Microsoft Edge
Update Microsoft Edge to version 131.0.2903.51

What patches are you missing?



CVE Vulnerabilities for Microsoft Edge

CVEPublishedSeverityDetailsExploitability Impact Vector
CVE‑2024‑79652024‑08‑21 21:15:09HIGH (9)Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)36NETWORK
CVE‑2024‑490232024‑10‑18 01:15:41MEDIUM (5)Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability24NETWORK
CVE‑2024‑435962024‑10‑17 23:15:17HIGH (9)Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability36NETWORK
CVE‑2024‑435952024‑10‑17 23:15:16HIGH (9)Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability36NETWORK
CVE‑2024‑435872024‑10‑17 23:15:16HIGH (8)Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability26NETWORK
CVE‑2024‑435802024‑10‑17 23:15:16MEDIUM (5)Microsoft Edge (Chromium-based) Spoofing Vulnerability33NETWORK
CVE‑2024‑435792024‑10‑17 23:15:16HIGH (8)Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability36NETWORK
CVE‑2024‑435782024‑10‑17 23:15:15HIGH (8)Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability36NETWORK
CVE‑2024‑435662024‑10‑17 23:15:15CRITICAL (10)Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability46NETWORK
CVE‑2024‑434962024‑09‑19 21:15:16HIGH (9)Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability36NETWORK
CVE‑2024‑434892024‑09‑19 21:15:16HIGH (9)Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability36NETWORK
CVE‑2024‑434722024‑08‑16 20:15:14HIGH (8)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability26NETWORK
CVE‑2024‑382222024‑09‑12 03:15:03MEDIUM (7)Microsoft Edge (Chromium-based) Information Disclosure Vulnerability34NETWORK
CVE‑2024‑382212024‑09‑19 21:15:14MEDIUM (4)Microsoft Edge (Chromium-based) Spoofing Vulnerability31NETWORK
CVE‑2024‑382192024‑08‑12 13:38:24CRITICAL (9)Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability26NETWORK
CVE‑2024‑382102024‑08‑22 23:15:08HIGH (8)Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability26LOCAL
CVE‑2024‑382092024‑08‑22 23:15:08HIGH (8)Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability26LOCAL
CVE‑2024‑382082024‑08‑22 23:15:08MEDIUM (6)Microsoft Edge for Android Spoofing Vulnerability33NETWORK
CVE‑2024‑382072024‑08‑23 23:15:08MEDIUM (6)Microsoft Edge (HTML-based) Memory Corruption Vulnerability33NETWORK
CVE‑2024‑381032024‑07‑25 22:15:08MEDIUM (6)Microsoft Edge (Chromium-based) Information Disclosure Vulnerability24NETWORK
CVE‑2024‑380932024‑06‑20 20:15:19MEDIUM (4)Microsoft Edge (Chromium-based) Spoofing Vulnerability31NETWORK
CVE‑2024‑380832024‑06‑13 20:15:15MEDIUM (4)Microsoft Edge (Chromium-based) Spoofing Vulnerability31NETWORK
CVE‑2024‑380822024‑06‑20 20:15:18MEDIUM (5)Microsoft Edge (Chromium-based) Spoofing Vulnerability31NETWORK
CVE‑2024‑300572024‑06‑13 20:15:12MEDIUM (5)Microsoft Edge for iOS Spoofing Vulnerability33NETWORK
CVE‑2024‑290572024‑03‑22 22:15:50MEDIUM (4)Microsoft Edge (Chromium-based) Spoofing Vulnerability31NETWORK
CVE‑2024‑262472024‑03‑22 22:15:50MEDIUM (5)Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability31NETWORK
CVE‑2024‑262462024‑03‑14 23:15:46LOW (4)Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability04PHYSICAL
CVE‑2024‑261962024‑03‑21 02:52:17MEDIUM (4)Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability31NETWORK
CVE‑2024‑261632024‑03‑14 23:15:46MEDIUM (5)Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability31NETWORK
CVE‑2024‑213992024‑02‑02 01:15:09HIGH (8)Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability26NETWORK
CVE‑2024‑213882024‑01‑30 18:15:48MEDIUM (7)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability24NETWORK
CVE‑2024‑213872024‑01‑26 01:15:11MEDIUM (5)Microsoft Edge for Android Spoofing Vulnerability41NETWORK
CVE‑2024‑213852024‑01‑26 01:15:11HIGH (8)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability26NETWORK
CVE‑2024‑213832024‑01‑26 01:15:10LOW (3)Microsoft Edge (Chromium-based) Spoofing Vulnerability21LOCAL
CVE‑2024‑213822024‑01‑26 01:15:10MEDIUM (4)Microsoft Edge for Android Information Disclosure Vulnerability31NETWORK
CVE‑2024‑213372024‑01‑11 22:15:47MEDIUM (5)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability14LOCAL
CVE‑2024‑213362024‑01‑26 18:15:12LOW (3)Microsoft Edge (Chromium-based) Spoofing Vulnerability11LOCAL
CVE‑2024‑213262024‑01‑26 01:15:10CRITICAL (10)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability36NETWORK
CVE‑2024‑206752024‑01‑11 21:15:13MEDIUM (6)Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability33NETWORK
CVE‑2023‑67022023‑12‑14 22:15:44HIGH (9)Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)36NETWORK
CVE‑2023‑63452023‑11‑29 12:15:07CRITICAL (10)Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High)36NETWORK
CVE‑2023‑52172023‑09‑28 16:15:11HIGH (9)Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)36NETWORK
CVE‑2023‑48632023‑09‑12 15:15:24HIGH (9)Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)36NETWORK
CVE‑2023‑47622023‑09‑05 22:15:10HIGH (9)Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)36NETWORK
CVE‑2023‑443232023‑10‑30 15:15:41MEDIUM (6)Adobe Acrobat for Edge version 118.0.2088.46 (and earlier) is affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.24LOCAL
CVE‑2023‑381872023‑07‑21 18:15:10MEDIUM (7)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability24NETWORK
CVE‑2023‑381742023‑12‑07 21:15:08MEDIUM (4)Microsoft Edge (Chromium-based) Information Disclosure Vulnerability31NETWORK
CVE‑2023‑381732023‑07‑21 18:15:10MEDIUM (4)Microsoft Edge for Android Spoofing Vulnerability31NETWORK
CVE‑2023‑381582023‑08‑21 20:15:09LOW (3)Microsoft Edge (Chromium-based) Information Disclosure Vulnerability21NETWORK
CVE‑2023‑381572023‑08‑07 18:15:10MEDIUM (7)Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability34NETWORK
CVE‑2023‑368882023‑07‑14 18:15:11MEDIUM (6)Microsoft Edge for Android (Chromium-based) Tampering Vulnerability33NETWORK
CVE‑2023‑368872023‑07‑14 18:15:11HIGH (8)Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability26LOCAL
CVE‑2023‑368832023‑07‑14 18:15:11MEDIUM (4)Microsoft Edge for iOS Spoofing Vulnerability31NETWORK
CVE‑2023‑368802023‑12‑07 21:15:08MEDIUM (5)Microsoft Edge (Chromium-based) Information Disclosure Vulnerability23NETWORK
CVE‑2023‑368782023‑12‑15 01:15:08MEDIUM (4)Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability31NETWORK
CVE‑2023‑367872023‑08‑21 20:15:09HIGH (9)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability36NETWORK
CVE‑2023‑367412023‑08‑26 01:15:08HIGH (8)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability26NETWORK
CVE‑2023‑367352023‑09‑15 22:15:14CRITICAL (10)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability36NETWORK
CVE‑2023‑367272023‑09‑15 22:15:14MEDIUM (6)Microsoft Edge (Chromium-based) Spoofing Vulnerability33NETWORK
CVE‑2023‑365622023‑09‑15 22:15:13HIGH (7)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability34NETWORK
CVE‑2023‑365592023‑10‑13 21:15:52MEDIUM (4)Microsoft Edge (Chromium-based) Spoofing Vulnerability23NETWORK
CVE‑2023‑364092023‑11‑07 00:15:08MEDIUM (7)Microsoft Edge (Chromium-based) Information Disclosure Vulnerability43NETWORK
CVE‑2023‑360342023‑11‑03 01:15:08HIGH (7)Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability26LOCAL
CVE‑2023‑360292023‑11‑03 01:15:08MEDIUM (4)Microsoft Edge (Chromium-based) Spoofing Vulnerability31NETWORK
CVE‑2023‑360272023‑11‑10 20:15:07MEDIUM (6)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability33NETWORK
CVE‑2023‑360262023‑11‑16 20:15:28MEDIUM (4)Microsoft Edge (Chromium-based) Spoofing Vulnerability31NETWORK
CVE‑2023‑360242023‑11‑10 00:15:09HIGH (7)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability34NETWORK
