | 2018‑05‑09 19:29:03 | HIGH (8) | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. | 0 | 0 | NETWORK |
CVE‑2018‑8178 | 2018‑05‑09 19:29:03 | HIGH (8) | A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. | 0 | 0 | NETWORK |
CVE‑2018‑8177 | 2018‑05‑09 19:29:03 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-0943, CVE-2018-8130, CVE-2018-8133, CVE-2018-8145. | 0 | 0 | NETWORK |
CVE‑2018‑8145 | 2018‑05‑09 19:29:02 | HIGH (8) | An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user's computer or data, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-0943, CVE-2018-8130, CVE-2018-8133, CVE-2018-8177. | 0 | 0 | NETWORK |
CVE‑2018‑8139 | 2018‑05‑09 19:29:02 | HIGH (8) | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137. | 0 | 0 | NETWORK |
CVE‑2018‑8137 | 2018‑05‑09 19:29:02 | HIGH (8) | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8139. | 0 | 0 | NETWORK |
CVE‑2018‑8133 | 2018‑05‑09 19:29:02 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0943, CVE-2018-8130, CVE-2018-8145, CVE-2018-8177. | 0 | 0 | NETWORK |
CVE‑2018‑8130 | 2018‑05‑09 19:29:02 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0943, CVE-2018-8133, CVE-2018-8145, CVE-2018-8177. | 0 | 0 | NETWORK |
CVE‑2018‑8128 | 2018‑05‑09 19:29:02 | HIGH (8) | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8137, CVE-2018-8139. | 0 | 0 | NETWORK |
CVE‑2018‑8125 | 2018‑07‑11 00:29:00 | HIGH (8) | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8262, CVE-2018-8274, CVE-2018-8275, CVE-2018-8279, CVE-2018-8301. | 0 | 0 | NETWORK |
CVE‑2018‑8123 | 2018‑05‑09 19:29:01 | MEDIUM (4) | An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-1021. | 0 | 0 | NETWORK |
CVE‑2018‑8112 | 2018‑05‑09 19:29:01 | MEDIUM (4) | A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge. | 0 | 0 | NETWORK |
CVE‑2018‑8111 | 2018‑06‑14 12:29:01 | HIGH (8) | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8110, CVE-2018-8236. | 0 | 0 | NETWORK |
CVE‑2018‑8110 | 2018‑06‑14 12:29:01 | HIGH (8) | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8111, CVE-2018-8236. | 0 | 0 | NETWORK |
CVE‑2018‑1025 | 2018‑05‑09 19:29:01 | MEDIUM (4) | An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory, aka "Microsoft Browser Information Disclosure Vulnerability." This affects Internet Explorer 11, Microsoft Edge. | 0 | 0 | NETWORK |
CVE‑2018‑1023 | 2018‑04‑12 01:29:10 | HIGH (8) | A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. | 0 | 0 | NETWORK |
CVE‑2018‑1022 | 2018‑05‑09 19:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139. | 0 | 0 | NETWORK |
CVE‑2018‑1021 | 2018‑05‑09 19:29:01 | MEDIUM (4) | An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8123. | 0 | 0 | NETWORK |
CVE‑2018‑1019 | 2018‑04‑12 01:29:10 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995. | 0 | 0 | NETWORK |
CVE‑2018‑0998 | 2018‑04‑12 01:29:08 | MEDIUM (4) | An information disclosure vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-0892. | 0 | 0 | NETWORK |
CVE‑2018‑0995 | 2018‑04‑12 01:29:08 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-1019. | 0 | 0 | NETWORK |
CVE‑2018‑0994 | 2018‑04‑12 01:29:08 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0995, CVE-2018-1019. | 0 | 0 | NETWORK |
CVE‑2018‑0993 | 2018‑04‑12 01:29:08 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019. | 0 | 0 | NETWORK |
CVE‑2018‑0990 | 2018‑04‑12 01:29:08 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019. | 0 | 0 | NETWORK |
CVE‑2018‑0980 | 2018‑04‑12 01:29:08 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019. | 0 | 0 | NETWORK |
CVE‑2018‑0979 | 2018‑04‑12 01:29:08 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019. | 0 | 0 | NETWORK |
CVE‑2018‑0954 | 2018‑05‑09 19:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139. | 0 | 0 | NETWORK |
CVE‑2018‑0953 | 2018‑05‑09 19:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139. | 0 | 0 | NETWORK |
CVE‑2018‑0951 | 2018‑05‑09 19:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139. | 0 | 0 | NETWORK |
CVE‑2018‑0946 | 2018‑05‑09 19:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139. | 0 | 0 | NETWORK |
CVE‑2018‑0945 | 2018‑05‑09 19:29:01 | HIGH (8) | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139. | 0 | 0 | NETWORK |
CVE‑2018‑0943 | 2018‑05‑09 19:29:00 | HIGH (8) | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8130, CVE-2018-8133, CVE-2018-8145, CVE-2018-8177. | 0 | 0 | NETWORK |
CVE‑2018‑0939 | 2018‑03‑14 17:29:04 | MEDIUM (4) | ChakraCore and Microsoft Edge in Windows 10 1703 and 1709 allow information disclosure, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0891. | 0 | 0 | NETWORK |
CVE‑2018‑0937 | 2018‑03‑14 17:29:04 | HIGH (8) | ChakraCore and Microsoft Windows 10 1703 and 1709 allow remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0934, and CVE-2018-0936. | 0 | 0 | NETWORK |
CVE‑2018‑0936 | 2018‑03‑14 17:29:04 | HIGH (8) | ChakraCore and Microsoft Windows 10 1709 allow remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0934, and CVE-2018-0937. | 0 | 0 | NETWORK |
CVE‑2018‑0934 | 2018‑03‑14 17:29:04 | HIGH (8) | ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0936, and CVE-2018-0937. | 0 | 0 | NETWORK |
CVE‑2018‑0933 | 2018‑03‑14 17:29:03 | HIGH (8) | ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937. | 0 | 0 | NETWORK |
CVE‑2018‑0932 | 2018‑03‑14 17:29:03 | MEDIUM (4) | Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows information disclosure, due to how Microsoft browsers handle objects in memory, aka "Microsoft Browser Information Disclosure Vulnerability". | 0 | 0 | NETWORK |
CVE‑2018‑0931 | 2018‑03‑14 17:29:03 | HIGH (8) | ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0933, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937. | 0 | 0 | NETWORK |
CVE‑2018‑0930 | 2018‑03‑14 17:29:03 | HIGH (8) | ChakraCore and Microsoft Edge in Microsoft Windows 10 1709 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0931, CVE-2018-0933, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937. | 0 | 0 | NETWORK |
CVE‑2018‑0927 | 2018‑03‑14 17:29:03 | MEDIUM (4) | Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows information disclosure, due to how Microsoft browsers handle objects in memory, aka "Microsoft Browser Information Disclosure Vulnerability". | 0 | 0 | NETWORK |
CVE‑2018‑0893 | 2018‑03‑14 17:29:02 | HIGH (8) | Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0876, CVE-2018-0889, CVE-2018-0925, and CVE-2018-0935. | 0 | 0 | NETWORK |
CVE‑2018‑0892 | 2018‑04‑12 01:29:06 | MEDIUM (4) | An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-0998. | 0 | 0 | NETWORK |
CVE‑2018‑0891 | 2018‑03‑14 17:29:02 | MEDIUM (4) | ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allow information disclosure, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0939. | 0 | 0 | NETWORK |
CVE‑2018‑0879 | 2018‑03‑14 17:29:01 | MEDIUM (5) | Microsoft Edge in Windows 10 1709 allows information disclosure, due to how Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". | 0 | 0 | NETWORK |
CVE‑2018‑0876 | 2018‑03‑14 17:29:01 | HIGH (8) | Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0889, CVE-2018-0893, CVE-2018-0925, and CVE-2018-0935. | 0 | 0 | NETWORK |
CVE‑2018‑0874 | 2018‑03‑14 17:29:01 | HIGH (8) | ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937. | 0 | 0 | NETWORK |
CVE‑2018‑0873 | 2018‑03‑14 17:29:01 | HIGH (8) | ChakraCore and Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937. | 0 | 0 | NETWORK |
CVE‑2018‑0872 | 2018‑03‑14 17:29:01 | HIGH (8) | ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937. | 0 | 0 | NETWORK |
CVE‑2018‑0871 | 2018‑06‑14 12:29:00 | MEDIUM (4) | An information disclosure vulnerability exists when Edge improperly marks files, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8234. | 0 | 0 | NETWORK |
CVE‑2018‑0861 | 2018‑02‑15 02:29:04 | HIGH (9) | Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, and CVE-2018-0866. | 0 | 0 | NETWORK |
CVE‑2018‑0860 | 2018‑02‑15 02:29:03 | HIGH (8) | Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0861, and CVE-2018-0866. | 0 | 0 | NETWORK |
CVE‑2018‑0859 | 2018‑02‑15 02:29:03 | HIGH (8) | Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866. | 0 | 0 | NETWORK |
CVE‑2018‑0857 | 2018‑02‑15 02:29:03 | HIGH (8) | Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866. | 0 | 0 | NETWORK |
CVE‑2018‑0856 | 2018‑02‑15 02:29:03 | HIGH (8) | Microsoft Edge and ChakraCore in Microsoft Windows 10 1703 and 1709 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866. | 0 | 0 | NETWORK |
CVE‑2018‑0840 | 2018‑02‑15 02:29:03 | HIGH (9) | Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866. | 0 | 0 | NETWORK |
CVE‑2018‑0839 | 2018‑02‑15 02:29:03 | MEDIUM (4) | Microsoft Edge in Microsoft Windows 10 1703 allows information disclosure, due to how Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0763. | 0 | 0 | NETWORK |
CVE‑2018‑0838 | 2018‑02‑15 02:29:03 | HIGH (8) | Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866. | 0 | 0 | NETWORK |
CVE‑2018‑0837 | 2018‑02‑15 02:29:03 | HIGH (8) | Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866. | 0 | 0 | NETWORK |
CVE‑2018‑0836 | 2018‑02‑15 02:29:02 | HIGH (8) | Microsoft Edge and ChakraCore in Microsoft Windows 10 1703 and 1709 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866. | 0 | 0 | NETWORK |
CVE‑2018‑0835 | 2018‑02‑15 02:29:02 | HIGH (8) | Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866. | 0 | 0 | NETWORK |
CVE‑2018‑0834 | 2018‑02‑15 02:29:02 | HIGH (9) | Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866. | 0 | 0 | NETWORK |
CVE‑2018‑0803 | 2018‑01‑04 14:29:01 | MEDIUM (6) | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to access information from one domain and inject it into another domain, due to how Microsoft Edge enforces cross-domain policies, aka "Microsoft Edge Elevation of Privilege Vulnerability". | 0 | 0 | NETWORK |
CVE‑2018‑0800 | 2018‑01‑04 14:29:01 | MEDIUM (4) | Microsoft Edge in Microsoft Windows 10 1709 allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0767 and CVE-2018-0780. | 0 | 0 | NETWORK |
CVE‑2018‑0781 | 2018‑01‑04 14:29:01 | HIGH (8) | Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, and CVE-2018-0778. | 0 | 0 | NETWORK |
CVE‑2018‑0780 | 2018‑01‑04 14:29:01 | LOW (3) | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0767 and CVE-2018-0800. | 0 | 0 | NETWORK |
CVE‑2018‑0778 | 2018‑01‑04 14:29:01 | HIGH (8) | Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, and CVE-2018-0781. | 0 | 0 | NETWORK |
CVE‑2018‑0777 | 2018‑01‑04 14:29:01 | HIGH (8) | Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0778, and CVE-2018-0781. | 0 | 0 | NETWORK |
CVE‑2018‑0776 | 2018‑01‑04 14:29:01 | HIGH (8) | Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781. | 0 | 0 | NETWORK |
CVE‑2018‑0775 | 2018‑01‑04 14:29:01 | HIGH (8) | Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781. | 0 | 0 | NETWORK |
CVE‑2018‑0774 | 2018‑01‑04 14:29:01 | HIGH (8) | Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781. | 0 | 0 | NETWORK |
CVE‑2018‑0773 | 2018‑01‑04 14:29:01 | HIGH (8) | Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781. | 0 | 0 | NETWORK |
CVE‑2018‑0772 | 2018‑01‑04 14:29:01 | HIGH (8) | Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781. | 0 | 0 | NETWORK |
CVE‑2018‑0771 | 2018‑02‑15 02:29:02 | MEDIUM (4) | Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows a security feature bypass, due to how Edge handles different-origin requests, aka "Microsoft Edge Security Feature Bypass". | 0 | 0 | NETWORK |
CVE‑2018‑0770 | 2018‑01‑04 14:29:01 | HIGH (8) | Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781. | 0 | 0 | NETWORK |
CVE‑2018‑0769 | 2018‑01‑04 14:29:01 | HIGH (8) | Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781. | 0 | 0 | NETWORK |
CVE‑2018‑0768 | 2018‑01‑04 14:29:01 | HIGH (8) | Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781. | 0 | 0 | NETWORK |
CVE‑2018‑0767 | 2018‑01‑04 14:29:01 | LOW (3) | Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0780 and CVE-2018-0800. | 0 | 0 | NETWORK |
CVE‑2018‑0766 | 2018‑01‑04 14:29:01 | MEDIUM (4) | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system, due to how the Microsoft Edge PDF Reader handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". | 0 | 0 | NETWORK |
CVE‑2018‑0763 | 2018‑02‑15 02:29:02 | LOW (3) | Microsoft Edge in Microsoft Windows 10 1703 and 1709 allows information disclosure, due to how Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0839. | 0 | 0 | NETWORK |
CVE‑2018‑0762 | 2018‑01‑04 14:29:01 | HIGH (8) | Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781. | 0 | 0 | NETWORK |
CVE‑2018‑0758 | 2018‑01‑04 14:29:01 | HIGH (8) | Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781. | 0 | 0 | NETWORK |
CVE‑2017‑8757 | 2017‑09‑13 01:29:12 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way Microsoft Edge handles objects in memory, aka "Microsoft Edge Remote Code Execution Vulnerability". | 0 | 0 | NETWORK |
CVE‑2017‑8756 | 2017‑09‑13 01:29:12 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft Edge accesses objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8660, CVE-2017-8729, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8752, CVE-2017-8753, CVE-2017-8755, and CVE-2017-11764. | 0 | 0 | NETWORK |
CVE‑2017‑8755 | 2017‑09‑13 01:29:12 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8649, CVE-2017-8660, CVE-2017-8729, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8752, CVE-2017-8753, CVE-2017-8756, and CVE-2017-11764. | 0 | 0 | NETWORK |
CVE‑2017‑8754 | 2017‑09‑13 01:29:12 | MEDIUM (4) | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to trick a user into loading a page containing malicious content, due to the way that the Edge Content Security Policy (CSP) validates certain specially crafted documents, aka "Microsoft Edge Security Feature Bypass Vulnerability". This CVE ID is unique from CVE-2017-8723. | 0 | 0 | NETWORK |
CVE‑2017‑8753 | 2017‑09‑13 01:29:12 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8660, CVE-2017-8729, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8752, CVE-2017-8755, CVE-2017-8756, and CVE-2017-11764. | 0 | 0 | NETWORK |
CVE‑2017‑8752 | 2017‑09‑13 01:29:12 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8660, CVE-2017-8729, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8753, CVE-2017-8755, CVE-2017-8756, and CVE-2017-11764. | 0 | 0 | NETWORK |
CVE‑2017‑8751 | 2017‑09‑13 01:29:12 | HIGH (8) | Microsoft Edge in Microsoft Windows 1703 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft Edge accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8731, CVE-2017-8734, and CVE-2017-11766. | 0 | 0 | NETWORK |
CVE‑2017‑8750 | 2017‑09‑13 01:29:12 | HIGH (8) | Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browsers access objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability". | 0 | 0 | NETWORK |
CVE‑2017‑8748 | 2017‑09‑13 01:29:12 | HIGH (8) | Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8660, CVE-2017-8729, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8752, CVE-2017-8753, CVE-2017-8755, CVE-2017-8756, and CVE-2017-11764. | 0 | 0 | NETWORK |
CVE‑2017‑8741 | 2017‑09‑13 01:29:12 | HIGH (8) | Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8660, CVE-2017-8729, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8752, CVE-2017-8753, CVE-2017-8755, CVE-2017-8756, and CVE-2017-11764. | 0 | 0 | NETWORK |
CVE‑2017‑8740 | 2017‑09‑13 01:29:12 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8660, CVE-2017-8729, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8752, CVE-2017-8753, CVE-2017-8755, CVE-2017-8756, and CVE-2017-11764. | 0 | 0 | NETWORK |
CVE‑2017‑8739 | 2017‑09‑13 01:29:12 | MEDIUM (4) | Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". | 0 | 0 | NETWORK |
CVE‑2017‑8738 | 2017‑09‑13 01:29:11 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8660, CVE-2017-8729, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8752, CVE-2017-8753, CVE-2017-8755, CVE-2017-8756, and CVE-2017-11764. | 0 | 0 | NETWORK |
CVE‑2017‑8737 | 2017‑09‑13 01:29:11 | HIGH (8) | Microsoft Windows PDF Library in Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Windows PDF Library handles objects in memory, aka "Windows PDF Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8728. | 0 | 0 | NETWORK |
CVE‑2017‑8736 | 2017‑09‑13 01:29:11 | MEDIUM (4) | Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to obtain specific information used in the parent domain, due to Microsoft browser parent domain verification in certain functionality, aka "Microsoft Browser Information Disclosure Vulnerability". | 0 | 0 | NETWORK |
CVE‑2017‑8735 | 2017‑09‑13 01:29:11 | MEDIUM (4) | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to trick a user by redirecting the user to a specially crafted website, due to the way that Microsoft Edge parses HTTP content, aka "Microsoft Edge Spoofing Vulnerability". This CVE ID is unique from CVE-2017-8724. | 0 | 0 | NETWORK |
CVE‑2017‑8734 | 2017‑09‑13 01:29:11 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft Edge accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8731, CVE-2017-8751, and CVE-2017-11766. | 0 | 0 | NETWORK |
CVE‑2017‑8731 | 2017‑09‑13 01:29:11 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 1607 and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft Edge accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8734, CVE-2017-8751, and CVE-2017-11766. | 0 | 0 | NETWORK |
CVE‑2017‑8729 | 2017‑09‑13 01:29:11 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8660, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8752, CVE-2017-8753, CVE-2017-8755, CVE-2017-8756, and CVE-2017-11764. | 0 | 0 | NETWORK |
CVE‑2017‑8728 | 2017‑09‑13 01:29:11 | HIGH (8) | Microsoft Windows PDF Library in Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Windows PDF Library handles objects in memory, aka "Windows PDF Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8737. | 0 | 0 | NETWORK |
CVE‑2017‑8726 | 2017‑10‑13 13:29:02 | MEDIUM (4) | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how affected Microsoft scripting engines handle objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11794 and CVE-2017-11803. | 0 | 0 | NETWORK |
CVE‑2017‑8724 | 2017‑09‑13 01:29:11 | MEDIUM (4) | Microsoft Edge in Microsoft Windows 10 Version 1703 allows an attacker to trick a user by redirecting the user to a specially crafted website, due to the way that Microsoft Edge parses HTTP content, aka "Microsoft Edge Spoofing Vulnerability". This CVE ID is unique from CVE-2017-8735. | 0 | 0 | NETWORK |
CVE‑2017‑8723 | 2017‑09‑13 01:29:11 | MEDIUM (4) | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to trick a user into loading a page containing malicious content, due to the way that the Edge Content Security Policy (CSP) validates certain specially crafted documents, aka "Microsoft Edge Security Feature Bypass Vulnerability". This CVE ID is unique from CVE-2017-8754. | 0 | 0 | NETWORK |
CVE‑2017‑8674 | 2017‑08‑08 21:29:02 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, and CVE-2017-8672. | 0 | 0 | NETWORK |
CVE‑2017‑8672 | 2017‑08‑08 21:29:02 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, and CVE-2017-8674. | 0 | 0 | NETWORK |
CVE‑2017‑8671 | 2017‑08‑08 21:29:02 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8672, and CVE-2017-8674. | 0 | 0 | NETWORK |
CVE‑2017‑8670 | 2017‑08‑08 21:29:02 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674. | 0 | 0 | NETWORK |
CVE‑2017‑8669 | 2017‑08‑08 21:29:02 | HIGH (8) | Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to Microsoft browsers improperly handling objects in memory while rendering content, aka "Microsoft Browser Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8653. | 0 | 0 | NETWORK |
CVE‑2017‑8662 | 2017‑08‑08 21:29:02 | MEDIUM (4) | Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to disclose information due to how strings are validated in specific scenarios, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8644 and CVE-2017-8652. | 0 | 0 | NETWORK |
CVE‑2017‑8661 | 2017‑08‑08 21:29:02 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability". | 0 | 0 | NETWORK |
CVE‑2017‑8660 | 2017‑09‑13 01:29:10 | HIGH (9) | Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8729, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8752, CVE-2017-8753, CVE-2017-8755, CVE-2017-8756, and CVE-2017-11764. | 0 | 0 | NETWORK |
CVE‑2017‑8659 | 2017‑08‑08 21:29:02 | MEDIUM (4) | Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to obtain information to further compromise the user's system due to the Chakra scripting engine not properly handling objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". | 0 | 0 | NETWORK |
CVE‑2017‑8657 | 2017‑08‑08 21:29:02 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674. | 0 | 0 | NETWORK |
CVE‑2017‑8656 | 2017‑08‑08 21:29:02 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674. | 0 | 0 | NETWORK |
CVE‑2017‑8655 | 2017‑08‑08 21:29:02 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674. | 0 | 0 | NETWORK |
CVE‑2017‑8653 | 2017‑08‑08 21:29:01 | HIGH (8) | Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to Microsoft browsers improperly accessing objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8669. | 0 | 0 | NETWORK |
CVE‑2017‑8652 | 2017‑08‑08 21:29:01 | MEDIUM (4) | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to disclose information due to the way that Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8644 and CVE-2017-8662. | 0 | 0 | NETWORK |
CVE‑2017‑8650 | 2017‑08‑08 21:29:01 | MEDIUM (6) | Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to exploit a security feature bypass due to Microsoft Edge not properly enforcing same-origin policies, aka "Microsoft Edge Security Feature Bypass Vulnerability". | 0 | 0 | NETWORK |
CVE‑2017‑8649 | 2017‑09‑13 01:29:10 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8660, CVE-2017-8729, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8752, CVE-2017-8753, CVE-2017-8755, CVE-2017-8756, and CVE-2017-11764. | 0 | 0 | NETWORK |
CVE‑2017‑8648 | 2017‑09‑13 01:29:10 | MEDIUM (4) | Microsoft Edge in Microsoft Windows Version 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8597 and CVE-2017-8643. | 0 | 0 | NETWORK |
CVE‑2017‑8647 | 2017‑08‑08 21:29:01 | HIGH (8) | Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674. | 0 | 0 | NETWORK |
CVE‑2017‑8646 | 2017‑08‑08 21:29:01 | HIGH (8) | Microsoft Edge in Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674. | 0 | 0 | NETWORK |
CVE‑2017‑8645 | 2017‑08‑08 21:29:01 | HIGH (8) | Microsoft Edge in Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674. | 0 | 0 | NETWORK |
CVE‑2017‑8644 | 2017‑08‑08 21:29:01 | MEDIUM (4) | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to disclose information due to the way that Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8652 and CVE-2017-8662. | 0 | 0 | NETWORK |
CVE‑2017‑8643 | 2017‑09‑13 01:29:10 | MEDIUM (4) | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to leave a malicious website open during user clipboard activities, due to the way that Microsoft Edge handles clipboard events, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8597 and CVE-2017-8648. | 0 | 0 | NETWORK |
CVE‑2017‑8642 | 2017‑08‑08 21:29:01 | MEDIUM (4) | Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to elevate privileges due to the way that Microsoft Edge validates JavaScript under specific conditions, aka "Microsoft Edge Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-8503. | 0 | 0 | NETWORK |
CVE‑2017‑8641 | 2017‑08‑08 21:29:01 | HIGH (8) | Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674. | 0 | 0 | NETWORK |
CVE‑2017‑8640 | 2017‑08‑08 21:29:01 | HIGH (8) | Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674. | 0 | 0 | NETWORK |