CVE‑2023‑360222023‑11‑03 01:15:08MEDIUM (7)Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability25LOCAL
CVE‑2023‑360142023‑11‑10 00:15:09HIGH (7)Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability26LOCAL
CVE‑2023‑360082023‑11‑16 20:15:28MEDIUM (7)Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability25LOCAL
CVE‑2023‑356182023‑12‑07 21:15:07CRITICAL (10)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability36NETWORK
CVE‑2023‑353922023‑07‑21 18:15:10MEDIUM (5)Microsoft Edge (Chromium-based) Spoofing Vulnerability31NETWORK
CVE‑2023‑331452023‑06‑14 00:15:13MEDIUM (7)Microsoft Edge (Chromium-based) Information Disclosure Vulnerability34NETWORK
CVE‑2023‑331432023‑06‑03 01:15:37HIGH (8)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability25NETWORK
CVE‑2023‑293542023‑05‑05 23:15:09MEDIUM (5)Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability31NETWORK
CVE‑2023‑293502023‑05‑05 23:15:09HIGH (8)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability26NETWORK
CVE‑2023‑293452023‑06‑07 18:15:10MEDIUM (6)Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability33NETWORK
CVE‑2023‑293342023‑04‑28 18:15:26MEDIUM (4)Microsoft Edge (Chromium-based) Spoofing Vulnerability31NETWORK
CVE‑2023‑283012023‑04‑11 21:15:28LOW (4)Microsoft Edge (Chromium-based) Tampering Vulnerability21NETWORK
CVE‑2023‑282862023‑04‑27 19:15:20MEDIUM (6)Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability33NETWORK
CVE‑2023‑282842023‑04‑11 21:15:27MEDIUM (4)Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability31NETWORK
CVE‑2023‑282612023‑04‑27 19:15:20MEDIUM (6)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability14LOCAL
CVE‑2023‑249352023‑04‑11 21:15:21MEDIUM (6)Microsoft Edge (Chromium-based) Spoofing Vulnerability33NETWORK
CVE‑2023‑248922023‑03‑14 17:15:18HIGH (8)Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability35NETWORK
CVE‑2023‑233742023‑02‑14 20:15:17HIGH (8)Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability26NETWORK
CVE‑2023‑217962023‑01‑24 00:15:11HIGH (8)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability26NETWORK
CVE‑2023‑217952023‑01‑24 00:15:11HIGH (8)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability26NETWORK
CVE‑2023‑217942023‑02‑14 20:15:15MEDIUM (4)Microsoft Edge (Chromium-based) Spoofing Vulnerability31NETWORK
CVE‑2023‑217752023‑01‑24 00:15:11HIGH (8)Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability26NETWORK
CVE‑2023‑217202023‑02‑14 20:15:15MEDIUM (5)Microsoft Edge (Chromium-based) Tampering Vulnerability24NETWORK
CVE‑2023‑217192023‑01‑24 00:15:10MEDIUM (7)Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability34NETWORK
CVE‑2022‑447082022‑12‑13 19:15:15HIGH (8)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability26NETWORK
CVE‑2022‑446882022‑12‑13 19:15:14MEDIUM (4)Microsoft Edge (Chromium-based) Spoofing Vulnerability31NETWORK
CVE‑2022‑41352022‑11‑25 01:15:10CRITICAL (10)Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)36NETWORK
CVE‑2022‑411152022‑12‑13 19:15:12MEDIUM (7)Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability16NETWORK
CVE‑2022‑410352022‑10‑11 19:15:21MEDIUM (5)Microsoft Edge (Chromium-based) Spoofing Vulnerability24NETWORK
CVE‑2022‑380122022‑09‑13 19:15:13HIGH (8)Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability16LOCAL
CVE‑2022‑357962022‑08‑09 20:15:14HIGH (8)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability26NETWORK
CVE‑2022‑336802022‑07‑07 20:15:08HIGH (8)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability26NETWORK
CVE‑2022‑336492022‑08‑09 20:15:10CRITICAL (10)Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability36NETWORK
CVE‑2022‑336392022‑06‑29 17:15:08HIGH (8)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability26NETWORK
CVE‑2022‑336382022‑06‑29 17:15:08HIGH (8)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability26NETWORK
CVE‑2022‑336362022‑08‑09 20:15:10HIGH (8)Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability26NETWORK
CVE‑2022‑301922022‑06‑29 17:15:08HIGH (8)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability26NETWORK
CVE‑2022‑301282022‑06‑01 20:15:08HIGH (8)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability26NETWORK
CVE‑2022‑301272022‑06‑01 20:15:08HIGH (8)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability26NETWORK
CVE‑2022‑291472023‑06‑29 01:15:50LOW (3)Microsoft Edge (Chromium-based) Spoofing Vulnerability21NETWORK
CVE‑2022‑291462023‑06‑29 01:15:50HIGH (8)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability26NETWORK
CVE‑2022‑291442023‑06‑29 01:15:50HIGH (8)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability26NETWORK
CVE‑2022‑269122022‑04‑05 20:15:09HIGH (8)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability26NETWORK
CVE‑2022‑269092022‑04‑05 20:15:09HIGH (8)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability26NETWORK
CVE‑2022‑269082022‑04‑05 20:15:09HIGH (8)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability26NETWORK
CVE‑2022‑269052022‑06‑01 20:15:08MEDIUM (4)Microsoft Edge (Chromium-based) Spoofing Vulnerability31NETWORK
CVE‑2022‑269002022‑04‑05 20:15:09HIGH (8)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability26NETWORK
CVE‑2022‑268992023‑06‑29 02:15:16HIGH (9)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability36NETWORK
CVE‑2022‑268952022‑04‑05 20:15:09HIGH (8)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability26NETWORK
CVE‑2022‑268942022‑04‑05 20:15:09HIGH (8)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability26NETWORK
CVE‑2022‑268912022‑04‑05 20:15:09HIGH (8)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability26NETWORK
CVE‑2022‑245232022‑04‑05 20:15:09MEDIUM (4)Microsoft Edge (Chromium-based) Spoofing Vulnerability31NETWORK
CVE‑2022‑244752022‑04‑05 20:15:09HIGH (8)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability26NETWORK
CVE‑2022‑232642023‑06‑29 05:15:13MEDIUM (5)Microsoft Edge (Chromium-based) Spoofing Vulnerability31NETWORK
CVE‑2022‑232632022‑02‑07 17:15:13HIGH (8)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability16LOCAL
CVE‑2022‑232622022‑02‑07 17:15:13MEDIUM (6)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability33NETWORK
CVE‑2022‑232612022‑02‑07 17:15:13MEDIUM (5)Microsoft Edge (Chromium-based) Tampering Vulnerability41NETWORK
CVE‑2022‑232582022‑01‑25 22:15:08MEDIUM (4)Microsoft Edge for Android Spoofing Vulnerability31NETWORK
CVE‑2022‑220212022‑06‑15 22:15:13HIGH (8)Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability26NETWORK
CVE‑2022‑219702022‑01‑11 21:15:15MEDIUM (6)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability15LOCAL
CVE‑2022‑219542022‑01‑11 21:15:14MEDIUM (6)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability33NETWORK
CVE‑2022‑219312022‑01‑11 21:15:14MEDIUM (4)Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability23NETWORK
CVE‑2022‑219302022‑01‑11 21:15:14MEDIUM (4)Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability23NETWORK
CVE‑2022‑219292022‑01‑11 21:15:14LOW (3)Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability11LOCAL
CVE‑2021‑432212021‑11‑24 01:15:09MEDIUM (4)Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability23NETWORK
CVE‑2021‑423082021‑11‑24 01:15:08LOW (3)Microsoft Edge (Chromium-based) Spoofing Vulnerability21NETWORK
CVE‑2021‑423072023‑07‑01 00:15:10MEDIUM (4)Microsoft Edge (Chromium-based) Information Disclosure Vulnerability31NETWORK
CVE‑2021‑413512021‑11‑10 01:19:29MEDIUM (4)Microsoft Edge (Chrome based) Spoofing on IE Mode31NETWORK
CVE‑2021‑386692021‑09‑15 12:15:16MEDIUM (6)Microsoft Edge (Chromium-based) Tampering Vulnerability33NETWORK
CVE‑2021‑386422021‑09‑02 23:15:07MEDIUM (6)Microsoft Edge for iOS Spoofing Vulnerability33NETWORK