CVE‑2017‑8639 | 2017‑08‑08 21:29:01 | HIGH (8) | Microsoft Edge in Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674. | 0 | 0 | NETWORK |
CVE‑2017‑8638 | 2017‑08‑08 21:29:01 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674. | 0 | 0 | NETWORK |
CVE‑2017‑8637 | 2017‑08‑08 21:29:01 | LOW (3) | Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to bypass Arbitrary Code Guard (ACG) due to how Microsoft Edge accesses memory in code compiled by the Edge Just-In-Time (JIT) compiler, aka "Scripting Engine Security Feature Bypass Vulnerability". | 0 | 0 | NETWORK |
CVE‑2017‑8636 | 2017‑08‑08 21:29:01 | HIGH (8) | Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674. | 0 | 0 | NETWORK |
CVE‑2017‑8635 | 2017‑08‑08 21:29:01 | HIGH (8) | Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to the way that JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674. | 0 | 0 | NETWORK |
CVE‑2017‑8634 | 2017‑08‑08 21:29:01 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674. | 0 | 0 | NETWORK |
CVE‑2017‑8619 | 2017‑07‑11 21:29:03 | HIGH (8) | Microsoft Edge on Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way affected Microsoft scripting engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-8596, CVE-2017-8610, CVE-2017-8601, CVE-2017-8603, CVE-2017-8604, CVE-2017-8605, CVE-2017-8606, CVE-2017-8607, CVE-2017-8608, CVE-2017-8618, CVE-2017-9598 and CVE-2017-8609. | 0 | 0 | NETWORK |
CVE‑2017‑8617 | 2017‑07‑11 21:29:02 | HIGH (8) | Microsoft Edge in Windows 10 1703 Microsoft Edge allows a remote code execution vulnerability in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Remote Code Execution Vulnerability." | 0 | 0 | NETWORK |
CVE‑2017‑8611 | 2017‑07‑11 21:29:02 | MEDIUM (4) | Microsoft Edge on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability." | 0 | 0 | NETWORK |
CVE‑2017‑8610 | 2017‑07‑11 21:29:02 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8598, CVE-2017-8596, CVE-2017-8595, CVE-2017-8618, CVE-2017-8619, CVE-2017-8601, CVE-2017-8603, CVE-2017-8604, CVE-2017-8605, CVE-2017-8606, CVE-2017-8607, CVE-2017-8608, and CVE-2017-8609. | 0 | 0 | NETWORK |
CVE‑2017‑8609 | 2017‑07‑11 21:29:02 | HIGH (8) | Microsoft Internet Explorer in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8596, CVE-2017-8610, CVE-2017-8618, CVE-2017-8619, CVE-2017-8595, CVE-2017-8601, CVE-2017-8603, CVE-2017-8604, CVE-2017-8605, CVE-2017-8606, CVE-2017-8607, CVE-2017-8608, and CVE-2017-8609. | 0 | 0 | NETWORK |
CVE‑2017‑8608 | 2017‑07‑11 21:29:02 | HIGH (8) | Microsoft browsers in Microsoft Windows Server 2008 and R2, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engines fail to render when handling objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8598, CVE-2017-8596, CVE-2017-8610, CVE-2017-8601, CVE-2017-8618, CVE-2017-8619, CVE-2017-8603, CVE-2017-8604, CVE-2017-8605, CVE-2017-8595, CVE-2017-8606, CVE-2017-8607, and CVE-2017-8609 | 0 | 0 | NETWORK |
CVE‑2017‑8607 | 2017‑07‑11 21:29:02 | HIGH (8) | Microsoft browsers in Microsoft Windows 7, Windows Server 2008 and R2, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engines fail to render when handling objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8598, CVE-2017-8596, CVE-2017-8618, CVE-2017-8619, CVE-2017-8610, CVE-2017-8601, CVE-2017-8603, CVE-2017-8604, CVE-2017-8605, CVE-2017-8595, CVE-2017-8606, CVE-2017-8608, and CVE-2017-8609 | 0 | 0 | NETWORK |
CVE‑2017‑8606 | 2017‑07‑11 21:29:02 | HIGH (8) | Microsoft browsers in Microsoft Windows 7, Windows Server 2008 and R2, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engines fail to render when handling objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8598, CVE-2017-8596, CVE-2017-8618, CVE-2017-8619, CVE-2017-8610, CVE-2017-8601, CVE-2017-8603, CVE-2017-8604, CVE-2017-8605, CVE-2017-8595, CVE-2017-8607, CVE-2017-8608, and CVE-2017-8609 | 0 | 0 | NETWORK |
CVE‑2017‑8605 | 2017‑07‑11 21:29:02 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8596, CVE-2017-8601, CVE-2017-8618, CVE-2017-8619, CVE-2017-8610, CVE-2017-8601, CVE-2017-8603, CVE-2017-8604, CVE-2017-8598, CVE-2017-8606, CVE-2017-8607, CVE-2017-8608, and CVE-2017-8609. | 0 | 0 | NETWORK |
CVE‑2017‑8604 | 2017‑07‑11 21:29:02 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8596, CVE-2017-8618, CVE-2017-8619, CVE-2017-8601, CVE-2017-8610, CVE-2017-8603, CVE-2017-8598, CVE-2017-8601, CVE-2017-8605, CVE-2017-8606, CVE-2017-8607, CVE-2017-8608, and CVE-2017-8609. | 0 | 0 | NETWORK |
CVE‑2017‑8603 | 2017‑07‑11 21:29:02 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8596, CVE-2017-8610, CVE-2017-8598, CVE-2017-8618, CVE-2017-8619, CVE-2017-8595, CVE-2017-8601, CVE-2017-8604, CVE-2017-8605, CVE-2017-8606, CVE-2017-8607, CVE-2017-8608, and CVE-2017-8609. | 0 | 0 | NETWORK |
CVE‑2017‑8602 | 2017‑07‑11 21:29:02 | MEDIUM (4) | Microsoft browsers on Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow a spoofing vulnerability in the way they parse HTTP content, aka "Microsoft Browser Spoofing Vulnerability." | 0 | 0 | NETWORK |
CVE‑2017‑8601 | 2017‑07‑11 21:29:02 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8596, CVE-2017-8610, CVE-2017-8618, CVE-2017-8619, CVE-2017-8603, CVE-2017-8604, CVE-2017-8605, CVE-2017-8606, CVE-2017-8607, CVE-2017-8608, CVE-2017-8598 and CVE-2017-8609. | 0 | 0 | NETWORK |
CVE‑2017‑8599 | 2017‑07‑11 21:29:02 | MEDIUM (4) | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to trick a user into loading a page with malicious content when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents, aka "Microsoft Edge Security Feature Bypass Vulnerability". | 0 | 0 | NETWORK |
CVE‑2017‑8598 | 2017‑07‑11 21:29:02 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8596, CVE-2017-8610, CVE-2017-8618, CVE-2017-8619, CVE-2017-8595, CVE-2017-8601, CVE-2017-8603, CVE-2017-8604, CVE-2017-8605, CVE-2017-8606, CVE-2017-8607, CVE-2017-8608, and CVE-2017-8609. | 0 | 0 | NETWORK |
CVE‑2017‑8597 | 2017‑09‑13 01:29:10 | MEDIUM (4) | Microsoft Edge in Microsoft Windows 10 Version 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8643 and CVE-2017-8648. | 0 | 0 | NETWORK |
CVE‑2017‑8596 | 2017‑07‑11 21:29:02 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8598, CVE-2017-8610, CVE-2017-8595, CVE-2017-8601, CVE-2017-8603, CVE-2017-8604, CVE-2017-8605, CVE-2017-8606, CVE-2017-8607, CVE-2017-8608, and CVE-2017-8609. | 0 | 0 | NETWORK |
CVE‑2017‑8595 | 2017‑07‑11 21:29:02 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8596, CVE-2017-8601,CVE-2017-8618, CVE-2017-8619, CVE-2017-8610, CVE-2017-8601, CVE-2017-8603, CVE-2017-8604, CVE-2017-8605, CVE-2017-8606, CVE-2017-8607, CVE-2017-8608, and CVE-2017-8609. | 0 | 0 | NETWORK |
CVE‑2017‑8592 | 2017‑07‑11 21:29:02 | MEDIUM (4) | Microsoft browsers on when Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows RT 8.1, and Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow a security feature bypass vulnerability when they improperly handle redirect requests, aka "Microsoft Browser Security Feature Bypass". | 0 | 0 | NETWORK |
CVE‑2017‑8555 | 2017‑06‑15 01:29:05 | MEDIUM (4) | Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to trick a user into loading a page with malicious content when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents, aka "Microsoft Edge Security Feature Bypass Vulnerability". This CVE ID is unique from CVE-2017-8523 and CVE-2017-8530. | 0 | 0 | NETWORK |
CVE‑2017‑8549 | 2017‑06‑15 01:29:05 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system when Microsoft Edge improperly handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8499, CVE-2017-8520, CVE-2017-8521, and CVE-2017-8548. | 0 | 0 | NETWORK |
CVE‑2017‑8548 | 2017‑06‑15 01:29:05 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system when Microsoft Edge improperly handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8499, CVE-2017-8520, CVE-2017-8521, and CVE-2017-8549. | 0 | 0 | NETWORK |
CVE‑2017‑8530 | 2017‑06‑15 01:29:04 | MEDIUM (6) | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to trick a user into loading a page with malicious content when Microsoft Edge does not properly enforce same-origin policies, aka "Microsoft Edge Security Feature Bypass Vulnerability". This CVE ID is unique from CVE-2017-8523 and CVE-2017-8555. | 0 | 0 | NETWORK |
CVE‑2017‑8529 | 2017‑06‑15 01:29:04 | MEDIUM (7) | Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, and Windows Server 2012 and R2 allow an attacker to detect specific files on the user's computer when affected Microsoft scripting engines do not properly handle objects in memory, aka "Microsoft Browser Information Disclosure Vulnerability". | 3 | 4 | NETWORK |
CVE‑2017‑8524 | 2017‑06‑15 01:29:04 | HIGH (8) | Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engines fail to render when handling objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8517 and CVE-2017-8522. | 0 | 0 | NETWORK |
CVE‑2017‑8523 | 2017‑06‑15 01:29:04 | MEDIUM (4) | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to trick a user into loading a page with malicious content when Microsoft Edge fails to correctly apply Same Origin Policy for HTML elements present in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability". This CVE ID is unique from CVE-2017-8530 and CVE-2017-8555. | 0 | 0 | NETWORK |
CVE‑2017‑8522 | 2017‑06‑15 01:29:04 | HIGH (8) | Microsoft browsers in Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engines fail to render when handling objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8517 and CVE-2017-8524. | 0 | 0 | NETWORK |
CVE‑2017‑8521 | 2017‑06‑15 01:29:04 | HIGH (8) | Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the Edge JavaScript scripting engine fails to handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8499, CVE-2017-8520, CVE-2017-8548, and CVE-2017-8549. | 0 | 0 | NETWORK |
CVE‑2017‑8520 | 2017‑06‑15 01:29:04 | HIGH (8) | Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the Edge JavaScript scripting engine fails to handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8499, CVE-2017-8521, CVE-2017-8548, and CVE-2017-8549. | 0 | 0 | NETWORK |
CVE‑2017‑8518 | 2017‑08‑10 18:29:00 | HIGH (8) | Microsoft Edge allows a remote code execution vulnerability due to the way it accesses objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". | 0 | 0 | NETWORK |
CVE‑2017‑8504 | 2017‑06‑15 01:29:04 | MEDIUM (4) | Microsoft Edge in Windows 10 1607 and 1703, and Windows Server 2016 allows an attacker to read the URL of a cross-origin request when the Microsoft Edge Fetch API incorrectly handles a filtered response type, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8498. | 0 | 0 | NETWORK |
CVE‑2017‑8503 | 2017‑08‑08 21:29:01 | MEDIUM (5) | Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to escape from the AppContainer sandbox, aka "Microsoft Edge Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-8642. | 0 | 0 | LOCAL |
CVE‑2017‑8499 | 2017‑06‑15 01:29:04 | HIGH (8) | Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the Edge JavaScript scripting engine fails to handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8520, CVE-2017-8521, CVE-2017-8548, and CVE-2017-8549. | 0 | 0 | NETWORK |
CVE‑2017‑8498 | 2017‑06‑15 01:29:04 | MEDIUM (4) | Microsoft Edge in Windows 10 1607 and 1703, and Windows Server 2016 allows an attacker to read data not intended to be disclosed when Edge allows JavaScript XML DOM objects to detect installed browser extensions, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8504. | 0 | 0 | NETWORK |
CVE‑2017‑8497 | 2017‑06‑15 01:29:04 | HIGH (8) | Microsoft Edge in Windows 10 1607 and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8496. | 0 | 0 | NETWORK |
CVE‑2017‑8496 | 2017‑06‑15 01:29:04 | HIGH (8) | Microsoft Edge in Windows 10 1607 and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8497. | 0 | 0 | NETWORK |