CVE‑2021‑386412021‑09‑02 23:15:07MEDIUM (6)Microsoft Edge for Android Spoofing Vulnerability33NETWORK
CVE‑2021‑369312021‑08‑26 18:15:09MEDIUM (4)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability23LOCAL
CVE‑2021‑369302021‑09‑02 23:15:07MEDIUM (5)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability23LOCAL
CVE‑2021‑369292021‑08‑26 18:15:09MEDIUM (6)Microsoft Edge (Chromium-based) Information Disclosure Vulnerability24LOCAL
CVE‑2021‑369282021‑08‑26 18:15:09MEDIUM (6)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability15LOCAL
CVE‑2021‑345062023‑07‑01 00:15:10MEDIUM (6)Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability33NETWORK
CVE‑2021‑344752023‑07‑01 00:15:10MEDIUM (5)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability33NETWORK
CVE‑2021‑337412021‑06‑08 23:15:10HIGH (8)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability35NETWORK
CVE‑2021‑319822023‑07‑01 00:15:10HIGH (9)Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability36NETWORK
CVE‑2021‑319372023‑06‑28 18:15:12HIGH (8)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability35NETWORK
CVE‑2021‑264392021‑09‑02 23:15:07MEDIUM (5)Microsoft Edge for Android Information Disclosure Vulnerability14PHYSICAL
CVE‑2021‑264362021‑09‑02 23:15:07MEDIUM (6)Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability33NETWORK
CVE‑2021‑241132021‑02‑25 23:15:17MEDIUM (5)Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability33NETWORK
CVE‑2021‑241002021‑02‑25 23:15:16MEDIUM (5)Microsoft Edge for Android Information Disclosure Vulnerability14LOCAL
CVE‑2021‑211572021‑02‑22 22:15:13HIGH (9)Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.36NETWORK
CVE‑2021‑211412021‑02‑09 14:15:17MEDIUM (7)Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass file extension policy via a crafted HTML page.34NETWORK
CVE‑2021‑211402021‑02‑09 14:15:17MEDIUM (7)Uninitialized use in USB in Google Chrome prior to 88.0.4324.96 allowed a local attacker to potentially perform out of bounds memory access via via a USB device.16PHYSICAL
CVE‑2021‑211392021‑02‑09 14:15:17MEDIUM (7)Inappropriate implementation in iframe sandbox in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.34NETWORK
CVE‑2021‑211372021‑02‑09 14:15:17MEDIUM (7)Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.34NETWORK
CVE‑2021‑211362021‑02‑09 14:15:17MEDIUM (7)Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page.34NETWORK
CVE‑2021‑211352021‑02‑09 14:15:17MEDIUM (7)Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page.34NETWORK
CVE‑2021‑211342021‑02‑09 14:15:17MEDIUM (7)Incorrect security UI in Page Info in Google Chrome on iOS prior to 88.0.4324.96 allowed a remote attacker to spoof security UI via a crafted HTML page.34NETWORK
CVE‑2021‑211332021‑02‑09 14:15:16MEDIUM (7)Insufficient policy enforcement in Downloads in Google Chrome prior to 88.0.4324.96 allowed an attacker who convinced a user to download files to bypass navigation restrictions via a crafted HTML page.34NETWORK
CVE‑2021‑211322021‑02‑09 14:15:16CRITICAL (10)Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension.36NETWORK
CVE‑2021‑211312021‑02‑09 14:15:16MEDIUM (7)Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.34NETWORK
CVE‑2021‑211302021‑02‑09 14:15:16MEDIUM (7)Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.34NETWORK
CVE‑2021‑211292021‑02‑09 14:15:16MEDIUM (7)Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.34NETWORK
CVE‑2021‑211282021‑02‑09 14:15:16HIGH (9)Heap buffer overflow in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.36NETWORK
CVE‑2021‑211272021‑02‑09 14:15:16HIGH (9)Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass content security policy via a crafted Chrome Extension.36NETWORK
CVE‑2021‑211262021‑02‑09 14:15:16MEDIUM (7)Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension.34NETWORK
CVE‑2021‑211252021‑02‑09 14:15:16HIGH (8)Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.35NETWORK
CVE‑2021‑211242021‑02‑09 14:15:16CRITICAL (10)Potential user after free in Speech Recognizer in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.36NETWORK
CVE‑2021‑211232021‑02‑09 14:15:16MEDIUM (7)Insufficient data validation in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.34NETWORK
CVE‑2021‑211222021‑02‑09 14:15:16HIGH (9)Use after free in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.36NETWORK
CVE‑2021‑211212021‑02‑09 14:15:16CRITICAL (10)Use after free in Omnibox in Google Chrome on Linux prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.36NETWORK
CVE‑2021‑211202021‑02‑09 14:15:16HIGH (9)Use after free in WebSQL in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.36NETWORK
CVE‑2021‑211192021‑02‑09 14:15:16HIGH (9)Use after free in Media in Google Chrome prior to 88.0.4324.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.36NETWORK
CVE‑2021‑211182021‑02‑09 14:15:16HIGH (9)Insufficient data validation in V8 in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.36NETWORK
CVE‑2021‑17052021‑01‑12 20:15:34MEDIUM (4)Microsoft Edge (HTML-based) Memory Corruption Vulnerability23NETWORK
CVE‑2020‑171532020‑12‑10 00:15:16MEDIUM (4)Microsoft Edge for Android Spoofing Vulnerability31NETWORK
CVE‑2020‑170582020‑11‑11 07:15:17HIGH (8)Microsoft Browser Memory Corruption Vulnerability26NETWORK
CVE‑2020‑160092020‑11‑03 03:15:16HIGH (9)Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.36NETWORK
CVE‑2020‑15692020‑08‑17 19:15:21HIGH (8)A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge, and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements by adding specially crafted content that could exploit the vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by way of enticement in an email or Instant Messenger message, or by getting them to open an attachment sent through email. The security update addresses the vulnerability by modifying how Microsoft Edge handles objects in memory. 26LOCAL
CVE‑2020‑15682020‑08‑17 19:15:21HIGH (8)A remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit the vulnerability, in a web-based attack scenario, an attacker could host a website that contains malicious PDF content. In addition, compromised websites and websites that accept or host user-provided content could contain specially crafted PDF content that could exploit the vulnerability. However, in all cases an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action. For example, an attacker could trick a user into clicking a link that takes the user to the attacker's site. The security update addresses the vulnerability by modifying how Microsoft Edge PDF Reader handles objects in memory. 26NETWORK
CVE‑2020‑15552020‑08‑17 19:15:20HIGH (9)A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory. 36NETWORK
CVE‑2020‑14622020‑07‑14 23:15:21MEDIUM (4)An information disclosure vulnerability exists when Skype for Business is accessed via Microsoft Edge (EdgeHTML-based), aka 'Skype for Business via Microsoft Edge (EdgeHTML-based) Information Disclosure Vulnerability'.31NETWORK
CVE‑2020‑14332020‑07‑14 23:15:19MEDIUM (7)An information disclosure vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka 'Microsoft Edge PDF Information Disclosure Vulnerability'.34NETWORK
CVE‑2020‑12422020‑06‑09 20:15:16MEDIUM (5)An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests, aka 'Microsoft Edge Information Disclosure Vulnerability'.24NETWORK
CVE‑2020‑12192020‑06‑09 20:15:15HIGH (8)A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'.26NETWORK
CVE‑2020‑11952020‑05‑21 23:15:19MEDIUM (6)An elevation of privilege vulnerability exists in Microsoft Edge (Chromium-based) when the Feedback extension improperly validates input, aka 'Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability'.24NETWORK
CVE‑2020‑10962020‑05‑21 23:15:14HIGH (8)A remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka 'Microsoft Edge PDF Remote Code Execution Vulnerability'.26NETWORK
CVE‑2020‑10592020‑05‑21 23:15:12MEDIUM (4)A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka 'Microsoft Edge Spoofing Vulnerability'.31NETWORK
CVE‑2020‑10562020‑05‑21 23:15:12HIGH (8)An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability, aka 'Microsoft Edge Elevation of Privilege Vulnerability'.35NETWORK
CVE‑2020‑10372020‑05‑21 23:15:12HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Chakra Scripting Engine Memory Corruption Vulnerability'.26NETWORK
CVE‑2020‑09692020‑04‑15 15:15:18HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Chakra Scripting Engine Memory Corruption Vulnerability'.26NETWORK
CVE‑2020‑08782020‑09‑11 17:15:14MEDIUM (4)<p>A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, the attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p> <p>An attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft browsers, and then convince a user to view the website. The attacker could also take advantage of compromised websites, or websites that accept or host user-provided content or advertisements, by adding specially crafted content that could exploit the vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically via an enticement in email or instant message, or by getting them to open an email attachment.</p> <p>The security update addresses the vulnerability by modifying how Microsoft browsers handle objects in memory.</p> 23NETWORK
CVE‑2020‑08302020‑03‑12 16:15:18HIGH (8)A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848.26NETWORK
CVE‑2020‑08162020‑03‑12 16:15:17HIGH (9)A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'.36NETWORK
CVE‑2020‑08122020‑03‑12 16:15:17HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based)L, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0811.26NETWORK
CVE‑2020‑08112020‑03‑12 16:15:17HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based)L, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0812.26NETWORK
CVE‑2020‑07682020‑03‑12 16:15:14HIGH (8)A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848.26NETWORK
CVE‑2020‑07062020‑02‑11 22:15:17MEDIUM (4)An information disclosure vulnerability exists in the way that affected Microsoft browsers handle cross-origin requests, aka 'Microsoft Browser Information Disclosure Vulnerability'.31NETWORK
CVE‑2020‑06632020‑02‑11 22:15:14MEDIUM (4)An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability, aka 'Microsoft Edge Elevation of Privilege Vulnerability'.23NETWORK
CVE‑2019‑14282019‑11‑12 19:15:15HIGH (8)A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1427, CVE-2019-1429.26NETWORK
CVE‑2019‑14272019‑11‑12 19:15:15HIGH (8)A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1428, CVE-2019-1429.26NETWORK
CVE‑2019‑14262019‑11‑12 19:15:15HIGH (8)A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1427, CVE-2019-1428, CVE-2019-1429.26NETWORK
CVE‑2019‑14132019‑11‑12 19:15:14MEDIUM (4)A security feature bypass vulnerability exists when Microsoft Edge improperly handles extension requests and fails to request host permission for all_urls, aka 'Microsoft Edge Security Feature Bypass Vulnerability'.31NETWORK
CVE‑2019‑13662019‑10‑10 14:15:18HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1307, CVE-2019-1308, CVE-2019-1335.26NETWORK
CVE‑2019‑13572019‑10‑10 14:15:18MEDIUM (4)A spoofing vulnerability exists when Microsoft Browsers improperly handle browser cookies, aka 'Microsoft Browser Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-0608.31NETWORK
CVE‑2019‑13562019‑10‑10 14:15:18MEDIUM (7)An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory, aka 'Microsoft Edge based on Edge HTML Information Disclosure Vulnerability'.34NETWORK
CVE‑2019‑13352019‑10‑10 14:15:17HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1307, CVE-2019-1308, CVE-2019-1366.26NETWORK
CVE‑2019‑13082019‑10‑10 14:15:15HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1307, CVE-2019-1335, CVE-2019-1366.26NETWORK
CVE‑2019‑13072019‑10‑10 14:15:15HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1308, CVE-2019-1335, CVE-2019-1366.26NETWORK
CVE‑2019‑13002019‑09‑11 22:15:19HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1138, CVE-2019-1217, CVE-2019-1237, CVE-2019-1298.26NETWORK
CVE‑2019‑12992019‑09‑11 22:15:19MEDIUM (7)An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory, aka 'Microsoft Edge based on Edge HTML Information Disclosure Vulnerability'.34NETWORK
CVE‑2019‑12982019‑09‑11 22:15:19HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1138, CVE-2019-1217, CVE-2019-1237, CVE-2019-1300.26NETWORK
CVE‑2019‑12372019‑09‑11 22:15:15HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1138, CVE-2019-1217, CVE-2019-1298, CVE-2019-1300.26NETWORK
CVE‑2019‑12202019‑09‑11 22:15:15MEDIUM (4)A security feature bypass vulnerability exists when Microsoft Browsers fail to validate the correct Security Zone of requests for specific URLs, aka 'Microsoft Browser Security Feature Bypass Vulnerability'.31NETWORK
CVE‑2019‑12172019‑09‑11 22:15:15HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1138, CVE-2019-1237, CVE-2019-1298, CVE-2019-1300.26NETWORK
CVE‑2019‑11972019‑08‑14 21:15:18MEDIUM (4)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory. 23NETWORK
CVE‑2019‑11962019‑08‑14 21:15:18MEDIUM (4)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory. 23NETWORK
CVE‑2019‑11952019‑08‑14 21:15:18MEDIUM (4)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory. 23NETWORK
CVE‑2019‑11932019‑08‑14 21:15:17MEDIUM (6)A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, the attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft browsers, and then convince a user to view the website. The attacker could also take advantage of compromised websites, or websites that accept or host user-provided content or advertisements, by adding specially crafted content that could exploit the vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically via an enticement in email or instant message, or by getting them to open an email attachment. The security update addresses the vulnerability by modifying how Microsoft browsers handle objects in memory. 16NETWORK
CVE‑2019‑11922019‑08‑14 21:15:17MEDIUM (4)A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of different origins. The vulnerability allows Microsoft browsers to bypass Same-Origin Policy (SOP) restrictions, and to allow requests that should otherwise be ignored. An attacker who successfully exploited the vulnerability could force the browser to send data that would otherwise be restricted. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft browsers and then convince a user to view the website. The attacker could also take advantage of compromised websites, and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how affected Microsoft browsers handle different-origin requests. 31NETWORK
CVE‑2019‑11412019‑08‑14 21:15:14MEDIUM (4)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory. 23NETWORK
CVE‑2019‑11402019‑08‑14 21:15:14HIGH (9)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory. 36NETWORK
CVE‑2019‑11392019‑08‑14 21:15:14MEDIUM (4)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory. 23NETWORK
CVE‑2019‑11382019‑09‑11 22:15:14HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1217, CVE-2019-1237, CVE-2019-1298, CVE-2019-1300.26NETWORK
CVE‑2019‑11312019‑08‑14 21:15:14MEDIUM (4)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory. 23NETWORK