CVE‑2017‑11919 | 2017‑12‑12 21:29:02 | LOW (3) | ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016, and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-11887 and CVE-2017-11906. | 0 | 0 | NETWORK |
CVE‑2017‑11918 | 2017‑12‑12 21:29:02 | HIGH (8) | ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, and CVE-2017-11930. | 0 | 0 | NETWORK |
CVE‑2017‑11914 | 2017‑12‑12 21:29:02 | HIGH (8) | ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930. | 0 | 0 | NETWORK |
CVE‑2017‑11912 | 2017‑12‑12 21:29:02 | HIGH (8) | ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930. | 0 | 0 | NETWORK |
CVE‑2017‑11905 | 2017‑12‑12 21:29:01 | HIGH (8) | ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930. | 0 | 0 | NETWORK |
CVE‑2017‑11895 | 2017‑12‑12 21:29:01 | HIGH (8) | ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930. | 0 | 0 | NETWORK |
CVE‑2017‑11894 | 2017‑12‑12 21:29:01 | HIGH (8) | ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and and Internet Explorer adn Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930. | 0 | 0 | NETWORK |
CVE‑2017‑11893 | 2017‑12‑12 21:29:01 | HIGH (8) | ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930. | 0 | 0 | NETWORK |
CVE‑2017‑11889 | 2017‑12‑12 21:29:01 | HIGH (8) | ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930. | 0 | 0 | NETWORK |
CVE‑2017‑11888 | 2017‑12‑12 21:29:01 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how Microsoft Edge handles objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability". | 0 | 0 | NETWORK |
CVE‑2017‑11874 | 2017‑11‑15 03:29:02 | LOW (3) | Microsoft Edge in Microsoft Windows 10 1703, 1709, Windows Server, version 1709, and ChakraCore allows an attacker to bypass Control Flow Guard (CFG) to run arbitrary code on a target system, due to how Microsoft Edge handles accessing memory in code compiled by the Edge Just-In-Time (JIT) compiler, aka "Microsoft Edge Security Feature Bypass Vulnerability". This CVE ID is unique from CVE-2017-11863 and CVE-2017-11872. | 0 | 0 | NETWORK |
CVE‑2017‑11873 | 2017‑11‑15 03:29:02 | HIGH (8) | ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, and CVE-2017-11871. | 0 | 0 | NETWORK |
CVE‑2017‑11872 | 2017‑11‑15 03:29:02 | MEDIUM (4) | Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to force the browser to send data that would otherwise be restricted to a destination website of the attacker's choice, due to how Microsoft Edge handles redirect requests, aka "Microsoft Edge Security Feature Bypass Vulnerability". This CVE ID is unique from CVE-2017-11863 and CVE-2017-11874. | 0 | 0 | NETWORK |
CVE‑2017‑11871 | 2017‑11‑15 03:29:02 | HIGH (8) | ChakraCore and Microsoft Edge in Windows 10 1703, 1709, and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, and CVE-2017-11873. | 0 | 0 | NETWORK |
CVE‑2017‑11870 | 2017‑11‑15 03:29:02 | HIGH (8) | ChakraCore and Microsoft Edge in Windows 10 1703, 1709, and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11871, and CVE-2017-11873. | 0 | 0 | NETWORK |
CVE‑2017‑11866 | 2017‑11‑15 03:29:01 | HIGH (8) | ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873. | 0 | 0 | NETWORK |
CVE‑2017‑11863 | 2017‑11‑15 03:29:01 | MEDIUM (4) | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to trick a user into loading a page containing malicious content, due to how the Edge Content Security Policy (CSP) validates documents, aka "Microsoft Edge Security Feature Bypass Vulnerability". This CVE ID is unique from CVE-2017-11872 and CVE-2017-11874. | 0 | 0 | NETWORK |
CVE‑2017‑11862 | 2017‑11‑15 03:29:01 | HIGH (8) | ChakraCore and Microsoft Edge in Windows 10 1709 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873. | 0 | 0 | NETWORK |
CVE‑2017‑11861 | 2017‑11‑15 03:29:01 | HIGH (8) | Microsoft Edge in Windows 10 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873. | 0 | 0 | NETWORK |
CVE‑2017‑11858 | 2017‑11‑15 03:29:01 | HIGH (8) | ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how Microsoft browsers handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873. | 0 | 0 | NETWORK |
CVE‑2017‑11846 | 2017‑11‑15 03:29:01 | HIGH (8) | ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873. | 0 | 0 | NETWORK |
CVE‑2017‑11845 | 2017‑11‑15 03:29:01 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how Microsoft Edge handles objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability". | 0 | 0 | NETWORK |
CVE‑2017‑11844 | 2017‑11‑15 03:29:01 | MEDIUM (4) | Microsoft Edge in Microsoft Windows 10 1703, 1709 and Windows Server, version 1709 allows an attacker to obtain information to further compromise the user's system, due to how Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-11803 and CVE-2017-11833. | 0 | 0 | NETWORK |
CVE‑2017‑11843 | 2017‑11‑15 03:29:01 | HIGH (8) | ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873. | 0 | 0 | NETWORK |
CVE‑2017‑11841 | 2017‑11‑15 03:29:01 | HIGH (8) | ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873. | 0 | 0 | NETWORK |
CVE‑2017‑11840 | 2017‑11‑15 03:29:01 | HIGH (8) | ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873. | 0 | 0 | NETWORK |
CVE‑2017‑11839 | 2017‑11‑15 03:29:01 | HIGH (8) | Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to take control of an affected system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873. | 0 | 0 | NETWORK |
CVE‑2017‑11838 | 2017‑11‑15 03:29:01 | HIGH (8) | ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873. | 0 | 0 | NETWORK |
CVE‑2017‑11837 | 2017‑11‑15 03:29:01 | HIGH (8) | ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873. | 0 | 0 | NETWORK |
CVE‑2017‑11836 | 2017‑11‑15 03:29:01 | HIGH (8) | ChakraCore, and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to take control of an affected system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873. | 0 | 0 | NETWORK |
CVE‑2017‑11833 | 2017‑11‑15 03:29:01 | LOW (3) | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to determine the origin of all webpages in the affected browser, due to how Microsoft Edge handles cross-origin requests, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-11803 and CVE-2017-11844. | 0 | 0 | NETWORK |
CVE‑2017‑11827 | 2017‑11‑15 03:29:00 | HIGH (9) | Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how Microsoft browsers handle objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability". | 0 | 0 | NETWORK |
CVE‑2017‑11821 | 2017‑10‑13 13:29:02 | HIGH (8) | ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, and CVE-2017-11812. | 0 | 0 | NETWORK |
CVE‑2017‑11812 | 2017‑10‑13 13:29:02 | HIGH (9) | ChakraCore and Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11812, and CVE-2017-11821. | 0 | 0 | NETWORK |
CVE‑2017‑11811 | 2017‑10‑13 13:29:02 | HIGH (8) | ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11812, and CVE-2017-11821. | 0 | 0 | NETWORK |
CVE‑2017‑11809 | 2017‑10‑13 13:29:01 | HIGH (8) | ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821. | 0 | 0 | NETWORK |
CVE‑2017‑11808 | 2017‑10‑13 13:29:01 | HIGH (8) | ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821. | 0 | 0 | NETWORK |
CVE‑2017‑11807 | 2017‑10‑13 13:29:01 | HIGH (8) | ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821. | 0 | 0 | NETWORK |
CVE‑2017‑11806 | 2017‑10‑13 13:29:01 | HIGH (8) | ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821. | 0 | 0 | NETWORK |
CVE‑2017‑11805 | 2017‑10‑13 13:29:01 | HIGH (8) | ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821. | 0 | 0 | NETWORK |
CVE‑2017‑11804 | 2017‑10‑13 13:29:01 | HIGH (8) | ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821. | 0 | 0 | NETWORK |
CVE‑2017‑11803 | 2017‑11‑15 03:29:00 | MEDIUM (4) | Microsoft Edge in Microsoft Windows 10 1703, 1709 and Windows Server, version 1709 allows an attacker to obtain information to further compromise the user's system, due to how Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-11833 and CVE-2017-11844. | 0 | 0 | NETWORK |
CVE‑2017‑11802 | 2017‑10‑13 13:29:01 | HIGH (8) | ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821. | 0 | 0 | NETWORK |
CVE‑2017‑11800 | 2017‑10‑13 13:29:01 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821. | 0 | 0 | NETWORK |
CVE‑2017‑11799 | 2017‑10‑13 13:29:01 | HIGH (8) | ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821. | 0 | 0 | NETWORK |
CVE‑2017‑11798 | 2017‑10‑13 13:29:01 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821. | 0 | 0 | NETWORK |
CVE‑2017‑11796 | 2017‑10‑13 13:29:01 | HIGH (8) | ChakraCore and Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821. | 0 | 0 | NETWORK |
CVE‑2017‑11794 | 2017‑10‑13 13:29:01 | MEDIUM (4) | Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to obtain information to further compromise the user's system, due to how Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8726 and CVE-2017-11803. | 0 | 0 | NETWORK |
CVE‑2017‑11792 | 2017‑10‑13 13:29:01 | HIGH (8) | ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allow an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11793, CVE-2017-11796, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821. | 0 | 0 | NETWORK |
CVE‑2017‑11791 | 2017‑11‑15 03:29:00 | LOW (3) | ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-11834. | 0 | 0 | NETWORK |
CVE‑2017‑11766 | 2017‑09‑13 01:29:08 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft Edge accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8731, CVE-2017-8734, and CVE-2017-8751. | 0 | 0 | NETWORK |
CVE‑2017‑11764 | 2017‑09‑13 01:29:08 | HIGH (8) | Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8660, CVE-2017-8729, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8752, CVE-2017-8753, CVE-2017-8755, and CVE-2017-8756. | 0 | 0 | NETWORK |
CVE‑2017‑0293 | 2017‑08‑08 21:29:01 | HIGH (8) | Microsoft Windows PDF Library in Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability when it improperly handles objects in memory, aka "Windows PDF Remote Code Execution Vulnerability". | 0 | 0 | NETWORK |
CVE‑2017‑0266 | 2017‑05‑12 14:29:05 | HIGH (8) | A remote code execution vulnerability exists in Microsoft Edge in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Remote Code Execution Vulnerability." | 0 | 0 | NETWORK |
CVE‑2017‑0252 | 2017‑05‑15 17:29:00 | HIGH (8) | A remote code execution vulnerability exists in Microsoft Chakra Core in the way JavaScript engines render when handling objects in memory. aka "Scripting Engine Memory Corruption Vulnerability". This vulnerability is unique from CVE-2017-0223. | 0 | 0 | NETWORK |
CVE‑2017‑0241 | 2017‑05‑12 14:29:04 | MEDIUM (5) | An elevation of privilege vulnerability exists when Microsoft Edge renders a domain-less page in the URL, which could allow Microsoft Edge to perform actions in the context of the Intranet Zone and access functionality that is not typically available to the browser when browsing in the context of the Internet Zone, aka "Microsoft Edge Elevation of Privilege Vulnerability." This CVE ID is unique from CVE-2017-0233. | 0 | 0 | NETWORK |
CVE‑2017‑0240 | 2017‑05‑12 14:29:03 | HIGH (8) | A remote code execution vulnerability exists in Microsoft Edge in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0221 and CVE-2017-0227. | 0 | 0 | NETWORK |
CVE‑2017‑0238 | 2017‑05‑12 14:29:03 | HIGH (8) | A remote code execution vulnerability exists in Microsoft browsers in the way JavaScript scripting engines handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, and CVE-2017-0236. | 0 | 0 | NETWORK |
CVE‑2017‑0236 | 2017‑05‑12 14:29:03 | HIGH (8) | A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, and CVE-2017-0238. | 0 | 0 | NETWORK |
CVE‑2017‑0235 | 2017‑05‑12 14:29:03 | HIGH (8) | A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0236, and CVE-2017-0238. | 0 | 0 | NETWORK |
CVE‑2017‑0234 | 2017‑05‑12 14:29:03 | HIGH (8) | A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238. | 0 | 0 | NETWORK |
CVE‑2017‑0233 | 2017‑05‑12 14:29:03 | MEDIUM (5) | An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft Edge Elevation of Privilege Vulnerability." This CVE ID is unique from CVE-2017-0241. | 0 | 0 | NETWORK |
CVE‑2017‑0231 | 2017‑05‑12 14:29:03 | MEDIUM (4) | A spoofing vulnerability exists when Microsoft browsers render SmartScreen Filter, aka "Microsoft Browser Spoofing Vulnerability." | 0 | 0 | NETWORK |
CVE‑2017‑0230 | 2017‑05‑12 14:29:03 | HIGH (8) | A remote code execution vulnerability exists in Microsoft Edge in the way JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238. | 0 | 0 | NETWORK |
CVE‑2017‑0229 | 2017‑05‑12 14:29:02 | HIGH (8) | A remote code execution vulnerability exists in Microsoft Edge in the way JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238. | 0 | 0 | NETWORK |
CVE‑2017‑0228 | 2017‑05‑12 14:29:02 | HIGH (8) | A remote code execution vulnerability exists in Microsoft browsers in the way JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238. | 0 | 0 | NETWORK |
CVE‑2017‑0227 | 2017‑05‑12 14:29:02 | HIGH (8) | A remote code execution vulnerability exists in Microsoft Edge in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0221 and CVE-2017-0240. | 0 | 0 | NETWORK |
CVE‑2017‑0224 | 2017‑05‑12 14:29:02 | HIGH (8) | A remote code execution vulnerability exists in the way JavaScript engines render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238. | 0 | 0 | NETWORK |
CVE‑2017‑0223 | 2017‑05‑15 17:29:00 | HIGH (8) | A remote code execution vulnerability exists in Microsoft Chakra Core in the way JavaScript engines render when handling objects in memory. aka "Scripting Engine Memory Corruption Vulnerability". This vulnerability is unique from CVE-2017-0252. | 0 | 0 | NETWORK |
CVE‑2017‑0221 | 2017‑05‑12 14:29:02 | HIGH (8) | A vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0227 and CVE-2017-0240. | 0 | 0 | NETWORK |
CVE‑2017‑0208 | 2017‑04‑12 14:59:01 | MEDIUM (4) | An information disclosure vulnerability exists in Microsoft Edge when the Chakra scripting engine does not properly handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system, a.k.a. "Scripting Engine Information Disclosure Vulnerability." | 0 | 0 | NETWORK |
CVE‑2017‑0205 | 2017‑04‑12 14:59:01 | HIGH (8) | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user, aka "Microsoft Edge Memory Corruption Vulnerability." | 0 | 0 | NETWORK |
CVE‑2017‑0203 | 2017‑04‑12 14:59:01 | MEDIUM (4) | A vulnerability exists in Microsoft Edge when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents. An attacker could trick a user into loading a web page with malicious content, aka "Microsoft Edge Security Feature Bypass Vulnerability." | 0 | 0 | NETWORK |
CVE‑2017‑0200 | 2017‑04‑12 14:59:01 | HIGH (8) | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user, aka "Microsoft Edge Memory Corruption Vulnerability." | 0 | 0 | NETWORK |
CVE‑2017‑0196 | 2017‑07‑17 13:18:11 | MEDIUM (4) | An information disclosure vulnerability in Microsoft scripting engine allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." | 0 | 0 | NETWORK |
CVE‑2017‑0152 | 2017‑07‑17 13:18:11 | HIGH (9) | A remote code execution vulnerability exists in the way affected Microsoft scripting engine render when handling objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user, aka "Scripting Engine Memory Corruption Vulnerability." | 0 | 0 | NETWORK |
CVE‑2017‑0151 | 2017‑03‑17 00:59:04 | HIGH (8) | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, and CVE-2017-0150. | 0 | 0 | NETWORK |
CVE‑2017‑0150 | 2017‑03‑17 00:59:04 | HIGH (8) | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, and CVE-2017-0151. | 0 | 0 | NETWORK |
CVE‑2017‑0141 | 2017‑03‑17 00:59:04 | HIGH (8) | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0150, and CVE-2017-0151. | 0 | 0 | NETWORK |
CVE‑2017‑0140 | 2017‑03‑17 00:59:04 | MEDIUM (4) | Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0066 and CVE-2017-0135. | 0 | 0 | NETWORK |
CVE‑2017‑0138 | 2017‑03‑17 00:59:04 | HIGH (8) | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151. | 0 | 0 | NETWORK |
CVE‑2017‑0137 | 2017‑03‑17 00:59:04 | HIGH (8) | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151. | 0 | 0 | NETWORK |
CVE‑2017‑0136 | 2017‑03‑17 00:59:04 | HIGH (8) | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151. | 0 | 0 | NETWORK |
CVE‑2017‑0135 | 2017‑03‑17 00:59:04 | MEDIUM (4) | Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0066 and CVE-2017-0140. | 0 | 0 | NETWORK |
CVE‑2017‑0134 | 2017‑03‑17 00:59:04 | HIGH (8) | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151. | 0 | 0 | NETWORK |
CVE‑2017‑0133 | 2017‑03‑17 00:59:04 | HIGH (8) | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151. | 0 | 0 | NETWORK |
CVE‑2017‑0132 | 2017‑03‑17 00:59:04 | HIGH (8) | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151. | 0 | 0 | NETWORK |
CVE‑2017‑0131 | 2017‑03‑17 00:59:04 | HIGH (8) | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151. | 0 | 0 | NETWORK |
CVE‑2017‑0094 | 2017‑03‑17 00:59:03 | HIGH (8) | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151. | 0 | 0 | NETWORK |
CVE‑2017‑0093 | 2017‑04‑12 14:59:00 | HIGH (8) | A remote code execution vulnerability in Microsoft Edge exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0201. | 0 | 0 | NETWORK |
CVE‑2017‑0071 | 2017‑03‑17 00:59:02 | HIGH (8) | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151. | 0 | 0 | NETWORK |
CVE‑2017‑0070 | 2017‑03‑17 00:59:02 | HIGH (8) | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151. | 0 | 0 | NETWORK |
CVE‑2017‑0069 | 2017‑03‑17 00:59:02 | MEDIUM (4) | Microsoft Edge allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0012 and CVE-2017-0033. | 0 | 0 | NETWORK |
CVE‑2017‑0068 | 2017‑03‑17 00:59:02 | MEDIUM (4) | Browsers in Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0017, and CVE-2017-0065. | 0 | 0 | NETWORK |
CVE‑2017‑0067 | 2017‑03‑17 00:59:02 | HIGH (8) | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151. | 0 | 0 | NETWORK |
CVE‑2017‑0066 | 2017‑03‑17 00:59:02 | MEDIUM (4) | Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0135 and CVE-2017-0140. | 0 | 0 | NETWORK |
CVE‑2017‑0065 | 2017‑03‑17 00:59:02 | MEDIUM (4) | Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0017, and CVE-2017-0068. | 0 | 0 | NETWORK |
CVE‑2017‑0037 | 2017‑02‑26 23:59:00 | HIGH (8) | Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote attackers to execute arbitrary code via vectors involving a crafted Cascading Style Sheets (CSS) token sequence and crafted JavaScript code that operates on a TH element. | 2 | 6 | NETWORK |
CVE‑2017‑0035 | 2017‑03‑17 00:59:01 | HIGH (8) | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151. | 0 | 0 | NETWORK |
CVE‑2017‑0034 | 2017‑03‑17 00:59:01 | HIGH (8) | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. | 0 | 0 | NETWORK |
CVE‑2017‑0033 | 2017‑03‑17 00:59:01 | MEDIUM (4) | Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0012 and CVE-2017-0069. | 0 | 0 | NETWORK |
CVE‑2017‑0032 | 2017‑03‑17 00:59:01 | HIGH (8) | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151. | 0 | 0 | NETWORK |
CVE‑2017‑0028 | 2017‑07‑17 13:18:09 | HIGH (10) | A remote code execution vulnerability exists when Microsoft scripting engine improperly accesses objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user, aka "Scripting Engine Memory Corruption Vulnerability." | 0 | 0 | NETWORK |
CVE‑2017‑0023 | 2017‑03‑17 00:59:01 | HIGH (8) | The PDF library in Microsoft Edge; Windows 8.1; Windows Server 2012 and R2; Windows RT 8.1; and Windows 10, 1511, and 1607 allows remote attackers to execute arbitrary code via a crafted PDF file, aka "Microsoft PDF Remote Code Execution Vulnerability." | 0 | 0 | NETWORK |
CVE‑2017‑0017 | 2017‑03‑17 00:59:01 | MEDIUM (4) | The RegEx class in the XSS filter in Microsoft Edge allows remote attackers to conduct cross-site scripting (XSS) attacks and obtain sensitive information via unspecified vectors, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0065, and CVE-2017-0068. | 0 | 0 | NETWORK |
CVE‑2017‑0015 | 2017‑03‑17 00:59:00 | HIGH (8) | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151. | 0 | 0 | NETWORK |
CVE‑2017‑0012 | 2017‑03‑17 00:59:00 | MEDIUM (4) | Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0033 and CVE-2017-0069. | 0 | 0 | NETWORK |
CVE‑2017‑0011 | 2017‑03‑17 00:59:00 | MEDIUM (4) | Microsoft Edge allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0017, CVE-2017-0065, and CVE-2017-0068. | 0 | 0 | NETWORK |
CVE‑2017‑0010 | 2017‑03‑17 00:59:00 | HIGH (8) | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151. | 0 | 0 | NETWORK |
CVE‑2017‑0002 | 2017‑01‑10 21:59:00 | MEDIUM (7) | Microsoft Edge allows remote attackers to bypass the Same Origin Policy via vectors involving the about:blank URL and data: URLs, aka "Microsoft Edge Elevation of Privilege Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑7297 | 2016‑12‑20 06:59:01 | HIGH (8) | The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7286, CVE-2016-7288, and CVE-2016-7296. | 0 | 0 | NETWORK |
CVE‑2016‑7296 | 2016‑12‑20 06:59:01 | HIGH (8) | The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7286, CVE-2016-7288, and CVE-2016-7297. | 0 | 0 | NETWORK |
CVE‑2016‑7288 | 2016‑12‑20 06:59:01 | HIGH (8) | The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7286, CVE-2016-7296, and CVE-2016-7297. | 0 | 0 | NETWORK |
CVE‑2016‑7287 | 2016‑12‑20 06:59:01 | HIGH (8) | The scripting engines in Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑7286 | 2016‑12‑20 06:59:01 | HIGH (8) | The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7288, CVE-2016-7296, and CVE-2016-7297. | 0 | 0 | NETWORK |
CVE‑2016‑7282 | 2016‑12‑20 06:59:01 | MEDIUM (4) | Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑7281 | 2016‑12‑20 06:59:01 | LOW (3) | The Web Workers implementation in Microsoft Internet Explorer 10 and 11 and Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Browser Security Feature Bypass Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑7280 | 2016‑12‑20 06:59:01 | MEDIUM (4) | Cross-site scripting (XSS) vulnerability in Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Edge Information Disclosure Vulnerability," a different vulnerability than CVE-2016-7206. | 0 | 0 | NETWORK |
CVE‑2016‑7279 | 2016‑12‑20 06:59:01 | HIGH (8) | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑7243 | 2016‑11‑10 06:59:57 | HIGH (8) | The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, and CVE-2016-7242. | 0 | 0 | NETWORK |
CVE‑2016‑7242 | 2016‑11‑10 06:59:56 | HIGH (8) | The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, and CVE-2016-7243. | 0 | 0 | NETWORK |
CVE‑2016‑7241 | 2016‑11‑10 06:59:54 | HIGH (8) | Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑7240 | 2016‑11‑10 06:59:53 | HIGH (8) | The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7242, and CVE-2016-7243. | 0 | 0 | NETWORK |
CVE‑2016‑7239 | 2016‑11‑10 06:59:52 | LOW (3) | The RegEx class in the XSS filter in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allows remote attackers to conduct cross-site scripting (XSS) attacks and obtain sensitive information via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑7227 | 2016‑11‑10 06:59:40 | LOW (3) | The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the existence of local files via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑7209 | 2016‑11‑10 06:59:23 | LOW (3) | Microsoft Edge allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑7208 | 2016‑11‑10 06:59:22 | HIGH (8) | The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243. | 0 | 0 | NETWORK |
CVE‑2016‑7206 | 2016‑12‑20 06:59:00 | MEDIUM (4) | Cross-site scripting (XSS) vulnerability in Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Edge Information Disclosure Vulnerability," a different vulnerability than CVE-2016-7280. | 0 | 0 | NETWORK |