CVE‑2019‑11072019‑07‑15 19:15:20HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1103, CVE-2019-1106.00NETWORK
CVE‑2019‑11062019‑07‑15 19:15:20HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1103, CVE-2019-1107.00NETWORK
CVE‑2019‑11042019‑07‑15 19:15:19HIGH (8)A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'.00NETWORK
CVE‑2019‑11032019‑07‑15 19:15:19HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1106, CVE-2019-1107.00NETWORK
CVE‑2019‑10922019‑07‑15 19:15:19HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1062, CVE-2019-1103, CVE-2019-1106, CVE-2019-1107.00NETWORK
CVE‑2019‑10812019‑06‑12 14:29:04MEDIUM (4)An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory, aka 'Microsoft Browser Information Disclosure Vulnerability'.00NETWORK
CVE‑2019‑10622019‑07‑15 19:15:17HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1092, CVE-2019-1103, CVE-2019-1106, CVE-2019-1107.00NETWORK
CVE‑2019‑10522019‑06‑12 14:29:04HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051.00NETWORK
CVE‑2019‑10512019‑06‑12 14:29:04HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1052.00NETWORK
CVE‑2019‑10382019‑06‑12 14:29:04HIGH (8)A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'.00NETWORK
CVE‑2019‑10302019‑08‑14 21:15:14MEDIUM (4)An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, in a web-based attack scenario, an attacker could host a website in an attempt to exploit the vulnerability. In addition, compromised websites and websites that accept or host user-provided content could contain specially crafted content that could exploit the vulnerability. However, in all cases an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action. For example, an attacker could trick a user into clicking a link that takes the user to the attacker's site. The update addresses the vulnerability by modifying how Microsoft Edge based on Edge HTML handles objects in memory. 31NETWORK
CVE‑2019‑10242019‑06‑12 14:29:03HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1051, CVE-2019-1052.00NETWORK
CVE‑2019‑10232019‑06‑12 14:29:03MEDIUM (4)An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0990.00NETWORK
CVE‑2019‑10032019‑06‑12 14:29:03HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.00NETWORK
CVE‑2019‑10022019‑06‑12 14:29:02HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.00NETWORK
CVE‑2019‑10012019‑07‑15 19:15:16HIGH (8)A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1004, CVE-2019-1056, CVE-2019-1059.00NETWORK
CVE‑2019‑09932019‑06‑12 14:29:02HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.00NETWORK
CVE‑2019‑09922019‑06‑12 14:29:02HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.00NETWORK
CVE‑2019‑09912019‑06‑12 14:29:02HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.00NETWORK
CVE‑2019‑09902019‑06‑12 14:29:02MEDIUM (4)An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1023.00NETWORK
CVE‑2019‑09892019‑06‑12 14:29:02HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.00NETWORK
CVE‑2019‑09402019‑05‑16 19:29:04HIGH (8)A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'.00NETWORK
CVE‑2019‑09382019‑05‑16 19:29:04MEDIUM (7)An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka 'Microsoft Edge Elevation of Privilege Vulnerability'.00NETWORK
CVE‑2019‑09372019‑05‑16 19:29:04HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933.00NETWORK
CVE‑2019‑09332019‑05‑16 19:29:04HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0937.00NETWORK
CVE‑2019‑09272019‑05‑16 19:29:03HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0933, CVE-2019-0937.00NETWORK
CVE‑2019‑09262019‑05‑16 19:29:03HIGH (8)A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'.00NETWORK
CVE‑2019‑09252019‑05‑16 19:29:03HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.00NETWORK
CVE‑2019‑09242019‑05‑16 19:29:03HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.00NETWORK
CVE‑2019‑09232019‑05‑16 19:29:03HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.00NETWORK
CVE‑2019‑09222019‑05‑16 19:29:03HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.00NETWORK
CVE‑2019‑09172019‑05‑16 19:29:03HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.00NETWORK
CVE‑2019‑09162019‑05‑16 19:29:03HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.00NETWORK
CVE‑2019‑09152019‑05‑16 19:29:03HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.00NETWORK
CVE‑2019‑09142019‑05‑16 19:29:03HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.00NETWORK
CVE‑2019‑09132019‑05‑16 19:29:02HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.00NETWORK
CVE‑2019‑09122019‑05‑16 19:29:02HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.00NETWORK
CVE‑2019‑09112019‑05‑16 19:29:02HIGH (8)A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0884, CVE-2019-0918.00NETWORK
CVE‑2019‑08842019‑05‑16 19:29:01HIGH (8)A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0911, CVE-2019-0918.26NETWORK
CVE‑2019‑08612019‑04‑09 21:29:03HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860.00NETWORK
CVE‑2019‑08602019‑04‑09 21:29:03HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0812, CVE-2019-0829, CVE-2019-0861.00NETWORK
CVE‑2019‑08332019‑04‑09 21:29:02MEDIUM (4)An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka 'Microsoft Edge Information Disclosure Vulnerability'.00NETWORK
CVE‑2019‑08292019‑04‑09 21:29:02HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0812, CVE-2019-0860, CVE-2019-0861.00NETWORK
CVE‑2019‑08122019‑04‑09 21:29:01HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861.00NETWORK
CVE‑2019‑08102019‑04‑09 21:29:01HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861.26NETWORK
CVE‑2019‑08062019‑04‑09 21:29:01HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0810, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861.00NETWORK
CVE‑2019‑07802019‑04‑09 03:29:01HIGH (8)A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'.00NETWORK
CVE‑2019‑07792019‑04‑09 03:29:01HIGH (8)A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'.00NETWORK
CVE‑2019‑07732019‑04‑09 03:29:00HIGH (8)A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0783.00NETWORK
CVE‑2019‑07712019‑04‑09 03:29:00HIGH (8)A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0773, CVE-2019-0783.00NETWORK
CVE‑2019‑07702019‑04‑09 03:29:00HIGH (8)A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783.00NETWORK
CVE‑2019‑07692019‑04‑09 02:29:01HIGH (8)A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783.00NETWORK
CVE‑2019‑07642019‑04‑09 21:29:01MEDIUM (4)A tampering vulnerability exists when Microsoft browsers do not properly validate input under specific conditions, aka 'Microsoft Browsers Tampering Vulnerability'.00NETWORK
CVE‑2019‑07622019‑04‑09 02:29:01MEDIUM (4)A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of different origins, aka 'Microsoft Browsers Security Feature Bypass Vulnerability'.00NETWORK
CVE‑2019‑07462019‑04‑09 00:29:01MEDIUM (4)An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'.00NETWORK
CVE‑2019‑07392019‑04‑09 21:29:01HIGH (8)A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0752, CVE-2019-0753, CVE-2019-0862.00NETWORK
CVE‑2019‑06782019‑04‑09 00:29:00MEDIUM (4)An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability, aka 'Microsoft Edge Elevation of Privilege Vulnerability'.00NETWORK
CVE‑2019‑06582019‑03‑05 23:29:02MEDIUM (4)An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0648.00NETWORK
CVE‑2019‑06552019‑03‑05 23:29:02HIGH (8)A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652.00NETWORK
CVE‑2019‑06542019‑03‑05 23:29:02MEDIUM (4)A spoofing vulnerability exists when Microsoft browsers improperly handles specific redirects, aka 'Microsoft Browser Spoofing Vulnerability'.00NETWORK