CVE‑2016‑7204 | 2016‑11‑10 06:59:20 | LOW (3) | Microsoft Edge allows remote attackers to access arbitrary "My Documents" files via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑7203 | 2016‑11‑10 06:59:19 | HIGH (8) | The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7202, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243. | 0 | 0 | NETWORK |
CVE‑2016‑7202 | 2016‑11‑10 06:59:18 | HIGH (8) | The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," as demonstrated by the Chakra JavaScript engine, a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243. | 0 | 0 | NETWORK |
CVE‑2016‑7201 | 2016‑11‑10 06:59:17 | HIGH (9) | The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243. | 3 | 6 | NETWORK |
CVE‑2016‑7200 | 2016‑11‑10 06:59:16 | HIGH (9) | The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243. | 3 | 6 | NETWORK |
CVE‑2016‑7199 | 2016‑11‑10 06:59:15 | LOW (3) | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to bypass the Same Origin Policy and obtain sensitive window-state information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑7198 | 2016‑11‑10 06:59:14 | HIGH (8) | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7195. | 0 | 0 | NETWORK |
CVE‑2016‑7196 | 2016‑11‑10 06:59:13 | HIGH (8) | Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑7195 | 2016‑11‑10 06:59:11 | HIGH (8) | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7198. | 0 | 0 | NETWORK |
CVE‑2016‑7194 | 2016‑10‑14 02:59:39 | HIGH (8) | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3386, CVE-2016-3389, and CVE-2016-7190. | 0 | 0 | NETWORK |
CVE‑2016‑7190 | 2016‑10‑14 02:59:37 | HIGH (8) | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3386, CVE-2016-3389, and CVE-2016-7194. | 0 | 0 | NETWORK |
CVE‑2016‑7189 | 2016‑10‑14 02:59:36 | HIGH (9) | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Remote Code Execution Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑7181 | 2016‑12‑20 06:59:00 | HIGH (8) | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑4116 | 2016‑05‑11 11:01:11 | HIGH (8) | Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064. | 0 | 0 | NETWORK |
CVE‑2016‑4115 | 2016‑05‑11 11:01:10 | HIGH (8) | Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064. | 0 | 0 | NETWORK |
CVE‑2016‑4114 | 2016‑05‑11 11:01:09 | HIGH (8) | Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064. | 0 | 0 | NETWORK |
CVE‑2016‑4113 | 2016‑05‑11 11:01:08 | HIGH (8) | Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064. | 0 | 0 | NETWORK |
CVE‑2016‑4112 | 2016‑05‑11 11:01:07 | HIGH (8) | Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064. | 0 | 0 | NETWORK |
CVE‑2016‑4111 | 2016‑05‑11 11:01:05 | HIGH (8) | Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064. | 0 | 0 | NETWORK |
CVE‑2016‑4110 | 2016‑05‑11 11:01:04 | HIGH (8) | Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064. | 0 | 0 | NETWORK |
CVE‑2016‑4109 | 2016‑05‑11 11:01:03 | HIGH (8) | Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064. | 0 | 0 | NETWORK |
CVE‑2016‑4108 | 2016‑05‑11 11:01:02 | HIGH (8) | Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064. | 0 | 0 | NETWORK |
CVE‑2016‑3392 | 2016‑10‑14 02:59:29 | LOW (3) | The Edge Content Security Policy feature in Microsoft Edge does not properly validate documents, which allows remote attackers to bypass intended access restrictions via a crafted web site, aka "Microsoft Browser Security Feature Bypass Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑3391 | 2016‑10‑14 02:59:28 | LOW (3) | Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow context-dependent attackers to discover credentials by leveraging access to a memory dump, aka "Microsoft Browser Information Disclosure Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑3390 | 2016‑10‑14 02:59:27 | HIGH (8) | The scripting engines in Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as demonstrated by the Chakra JavaScript engine, aka "Scripting Engine Memory Corruption Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑3389 | 2016‑10‑14 02:59:26 | HIGH (8) | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3386, CVE-2016-7190, and CVE-2016-7194. | 0 | 0 | NETWORK |
CVE‑2016‑3388 | 2016‑10‑14 02:59:25 | LOW (3) | Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsoft Browser Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3387. | 0 | 0 | NETWORK |
CVE‑2016‑3387 | 2016‑10‑14 02:59:24 | MEDIUM (7) | Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsoft Browser Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3388. | 0 | 0 | NETWORK |
CVE‑2016‑3386 | 2016‑10‑14 02:59:23 | HIGH (9) | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3389, CVE-2016-7190, and CVE-2016-7194. | 0 | 0 | NETWORK |
CVE‑2016‑3382 | 2016‑10‑14 02:59:18 | HIGH (9) | The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as demonstrated by the Chakra JavaScript engine, aka "Scripting Engine Memory Corruption Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑3377 | 2016‑09‑14 10:59:52 | HIGH (8) | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3350. | 0 | 0 | NETWORK |
CVE‑2016‑3374 | 2016‑09‑14 10:59:49 | MEDIUM (4) | The PDF library in Microsoft Edge, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information via a crafted web site, aka "PDF Library Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3370. | 0 | 0 | NETWORK |
CVE‑2016‑3370 | 2016‑09‑14 10:59:45 | MEDIUM (4) | The PDF library in Microsoft Edge, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information via a crafted web site, aka "PDF Library Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3374. | 0 | 0 | NETWORK |
CVE‑2016‑3351 | 2016‑09‑14 10:59:24 | MEDIUM (7) | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." | 3 | 4 | NETWORK |
CVE‑2016‑3350 | 2016‑09‑14 10:59:23 | HIGH (8) | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3377. | 0 | 0 | NETWORK |
CVE‑2016‑3331 | 2016‑10‑14 02:59:15 | HIGH (9) | Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑3330 | 2016‑09‑14 10:59:17 | HIGH (8) | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3294. | 0 | 0 | NETWORK |
CVE‑2016‑3329 | 2016‑08‑09 21:59:33 | LOW (3) | Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to determine the existence of files via a crafted webpage, aka "Internet Explorer Information Disclosure Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑3327 | 2016‑08‑09 21:59:32 | LOW (3) | Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to obtain sensitive information via a crafted web page, aka "Microsoft Browser Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3326. | 0 | 0 | NETWORK |
CVE‑2016‑3326 | 2016‑08‑09 21:59:31 | LOW (3) | Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to obtain sensitive information via a crafted web page, aka "Microsoft Browser Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3327. | 0 | 0 | NETWORK |
CVE‑2016‑3325 | 2016‑09‑14 10:59:16 | LOW (3) | Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑3322 | 2016‑08‑09 21:59:30 | HIGH (8) | Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3289. | 0 | 0 | NETWORK |
CVE‑2016‑3319 | 2016‑08‑09 21:59:26 | HIGH (9) | The PDF library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allows remote attackers to execute arbitrary code via a crafted PDF file, aka "Microsoft PDF Remote Code Execution Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑3297 | 2016‑09‑14 10:59:10 | MEDIUM (7) | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑3296 | 2016‑08‑09 21:59:08 | HIGH (8) | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑3295 | 2016‑09‑14 10:59:09 | MEDIUM (5) | Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑3294 | 2016‑09‑14 10:59:08 | HIGH (8) | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3330. | 0 | 0 | NETWORK |
CVE‑2016‑3293 | 2016‑08‑09 21:59:07 | HIGH (8) | Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑3291 | 2016‑09‑14 10:59:06 | LOW (3) | Microsoft Internet Explorer 11 and Microsoft Edge mishandle cross-origin requests, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑3289 | 2016‑08‑09 21:59:03 | HIGH (8) | Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3322. | 0 | 0 | NETWORK |
CVE‑2016‑3277 | 2016‑07‑13 01:59:31 | LOW (3) | Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑3274 | 2016‑07‑13 01:59:30 | LOW (3) | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to conduct content-spoofing attacks via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑3273 | 2016‑07‑13 01:59:29 | LOW (3) | The XSS Filter in Microsoft Internet Explorer 9 through 11 and Microsoft Edge does not properly restrict JavaScript code, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑3271 | 2016‑07‑13 01:59:26 | MEDIUM (4) | The VBScript engine in Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑3269 | 2016‑07‑13 01:59:25 | HIGH (9) | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3265. | 0 | 0 | NETWORK |
CVE‑2016‑3267 | 2016‑10‑14 02:59:12 | MEDIUM (4) | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the existence of unspecified files via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑3265 | 2016‑07‑13 01:59:24 | HIGH (9) | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3269. | 0 | 0 | NETWORK |
CVE‑2016‑3264 | 2016‑07‑13 01:59:23 | HIGH (8) | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑3260 | 2016‑07‑13 01:59:21 | HIGH (9) | The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑3259 | 2016‑07‑13 01:59:20 | HIGH (9) | The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3248. | 0 | 0 | NETWORK |
CVE‑2016‑3248 | 2016‑07‑13 01:59:10 | HIGH (9) | The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3259. | 0 | 0 | NETWORK |
CVE‑2016‑3247 | 2016‑09‑14 10:59:04 | MEDIUM (5) | Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑3246 | 2016‑07‑13 01:59:09 | HIGH (8) | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑3244 | 2016‑07‑13 01:59:08 | MEDIUM (4) | Microsoft Edge allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Edge Security Feature Bypass." | 0 | 0 | NETWORK |
CVE‑2016‑3222 | 2016‑06‑16 01:59:26 | HIGH (9) | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑3215 | 2016‑06‑16 01:59:20 | MEDIUM (4) | Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 1511, and Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted PDF document, aka "Windows PDF Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3201. | 0 | 0 | NETWORK |
CVE‑2016‑3214 | 2016‑06‑16 01:59:19 | HIGH (9) | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3199. | 0 | 0 | NETWORK |
CVE‑2016‑3203 | 2016‑06‑16 01:59:10 | HIGH (9) | Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allow remote attackers to execute arbitrary code via a crafted PDF document, aka "Windows PDF Remote Code Execution Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑3202 | 2016‑06‑16 01:59:09 | HIGH (8) | The Microsoft (1) Chakra JavaScript, (2) JScript, and (3) VBScript engines, as used in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑3201 | 2016‑06‑16 01:59:08 | MEDIUM (4) | Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted PDF document, aka "Windows PDF Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3215. | 0 | 0 | NETWORK |
CVE‑2016‑3199 | 2016‑06‑16 01:59:07 | HIGH (9) | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3214. | 0 | 0 | NETWORK |
CVE‑2016‑3198 | 2016‑06‑16 01:59:06 | MEDIUM (4) | Microsoft Edge allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via a crafted document, aka "Microsoft Edge Security Feature Bypass." | 0 | 0 | NETWORK |
CVE‑2016‑1110 | 2016‑05‑11 11:00:22 | HIGH (8) | Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064. | 0 | 0 | NETWORK |
CVE‑2016‑1109 | 2016‑05‑11 11:00:21 | HIGH (8) | Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064. | 0 | 0 | NETWORK |
CVE‑2016‑1108 | 2016‑05‑11 11:00:20 | HIGH (8) | Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064. | 0 | 0 | NETWORK |
CVE‑2016‑1107 | 2016‑05‑11 11:00:19 | HIGH (8) | Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064. | 0 | 0 | NETWORK |