CVE‑2019‑06522019‑03‑05 23:29:02HIGH (8)A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0655.00NETWORK
CVE‑2019‑06512019‑03‑05 23:29:02HIGH (8)A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0652, CVE-2019-0655.00NETWORK
CVE‑2019‑06502019‑03‑05 23:29:02HIGH (8)A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0634, CVE-2019-0645.00NETWORK
CVE‑2019‑06492019‑03‑05 23:29:02MEDIUM (7)A vulnerability exists in Microsoft Chakra JIT server, aka 'Scripting Engine Elevation of Privileged Vulnerability'.00NETWORK
CVE‑2019‑06452019‑03‑05 23:29:02HIGH (8)A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0634, CVE-2019-0650.00NETWORK
CVE‑2019‑06442019‑03‑05 23:29:02HIGH (8)A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.00NETWORK
CVE‑2019‑06432019‑03‑05 23:29:02MEDIUM (4)An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests, aka 'Microsoft Edge Information Disclosure Vulnerability'.00NETWORK
CVE‑2019‑06422019‑03‑05 23:29:02HIGH (8)A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.00NETWORK
CVE‑2019‑06412019‑03‑05 23:29:02MEDIUM (4)A security feature bypass vulnerability exists in Microsoft Edge handles whitelisting, aka 'Microsoft Edge Security Feature Bypass Vulnerability'.00NETWORK
CVE‑2019‑06402019‑03‑05 23:29:02HIGH (8)A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.00NETWORK
CVE‑2019‑06342019‑03‑05 23:29:01HIGH (8)A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0645, CVE-2019-0650.00NETWORK
CVE‑2019‑06122019‑04‑08 23:29:00LOW (3)A security feature bypass vulnerability exists when Click2Play protection in Microsoft Edge improperly handles flash objects. By itself, this bypass vulnerability does not allow arbitrary code execution, aka 'Microsoft Edge Security Feature Bypass Vulnerability'.00NETWORK
CVE‑2019‑06112019‑04‑08 23:29:00HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0592.00NETWORK
CVE‑2019‑06102019‑03‑05 23:29:01HIGH (8)A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.00NETWORK
CVE‑2019‑06092019‑04‑08 23:29:00HIGH (8)A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783.00NETWORK
CVE‑2019‑06082019‑10‑10 14:15:14MEDIUM (4)A spoofing vulnerability exists when Microsoft Browsers does not properly parse HTTP content, aka 'Microsoft Browser Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-1357.31NETWORK
CVE‑2019‑06072019‑03‑05 23:29:01HIGH (8)A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.00NETWORK
CVE‑2019‑06052019‑03‑05 23:29:01HIGH (8)A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.00NETWORK
CVE‑2019‑05932019‑03‑05 23:29:00HIGH (8)A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.00NETWORK
CVE‑2019‑05922019‑04‑08 23:29:00HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0611.00NETWORK
CVE‑2019‑05912019‑03‑05 23:29:00HIGH (8)A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.00NETWORK
CVE‑2019‑05902019‑03‑05 23:29:00HIGH (8)A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.00NETWORK
CVE‑2019‑05682019‑01‑08 21:29:01HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0539, CVE-2019-0567.00NETWORK
CVE‑2019‑05672019‑01‑08 21:29:01HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0539, CVE-2019-0568.00NETWORK
CVE‑2019‑05662019‑01‑08 21:29:01MEDIUM (7)An elevation of privilege vulnerability exists in Microsoft Edge Browser Broker COM object, aka "Microsoft Edge Elevation of Privilege Vulnerability." This affects Microsoft Edge.00NETWORK
CVE‑2019‑05652019‑01‑08 21:29:01HIGH (8)A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge.00NETWORK
CVE‑2019‑05392019‑01‑08 21:29:00HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0567, CVE-2019-0568.00NETWORK
CVE‑2018‑86292018‑12‑12 00:29:02HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8617, CVE-2018-8618, CVE-2018-8624.00NETWORK
CVE‑2018‑86242018‑12‑12 00:29:01HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8617, CVE-2018-8618, CVE-2018-8629.00NETWORK
CVE‑2018‑86182018‑12‑12 00:29:01HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8617, CVE-2018-8624, CVE-2018-8629.00NETWORK
CVE‑2018‑86172018‑12‑12 00:29:01HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8618, CVE-2018-8624, CVE-2018-8629.00NETWORK
CVE‑2018‑85882018‑11‑14 01:29:02HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8551, CVE-2018-8555, CVE-2018-8556, CVE-2018-8557.00NETWORK
CVE‑2018‑85832018‑12‑12 00:29:01HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8617, CVE-2018-8618, CVE-2018-8624, CVE-2018-8629.00NETWORK
CVE‑2018‑85672018‑11‑14 01:29:02MEDIUM (6)An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain, aka "Microsoft Edge Elevation of Privilege Vulnerability." This affects Microsoft Edge.00NETWORK
CVE‑2018‑85642018‑11‑14 01:29:01MEDIUM (4)A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge.00NETWORK
CVE‑2018‑85572018‑11‑14 01:29:01HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8551, CVE-2018-8555, CVE-2018-8556, CVE-2018-8588.00NETWORK
CVE‑2018‑85562018‑11‑14 01:29:01HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8551, CVE-2018-8555, CVE-2018-8557, CVE-2018-8588.00NETWORK
CVE‑2018‑85552018‑11‑14 01:29:01HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8551, CVE-2018-8556, CVE-2018-8557, CVE-2018-8588.00NETWORK
CVE‑2018‑85512018‑11‑14 01:29:01HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8555, CVE-2018-8556, CVE-2018-8557, CVE-2018-8588.00NETWORK
CVE‑2018‑85452018‑11‑14 01:29:01MEDIUM (4)An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge.00NETWORK
CVE‑2018‑85432018‑11‑14 01:29:01HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8551, CVE-2018-8555, CVE-2018-8556, CVE-2018-8557, CVE-2018-8588.00NETWORK
CVE‑2018‑85422018‑11‑14 01:29:01HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8543, CVE-2018-8551, CVE-2018-8555, CVE-2018-8556, CVE-2018-8557, CVE-2018-8588.00NETWORK
CVE‑2018‑85412018‑11‑14 01:29:01HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8542, CVE-2018-8543, CVE-2018-8551, CVE-2018-8555, CVE-2018-8556, CVE-2018-8557, CVE-2018-8588.00NETWORK
CVE‑2018‑85302018‑10‑10 13:29:06MEDIUM (4)A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8512.00NETWORK
CVE‑2018‑85132018‑10‑10 13:29:06HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8503, CVE-2018-8505, CVE-2018-8510, CVE-2018-8511.00NETWORK
CVE‑2018‑85122018‑10‑10 13:29:06MEDIUM (6)A security feature bypass vulnerability exists in Microsoft Edge when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8530.00NETWORK
CVE‑2018‑85112018‑10‑10 13:29:06HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8503, CVE-2018-8505, CVE-2018-8510, CVE-2018-8513.00NETWORK
CVE‑2018‑85102018‑10‑10 13:29:05HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8503, CVE-2018-8505, CVE-2018-8511, CVE-2018-8513.00NETWORK
CVE‑2018‑85092018‑10‑10 13:29:05HIGH (8)A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8473.00NETWORK
CVE‑2018‑85052018‑10‑10 13:29:05HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8503, CVE-2018-8510, CVE-2018-8511, CVE-2018-8513.00NETWORK
CVE‑2018‑85032018‑10‑10 13:29:05HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8505, CVE-2018-8510, CVE-2018-8511, CVE-2018-8513.00NETWORK
CVE‑2018‑84732018‑10‑10 13:29:03HIGH (8)A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8509.00NETWORK
CVE‑2018‑84692018‑09‑13 00:29:07MEDIUM (4)An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft Edge Elevation of Privilege Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8463.00NETWORK
CVE‑2018‑84672018‑09‑13 00:29:07HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8367, CVE-2018-8465, CVE-2018-8466.00NETWORK
CVE‑2018‑84662018‑09‑13 00:29:07HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8367, CVE-2018-8465, CVE-2018-8467.00NETWORK