CVE‑2016‑1106 | 2016‑05‑11 11:00:18 | HIGH (8) | Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064. | 0 | 0 | NETWORK |
CVE‑2016‑1105 | 2016‑05‑11 11:00:17 | HIGH (8) | Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064. | 0 | 0 | NETWORK |
CVE‑2016‑1104 | 2016‑05‑11 11:00:16 | HIGH (8) | Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064. | 0 | 0 | NETWORK |
CVE‑2016‑1103 | 2016‑05‑11 11:00:15 | HIGH (8) | Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064. | 0 | 0 | NETWORK |
CVE‑2016‑1102 | 2016‑05‑11 11:00:14 | HIGH (8) | Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064. | 0 | 0 | NETWORK |
CVE‑2016‑1101 | 2016‑05‑11 11:00:12 | HIGH (8) | Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064. | 0 | 0 | NETWORK |
CVE‑2016‑1100 | 2016‑05‑11 11:00:11 | HIGH (8) | Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064. | 0 | 0 | NETWORK |
CVE‑2016‑1099 | 2016‑05‑11 11:00:10 | HIGH (8) | Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064. | 0 | 0 | NETWORK |
CVE‑2016‑1098 | 2016‑05‑11 11:00:09 | HIGH (8) | Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064. | 0 | 0 | NETWORK |
CVE‑2016‑1097 | 2016‑05‑11 11:00:08 | HIGH (8) | Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064. | 0 | 0 | NETWORK |
CVE‑2016‑1096 | 2016‑05‑11 11:00:07 | HIGH (8) | Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064. | 0 | 0 | NETWORK |
CVE‑2016‑0193 | 2016‑05‑11 01:59:35 | HIGH (8) | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0186 and CVE-2016-0191. | 0 | 0 | NETWORK |
CVE‑2016‑0192 | 2016‑05‑11 01:59:34 | HIGH (8) | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑0191 | 2016‑05‑11 01:59:33 | HIGH (8) | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0186 and CVE-2016-0193. | 0 | 0 | NETWORK |
CVE‑2016‑0186 | 2016‑05‑11 01:59:27 | HIGH (8) | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0191 and CVE-2016-0193. | 0 | 0 | NETWORK |
CVE‑2016‑0161 | 2016‑04‑12 23:59:25 | MEDIUM (4) | Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Edge Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0158. | 0 | 0 | NETWORK |
CVE‑2016‑0158 | 2016‑04‑12 23:59:22 | MEDIUM (4) | Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Edge Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0161. | 0 | 0 | NETWORK |
CVE‑2016‑0157 | 2016‑04‑12 23:59:21 | HIGH (8) | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0155 and CVE-2016-0156. | 0 | 0 | NETWORK |
CVE‑2016‑0156 | 2016‑04‑12 23:59:20 | HIGH (8) | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0155 and CVE-2016-0157. | 0 | 0 | NETWORK |
CVE‑2016‑0155 | 2016‑04‑12 23:59:19 | HIGH (8) | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0156 and CVE-2016-0157. | 0 | 0 | NETWORK |
CVE‑2016‑0154 | 2016‑04‑12 23:59:18 | HIGH (8) | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑0130 | 2016‑03‑09 11:59:33 | HIGH (8) | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0116, CVE-2016-0123, CVE-2016-0124, and CVE-2016-0129. | 0 | 0 | NETWORK |
CVE‑2016‑0129 | 2016‑03‑09 11:59:32 | HIGH (8) | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0116, CVE-2016-0123, CVE-2016-0124, and CVE-2016-0130. | 0 | 0 | NETWORK |
CVE‑2016‑0125 | 2016‑03‑09 11:59:31 | LOW (3) | Microsoft Edge mishandles the Referer policy, which allows remote attackers to obtain sensitive browser-history and request information via a crafted HTTPS web site, aka "Microsoft Edge Information Disclosure Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑0124 | 2016‑03‑09 11:59:30 | HIGH (8) | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0116, CVE-2016-0123, CVE-2016-0129, and CVE-2016-0130. | 0 | 0 | NETWORK |
CVE‑2016‑0123 | 2016‑03‑09 11:59:29 | HIGH (8) | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0116, CVE-2016-0124, CVE-2016-0129, and CVE-2016-0130. | 0 | 0 | NETWORK |
CVE‑2016‑0116 | 2016‑03‑09 11:59:25 | HIGH (8) | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0123, CVE-2016-0124, CVE-2016-0129, and CVE-2016-0130. | 0 | 0 | NETWORK |
CVE‑2016‑0111 | 2016‑03‑09 11:59:21 | HIGH (8) | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0105, CVE-2016-0107, CVE-2016-0112, and CVE-2016-0113. | 0 | 0 | NETWORK |
CVE‑2016‑0110 | 2016‑03‑09 11:59:20 | HIGH (8) | Microsoft Internet Explorer 10 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑0109 | 2016‑03‑09 11:59:19 | HIGH (8) | Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0102, CVE-2016-0103, CVE-2016-0106, CVE-2016-0108, and CVE-2016-0114. | 0 | 0 | NETWORK |
CVE‑2016‑0105 | 2016‑03‑09 11:59:15 | HIGH (8) | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0107, CVE-2016-0111, CVE-2016-0112, and CVE-2016-0113. | 0 | 0 | NETWORK |
CVE‑2016‑0102 | 2016‑03‑09 11:59:13 | HIGH (8) | Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0103, CVE-2016-0106, CVE-2016-0108, CVE-2016-0109, and CVE-2016-0114. | 0 | 0 | NETWORK |
CVE‑2016‑0084 | 2016‑02‑10 11:59:34 | HIGH (9) | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑0080 | 2016‑02‑10 11:59:33 | MEDIUM (4) | Microsoft Edge mishandles exceptions during window-message dispatch operations, which allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Edge ASLR Bypass." | 0 | 0 | NETWORK |
CVE‑2016‑0077 | 2016‑02‑10 11:59:32 | MEDIUM (4) | Microsoft Internet Explorer 9 through 11 and Microsoft Edge misparse HTTP responses, which allows remote attackers to spoof web sites via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑0062 | 2016‑02‑10 11:59:26 | HIGH (9) | Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑0061 | 2016‑02‑10 11:59:25 | HIGH (9) | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0060, CVE-2016-0063, CVE-2016-0067, and CVE-2016-0072. | 0 | 0 | NETWORK |
CVE‑2016‑0060 | 2016‑02‑10 11:59:24 | HIGH (9) | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0061, CVE-2016-0063, CVE-2016-0067, and CVE-2016-0072. | 0 | 0 | NETWORK |
CVE‑2016‑0024 | 2016‑01‑13 05:59:18 | HIGH (9) | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via unspecified vectors, aka "Scripting Engine Memory Corruption Vulnerability." | 0 | 0 | NETWORK |
CVE‑2016‑0003 | 2016‑01‑13 05:59:03 | HIGH (9) | Microsoft Edge allows remote attackers to execute arbitrary code via unspecified vectors, aka "Microsoft Edge Memory Corruption Vulnerability." | 0 | 0 | NETWORK |
CVE‑2015‑6176 | 2015‑12‑09 11:59:57 | MEDIUM (4) | Microsoft Edge mishandles HTML attributes in HTTP responses, which allows remote attackers to bypass a cross-site scripting (XSS) protection mechanism via unspecified vectors, aka "Microsoft Edge XSS Filter Bypass Vulnerability." | 0 | 0 | NETWORK |
CVE‑2015‑6170 | 2015‑12‑09 11:59:52 | MEDIUM (7) | Microsoft Edge allows remote attackers to gain privileges via a crafted web site, aka "Microsoft Browser Elevation of Privilege Vulnerability." | 0 | 0 | NETWORK |
CVE‑2015‑6169 | 2015‑12‑09 11:59:51 | MEDIUM (4) | Microsoft Edge misparses HTTP responses, which allows remote attackers to redirect users to arbitrary web sites via unspecified vectors, aka "Microsoft Edge Spoofing Vulnerability." | 0 | 0 | NETWORK |
CVE‑2015‑6168 | 2015‑12‑09 11:59:50 | HIGH (9) | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6153. | 0 | 0 | NETWORK |
CVE‑2015‑6159 | 2015‑12‑09 11:59:43 | HIGH (9) | Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6140, CVE-2015-6142, CVE-2015-6143, CVE-2015-6153, CVE-2015-6158, and CVE-2015-6160. | 0 | 0 | NETWORK |
CVE‑2015‑6158 | 2015‑12‑09 11:59:42 | HIGH (9) | Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6140, CVE-2015-6142, CVE-2015-6143, CVE-2015-6153, CVE-2015-6159, and CVE-2015-6160. | 0 | 0 | NETWORK |
CVE‑2015‑6155 | 2015‑12‑09 11:59:39 | HIGH (9) | Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." | 0 | 0 | NETWORK |
CVE‑2015‑6154 | 2015‑12‑09 11:59:38 | HIGH (9) | Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6150. | 0 | 0 | NETWORK |
CVE‑2015‑6153 | 2015‑12‑09 11:59:37 | HIGH (9) | Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6140, CVE-2015-6142, CVE-2015-6143, CVE-2015-6158, CVE-2015-6159, and CVE-2015-6160. | 0 | 0 | NETWORK |
CVE‑2015‑6151 | 2015‑12‑09 11:59:35 | HIGH (9) | Microsoft Internet Explorer 8 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6083. | 0 | 0 | NETWORK |
CVE‑2015‑6142 | 2015‑12‑09 11:59:26 | HIGH (9) | Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6140, CVE-2015-6143, CVE-2015-6153, CVE-2015-6158, CVE-2015-6159, and CVE-2015-6160. | 0 | 0 | NETWORK |
CVE‑2015‑6140 | 2015‑12‑09 11:59:24 | HIGH (9) | Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6142, CVE-2015-6143, CVE-2015-6153, CVE-2015-6158, CVE-2015-6159, and CVE-2015-6160. | 0 | 0 | NETWORK |
CVE‑2015‑6139 | 2015‑12‑09 11:59:23 | HIGH (9) | Microsoft Internet Explorer 11 and Microsoft Edge mishandle content types, which allows remote attackers to execute arbitrary web script in a privileged context via a crafted web site, aka "Microsoft Browser Elevation of Privilege Vulnerability." | 0 | 0 | NETWORK |
CVE‑2015‑6088 | 2015‑11‑11 12:59:29 | MEDIUM (4) | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Browser ASLR Bypass." | 0 | 0 | NETWORK |
CVE‑2015‑6078 | 2015‑11‑11 12:59:20 | HIGH (9) | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6065. | 0 | 0 | NETWORK |
CVE‑2015‑6073 | 2015‑11‑11 12:59:15 | HIGH (9) | Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6068, CVE-2015-6072, CVE-2015-6075, CVE-2015-6077, CVE-2015-6079, CVE-2015-6080, and CVE-2015-6082. | 0 | 0 | NETWORK |
CVE‑2015‑6064 | 2015‑11‑11 11:59:35 | HIGH (9) | Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6084 and CVE-2015-6085. | 0 | 0 | NETWORK |
CVE‑2015‑6058 | 2015‑10‑14 01:59:29 | MEDIUM (4) | Microsoft Edge mishandles HTML attributes in HTTP responses, which allows remote attackers to bypass a cross-site scripting (XSS) protection mechanism via unspecified vectors, aka "Microsoft Edge XSS Filter Bypass." | 0 | 0 | NETWORK |
CVE‑2015‑6057 | 2015‑10‑14 01:59:28 | MEDIUM (5) | Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." | 0 | 0 | NETWORK |
CVE‑2015‑2542 | 2015‑09‑09 00:59:49 | HIGH (9) | Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability." | 0 | 0 | NETWORK |
CVE‑2015‑2494 | 2015‑09‑09 00:59:12 | HIGH (9) | Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2486, CVE-2015-2487, CVE-2015-2490, CVE-2015-2492, CVE-2015-2498, and CVE-2015-2499. | 0 | 0 | NETWORK |
CVE‑2015‑2486 | 2015‑09‑09 00:59:05 | HIGH (9) | Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2487, CVE-2015-2490, CVE-2015-2492, CVE-2015-2494, CVE-2015-2498, and CVE-2015-2499. | 0 | 0 | NETWORK |
CVE‑2015‑2485 | 2015‑09‑09 00:59:04 | HIGH (9) | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2491 and CVE-2015-2541. | 0 | 0 | NETWORK |
CVE‑2015‑2449 | 2015‑08‑14 10:59:09 | MEDIUM (4) | Microsoft Internet Explorer 7 through 11 and Edge allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "ASLR Bypass." | 0 | 0 | NETWORK |
CVE‑2015‑2446 | 2015‑08‑14 10:59:06 | HIGH (9) | Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2447. | 0 | 0 | NETWORK |
CVE‑2015‑2442 | 2015‑08‑14 10:59:01 | HIGH (9) | Microsoft Internet Explorer 8 through 11 and Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2444. | 0 | 0 | NETWORK |
CVE‑2015‑2441 | 2015‑08‑14 10:59:00 | HIGH (9) | Microsoft Internet Explorer 7 through 11 and Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2452. | 0 | 0 | NETWORK |
CVE‑2015‑0313 | 2015‑02‑02 19:59:00 | CRITICAL (10) | Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2015, a different vulnerability than CVE-2015-0315, CVE-2015-0320, and CVE-2015-0322. | 4 | 6 | NETWORK |
CVE‑2015‑0311 | 2015‑01‑23 21:59:05 | CRITICAL (10) | Unspecified vulnerability in Adobe Flash Player through 13.0.0.262 and 14.x, 15.x, and 16.x through 16.0.0.287 on Windows and OS X and through 11.2.202.438 on Linux allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in January 2015. | 4 | 6 | NETWORK |
Patch more applications, achieve compliance, and prevent problems while reducing stress with Lavawall®.
A security tool by security auditors. From Passkeys and Argon2i to source validation and MVSP principles, Lavawall® has you covered.
More features and more security added nearly every day.
While Ninite and other patching tools have had the same patch offerings for decades, we're monitoring stats to keep adding the most useful prorgams.
From wrapping TLS communications in extra encryption and uninstalling remote support tools when they aren't used to detailed statistical analysis of system and network performance, Lavawall® goes in-depth.
Lavawall® goes beyond patches and breach detection. We also monitor for risky Chromium extensions and allowed notifications that might be part of a phishing or ransomware attack.
Extend the security features of Cloudflare, Microsoft, Google, Sophos, and other cloud providers to create a Lavawall® of protection
Even if you used breached remote management tools like ScreenConnect through Lavawall® when it was vulnerable, your computers stayed safe because we only install the agent when it needs to be used.
Easily deploy, monitor, and analyze security tools like Huntress, AutoElevate, and Sophos. Magically gain details from ZenDesk, ConnectWise, Datto, Panorama9, Microsoft, and Google.
Get immediate fixes, user notifications, admin notifications -- and even security-certified human level 3 support when our advanced statistical analysis confirms a problem or anomaly.
2024‑12‑02 | 0.12.19.206 | test commit |
2024‑11‑22 | 0.12.18.205 | |
2024‑10‑30 | 0.12.8.195 | Mac update refinements |
2024‑10‑25 | 0.12.3.190 | |
2024‑10‑21 | 0.12.0.187 | Macos implementaiton, linux and windows improvements |
2024‑10‑16 | 0.11.128.186 | Linux stats and system information improvements, improvements for application shutdown |
2024‑09‑12 | 0.11.113.171 | CPU Optimizations and Packages reliability improvements |
2024‑09‑05 | 0.11.106.164 | Phased deployment enhancements |
2024‑09‑04 | 0.11.103.161 | |
2024‑09‑02 | 0.11.102.160 | CPU Optimizations and Packages reliability improvements |
2024‑08‑30 | 0.11.99.157 | CPU Optimizations and Packages reliability improvements |
2024‑08‑29 | 0.11.98.156 | CPU utilization and console event optimization |
2024‑08‑28 | 0.11.97.155 | Reliability to detect unusual updates like redistributables. |
2024‑08‑27 | 0.11.96.154 | |
2024‑08‑26 | 0.11.95.153 | Faster response for reboot requests |
2024‑08‑20 | 0.11.92.150 | Additional package upgrade pre-requisites |
2024‑08‑15 | 0.11.89.147 | |
2024‑08‑06 | 0.11.87.145 | |
2024‑07‑26 | 0.11.83.141 | Add resiliency for MAC duplicates and uptime |
2024‑07‑25 | 0.11.82.140 | Changes to facilitate cross-platform use. Bitlocker and Windows key refinements |
2024‑07‑15 | 0.11.80.138 | Antivirus and temperature added to configuration checks |
2024‑07‑15 | 0.11.79.137 | Add configuration checks for execution policy and secure boot |
2024‑07‑11 | 0.11.77.135 | load balancing refinements |
2024‑07‑10 | 0.11.76.134 | Add additional load balancing and data residency capabilities, add randomness to recurring task timings to decrease server load |
2024‑07‑05 | 0.11.74.132 | changes to graph and residual work on user imporsonation |
2024‑07‑04 | 0.11.73.131 | Add configuration checks for execution policy and secure boot. |
2024‑07‑03 | 0.11.72.130 | Enhanced event log monitoring |
2024‑07‑02 | 0.11.71.129 | Add details to Windows updates, enhanced risk metrics for application patches |
2024‑06‑19 | 0.11.65.123 | Update resiliancy and garbage collection |
2024‑06‑13 | 0.11.60.118 | Enhanced logging |
2024‑06‑12 | 0.11.55.113 | Include the primary drive serial number; MAC addresses for built-in wireless, Bluetooth, and ethernet into the device hash to restore uninstalled and reinstalled devices in cases where the motherboard serial is not unique |
2024‑06‑07 | 0.11.54.112 | Patch and package uninstall data addition |
2024‑06‑05 | 0.11.47.105 | refine per-user registry application listing |
2024‑06‑02 | 0.11.45.103 | uninstall and reinstall refinements, refine local logging, refine self-update and uninstall timing |
2024‑05‑30 | 0.11.21.79 | various bug fixes and improvements |
2024‑05‑28 | 0.11.16.74 | Error logging, registration, and uninstall improvements. |
2024‑05‑24 | 0.11.14.72 | applied changes for devices and login commands, changes for registration as well |
2024‑05‑22 | 0.11.13.71 | Add Windows computer model, improve Operating System parsing |
2024‑05‑21 | 0.11.11.69 | Added additional states for Windows update, flexibility for non-standard program file configurations, support for network diagrams at the switch level, details for Windows editions |
2024‑05‑21 | 0.11.10.68 | Add specific cases for Defender patterns and Composer versions. |
2024‑05‑17 | 0.11.3.61 | Change Log storage location to c:\program files\Lavawall |
2024‑05‑17 | 0.11.1.59 | self-update improvements. |
2024‑05‑16 | 0.8.0.55 | error log reporting and management. |
2024‑05‑15 | 0.7.0.54 | Websocket resiliency improvements |
2024‑05‑09 | 0.6.0.53 | Error log reporting and management. |
2024‑05‑01 | 0.5.44.52 | Even more improvements to scheduler |
2024‑04‑24 | 0.5.41.49 | Install compatibility with Sandbox |
2024‑04‑22 | 0.5.21.29 | Project property changes to enable automated compilation with new features. |
2024‑04‑20 | 0.5.20.28 | Add motherboard serial number and company reassignment |
2024‑04‑11 | 0.5.4.12 | Automate release notes as part of build process |
2024‑05‑20 | 253 | Added cleanup of old .json files during a re-install |
2024‑05‑13 | 252 | Added apt-get update to install |
2024‑05‑06 | 248 | Allow restart to use /var/run/reboot-required if needrestart is not installed |
2024‑04‑22 | 239 | Improve internal update and version tracking |
2024‑04‑15 | 235 | Add support for Yum packages |
2024‑04‑08 | 233 | Align patching with Windows patch reporting |
2024‑04‑02 | 228 | Add support for needrestart |
2024‑03‑04 | 224 | Schedule restarts |
2024‑03‑25 | 221 | Add support for apt packages |
2024‑03‑18 | 212 | Implement release management |
2024‑03‑11 | 202 | Add user login monitoring |
2024‑03‑04 | 189 | Enhance installation reliability |
2024‑02‑26 | 187 | Exapand triggers to identify if the instance needs to be restarted |
2024‑02‑19 | 146 | Improve compatibility for non-AWS instances |
2024‑02‑14 | 138 | Add self-uninstall capabilities |
2024‑02‑12 | 135 | Enhance scheduling flexibility |
2024‑02‑07 | 132 | Add kernel version tracking |
2024‑02‑05 | 124 | Add device hash to cryptographic self-update script validation |
2024‑01‑29 | 107 | Enhance encryption of patch data |
2024‑01‑22 | 98 | Improve how available storage is calculated |
2024‑01‑15 | 97 | Move initial tasks from installation file to sub scripts |
2024‑05‑21 | 91 | Improve multi-distribution compatibility |
2024‑05‑21 | 79 | Improve encryption reliability |
2023‑12‑11 | 68 | Enhance cryptographic validation of new scripts before updating |
2023‑11‑20 | 62 | Add inner layer of AES encryption in case TLS inspection doesn't allow for a secure connection |
2023‑11‑27 | 56 | Additional base cases for resiliancy |
2023‑11‑20 | 54 | Additional headers added to authentication process during installation. |
2023‑11‑20 | 53 | Enhanced key management |
2023‑11‑15 | 51 | Add insecure installation parameter to allow installation in environments with TLS inspection or other machine-in-the-middle situations. |
2023‑11‑06 | 42 | Enhance redundant encryption during installation. |
2023‑10‑30 | 33 | Improve install-over compatibility |
2023‑10‑23 | 18 | Add reboot configuration and scheduling |
2023‑10‑23 | 17 | Add self-updating functionality. |
2023‑10‑16 | 15 | Add Linux patching information for apt |
2023‑10‑09 | 14 | Collect system information |
2023‑10‑09 | 13 | Add Linux distribution information |
2023‑09‑30 | 12 | Add memory monitoring |
2023‑09‑30 | 10 | Add hardware information |
2023‑09‑23 | 9 | Add AWS information |
2023‑09‑23 | 8 | Add customized schedule capability for configuration updates |
2023‑09‑23 | 7 | Add support for package monitoring using package and dpkg logs |
2023‑09‑16 | 6 | Add storage data configuration gathering |
2023‑09‑16 | 5 | Add CPU information |
Lavawall® is under active development with the latest release on
Interfaces
Monitored Applications
System Metrics
Lavawall® prevents the 80% of breaches and failed audits due to missing patches and updates.
You can reduce application patching delays from 67 days to nearly immediate with the 350+ applications that Lavawall® monitors and patches.
You need to get your arms around compliance and security and don't want to get locked into “high watermark” monthly invoices or multi-year contracts.
Pay-as-you-need monthly pricing
DIY, full management, and coaching options
CMMI, PCI, SOC2, Canadian Cybersecurity, Minimum Viable Secure Product, and other compliance support
Simple pricing. No hidden fees. Advanced features for you business.
Security-focused RMM
Unlimited end-user support
Improve your IT performance
If you can not find answer to your question in our FAQ, you can always contact us or email us. We will answer you shortly!
Have a quick question and don't want to talk? Send us a quick note with the form below and we'll reply within one business day.