CVE‑2018‑84652018‑09‑13 00:29:06HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8367, CVE-2018-8466, CVE-2018-8467.00NETWORK
CVE‑2018‑84642018‑09‑13 00:29:06HIGH (9)An remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka "Microsoft Edge PDF Remote Code Execution Vulnerability." This affects Microsoft Edge.00NETWORK
CVE‑2018‑84632018‑09‑13 00:29:06MEDIUM (4)An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft Edge Elevation of Privilege Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8469.00NETWORK
CVE‑2018‑84592018‑09‑13 00:29:06HIGH (8)A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8354, CVE-2018-8391, CVE-2018-8456, CVE-2018-8457.00NETWORK
CVE‑2018‑84572018‑09‑13 00:29:06HIGH (8)A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-8354, CVE-2018-8391, CVE-2018-8456, CVE-2018-8459.00NETWORK
CVE‑2018‑84562018‑09‑13 00:29:06HIGH (8)A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8354, CVE-2018-8391, CVE-2018-8457, CVE-2018-8459.00NETWORK
CVE‑2018‑84522018‑09‑13 00:29:05MEDIUM (4)An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers, aka "Scripting Engine Information Disclosure Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge.00NETWORK
CVE‑2018‑84252018‑09‑13 00:29:03MEDIUM (4)A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge.00NETWORK
CVE‑2018‑84032018‑08‑15 17:29:10HIGH (8)A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability." This affects Internet Explorer 11, Microsoft Edge, Internet Explorer 10.00NETWORK
CVE‑2018‑83902018‑08‑15 17:29:09HIGH (8)A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389.00NETWORK
CVE‑2018‑83882018‑08‑15 17:29:08MEDIUM (4)A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8383.00NETWORK
CVE‑2018‑83872018‑08‑15 17:29:08HIGH (8)A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8377.00NETWORK
CVE‑2018‑83852018‑08‑15 17:29:08HIGH (8)A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8389, CVE-2018-8390.00NETWORK
CVE‑2018‑83832018‑08‑15 17:29:08MEDIUM (4)A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8388.00NETWORK
CVE‑2018‑83812018‑08‑15 17:29:08HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8266, CVE-2018-8380, CVE-2018-8384.00NETWORK
CVE‑2018‑83802018‑08‑15 17:29:08HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8266, CVE-2018-8381, CVE-2018-8384.00NETWORK
CVE‑2018‑83772018‑08‑15 17:29:07HIGH (8)A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8387.00NETWORK
CVE‑2018‑83722018‑08‑15 17:29:07HIGH (8)A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390.00NETWORK
CVE‑2018‑83702018‑08‑15 17:29:06MEDIUM (4)A information disclosure vulnerability exists when WebAudio Library improperly handles audio requests, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge.00NETWORK
CVE‑2018‑83672018‑09‑13 00:29:02HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8465, CVE-2018-8466, CVE-2018-8467.00NETWORK
CVE‑2018‑83662018‑09‑13 00:29:01LOW (3)An information disclosure vulnerability exists when the Microsoft Edge Fetch API incorrectly handles a filtered response type, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge.00NETWORK
CVE‑2018‑83582018‑08‑15 17:29:06MEDIUM (4)A security feature bypass vulnerability exists when Microsoft Edge improperly handles redirect requests, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge.00NETWORK
CVE‑2018‑83572018‑08‑15 17:29:06MEDIUM (5)An elevation of privilege vulnerability exists in Microsoft browsers allowing sandbox escape, aka "Microsoft Browser Elevation of Privilege Vulnerability." This affects Internet Explorer 11, Microsoft Edge.00NETWORK
CVE‑2018‑83552018‑08‑15 17:29:06HIGH (8)A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8353, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390.00NETWORK
CVE‑2018‑83542018‑09‑13 00:29:01HIGH (8)A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8391, CVE-2018-8456, CVE-2018-8457, CVE-2018-8459.00NETWORK
CVE‑2018‑83512018‑08‑15 17:29:05MEDIUM (4)An information disclosure vulnerability exists when affected Microsoft browsers improperly allow cross-frame interaction, aka "Microsoft Browser Information Disclosure Vulnerability." This affects Internet Explorer 11, Microsoft Edge, Internet Explorer 10.00NETWORK
CVE‑2018‑83252018‑07‑11 00:29:02MEDIUM (4)An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8289, CVE-2018-8297, CVE-2018-8324.00NETWORK
CVE‑2018‑83242018‑07‑11 00:29:02MEDIUM (4)An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8289, CVE-2018-8297, CVE-2018-8325.00NETWORK
CVE‑2018‑83152018‑09‑13 00:29:01MEDIUM (4)An information disclosure vulnerability exists when the browser scripting engine improperly handle object types, aka "Microsoft Scripting Engine Information Disclosure Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10.00NETWORK
CVE‑2018‑83012018‑07‑11 00:29:02HIGH (8)A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8125, CVE-2018-8262, CVE-2018-8274, CVE-2018-8275, CVE-2018-8279.00NETWORK
CVE‑2018‑82972018‑07‑11 00:29:02MEDIUM (4)An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8289, CVE-2018-8324, CVE-2018-8325.00NETWORK
CVE‑2018‑82942018‑07‑11 00:29:02HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8280, CVE-2018-8286, CVE-2018-8290.00NETWORK
CVE‑2018‑82912018‑07‑11 00:29:01HIGH (8)A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8288, CVE-2018-8296, CVE-2018-8298.00NETWORK
CVE‑2018‑82902018‑07‑11 00:29:01HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8280, CVE-2018-8286, CVE-2018-8294.00NETWORK
CVE‑2018‑82892018‑07‑11 00:29:01MEDIUM (4)An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8297, CVE-2018-8324, CVE-2018-8325.00NETWORK
CVE‑2018‑82882018‑07‑11 00:29:01HIGH (8)A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8291, CVE-2018-8296, CVE-2018-8298.00NETWORK
CVE‑2018‑82872018‑07‑11 00:29:01HIGH (8)A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8288, CVE-2018-8291, CVE-2018-8296, CVE-2018-8298.00NETWORK
CVE‑2018‑82862018‑07‑11 00:29:01HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8280, CVE-2018-8290, CVE-2018-8294.00NETWORK
CVE‑2018‑82802018‑07‑11 00:29:01HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8286, CVE-2018-8290, CVE-2018-8294.00NETWORK
CVE‑2018‑82792018‑07‑11 00:29:01HIGH (8)A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8125, CVE-2018-8262, CVE-2018-8274, CVE-2018-8275, CVE-2018-8301.00NETWORK
CVE‑2018‑82782018‑07‑11 00:29:01MEDIUM (6)A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge.00NETWORK
CVE‑2018‑82762018‑07‑11 00:29:01MEDIUM (4)A security feature bypass vulnerability exists in the Microsoft Chakra scripting engine that allows Control Flow Guard (CFG) to be bypassed, aka "Scripting Engine Security Feature Bypass Vulnerability." This affects Microsoft Edge, ChakraCore.00NETWORK
CVE‑2018‑82752018‑07‑11 00:29:01HIGH (8)A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8125, CVE-2018-8262, CVE-2018-8274, CVE-2018-8279, CVE-2018-8301.00NETWORK
CVE‑2018‑82742018‑07‑11 00:29:01HIGH (8)A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8125, CVE-2018-8262, CVE-2018-8275, CVE-2018-8279, CVE-2018-8301.00NETWORK
CVE‑2018‑82662018‑08‑15 17:29:03HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8380, CVE-2018-8381, CVE-2018-8384.00NETWORK
CVE‑2018‑82622018‑07‑11 00:29:01HIGH (8)A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8125, CVE-2018-8274, CVE-2018-8275, CVE-2018-8279, CVE-2018-8301.00NETWORK
CVE‑2018‑82362018‑06‑14 12:29:02HIGH (8)A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8110, CVE-2018-8111.00NETWORK
CVE‑2018‑82352018‑06‑14 12:29:02MEDIUM (4)A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge.00NETWORK
CVE‑2018‑82342018‑06‑14 12:29:02MEDIUM (4)An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-0871.00NETWORK
CVE‑2018‑82292018‑06‑14 12:29:02HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8227.00NETWORK
CVE‑2018‑82272018‑06‑14 12:29:02HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8229.00NETWORK
CVE‑2018‑81792018‑05‑09 19:29:03HIGH (8)A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge.00NETWORK
CVE‑2018‑81782018‑05‑09 19:29:03HIGH (8)A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge.00NETWORK
CVE‑2018‑81772018‑05‑09 19:29:03HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-0943, CVE-2018-8130, CVE-2018-8133, CVE-2018-8145.00NETWORK
CVE‑2018‑81452018‑05‑09 19:29:02HIGH (8)An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user's computer or data, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-0943, CVE-2018-8130, CVE-2018-8133, CVE-2018-8177.00NETWORK
CVE‑2018‑81392018‑05‑09 19:29:02HIGH (8)A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137.00NETWORK
CVE‑2018‑81372018‑05‑09 19:29:02HIGH (8)A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8139.00NETWORK
CVE‑2018‑81332018‑05‑09 19:29:02HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0943, CVE-2018-8130, CVE-2018-8145, CVE-2018-8177.00NETWORK
CVE‑2018‑81302018‑05‑09 19:29:02HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0943, CVE-2018-8133, CVE-2018-8145, CVE-2018-8177.00NETWORK
CVE‑2018‑81282018‑05‑09 19:29:02HIGH (8)A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8137, CVE-2018-8139.00NETWORK
CVE‑2018‑81252018‑07‑11 00:29:00HIGH (8)A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8262, CVE-2018-8274, CVE-2018-8275, CVE-2018-8279, CVE-2018-8301.00NETWORK
CVE‑2018‑81232018‑05‑09 19:29:01MEDIUM (4)An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-1021.00NETWORK
CVE‑2018‑81122018‑05‑09 19:29:01MEDIUM (4)A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge.00NETWORK
CVE‑2018‑81112018‑06‑14 12:29:01HIGH (8)A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8110, CVE-2018-8236.00NETWORK
CVE‑2018‑81102018‑06‑14 12:29:01HIGH (8)A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8111, CVE-2018-8236.00NETWORK
CVE‑2018‑10252018‑05‑09 19:29:01MEDIUM (4)An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory, aka "Microsoft Browser Information Disclosure Vulnerability." This affects Internet Explorer 11, Microsoft Edge.00NETWORK
CVE‑2018‑10232018‑04‑12 01:29:10HIGH (8)A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.00NETWORK
CVE‑2018‑10222018‑05‑09 19:29:01HIGH (8)A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.00NETWORK
CVE‑2018‑10212018‑05‑09 19:29:01MEDIUM (4)An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8123.00NETWORK
CVE‑2018‑10192018‑04‑12 01:29:10HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995.00NETWORK
CVE‑2018‑09982018‑04‑12 01:29:08MEDIUM (4)An information disclosure vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-0892.00NETWORK
CVE‑2018‑09952018‑04‑12 01:29:08HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-1019.00NETWORK
CVE‑2018‑09942018‑04‑12 01:29:08HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0995, CVE-2018-1019.00NETWORK
CVE‑2018‑09932018‑04‑12 01:29:08HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019.00NETWORK
CVE‑2018‑09902018‑04‑12 01:29:08HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019.00NETWORK
CVE‑2018‑09802018‑04‑12 01:29:08HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019.00NETWORK
CVE‑2018‑09792018‑04‑12 01:29:08HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019.00NETWORK
CVE‑2018‑09542018‑05‑09 19:29:01HIGH (8)A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.00NETWORK
CVE‑2018‑09532018‑05‑09 19:29:01HIGH (8)A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.00NETWORK
CVE‑2018‑09512018‑05‑09 19:29:01HIGH (8)A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.00NETWORK
CVE‑2018‑09462018‑05‑09 19:29:01HIGH (8)A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.00NETWORK
CVE‑2018‑09452018‑05‑09 19:29:01HIGH (8)A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.00NETWORK
CVE‑2018‑09432018‑05‑09 19:29:00HIGH (8)A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8130, CVE-2018-8133, CVE-2018-8145, CVE-2018-8177.00NETWORK
CVE‑2018‑09392018‑03‑14 17:29:04MEDIUM (4)ChakraCore and Microsoft Edge in Windows 10 1703 and 1709 allow information disclosure, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0891.00NETWORK
CVE‑2018‑09372018‑03‑14 17:29:04HIGH (8)ChakraCore and Microsoft Windows 10 1703 and 1709 allow remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0934, and CVE-2018-0936.00NETWORK
CVE‑2018‑09362018‑03‑14 17:29:04HIGH (8)ChakraCore and Microsoft Windows 10 1709 allow remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0934, and CVE-2018-0937.00NETWORK
CVE‑2018‑09342018‑03‑14 17:29:04HIGH (8)ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0936, and CVE-2018-0937.00NETWORK
CVE‑2018‑09332018‑03‑14 17:29:03HIGH (8)ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937.00NETWORK
CVE‑2018‑09322018‑03‑14 17:29:03MEDIUM (4)Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows information disclosure, due to how Microsoft browsers handle objects in memory, aka "Microsoft Browser Information Disclosure Vulnerability".00NETWORK
CVE‑2018‑09312018‑03‑14 17:29:03HIGH (8)ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0933, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937.00NETWORK
CVE‑2018‑09302018‑03‑14 17:29:03HIGH (8)ChakraCore and Microsoft Edge in Microsoft Windows 10 1709 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0931, CVE-2018-0933, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937.00NETWORK
CVE‑2018‑09272018‑03‑14 17:29:03MEDIUM (4)Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows information disclosure, due to how Microsoft browsers handle objects in memory, aka "Microsoft Browser Information Disclosure Vulnerability".00NETWORK
CVE‑2018‑08932018‑03‑14 17:29:02HIGH (8)Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0876, CVE-2018-0889, CVE-2018-0925, and CVE-2018-0935.00NETWORK
CVE‑2018‑08922018‑04‑12 01:29:06MEDIUM (4)An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-0998.00NETWORK
CVE‑2018‑08912018‑03‑14 17:29:02MEDIUM (4)ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allow information disclosure, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0939.00NETWORK
CVE‑2018‑08792018‑03‑14 17:29:01MEDIUM (5)Microsoft Edge in Windows 10 1709 allows information disclosure, due to how Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability".00NETWORK
CVE‑2018‑08762018‑03‑14 17:29:01HIGH (8)Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0889, CVE-2018-0893, CVE-2018-0925, and CVE-2018-0935.00NETWORK
CVE‑2018‑08742018‑03‑14 17:29:01HIGH (8)ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937.00NETWORK
CVE‑2018‑08732018‑03‑14 17:29:01HIGH (8)ChakraCore and Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937.00NETWORK
CVE‑2018‑08722018‑03‑14 17:29:01HIGH (8)ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937.00NETWORK
CVE‑2018‑08712018‑06‑14 12:29:00MEDIUM (4)An information disclosure vulnerability exists when Edge improperly marks files, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8234.00NETWORK
CVE‑2018‑08612018‑02‑15 02:29:04HIGH (9)Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, and CVE-2018-0866.00NETWORK
CVE‑2018‑08602018‑02‑15 02:29:03HIGH (8)Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0861, and CVE-2018-0866.00NETWORK
CVE‑2018‑08592018‑02‑15 02:29:03HIGH (8)Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.00NETWORK
CVE‑2018‑08572018‑02‑15 02:29:03HIGH (8)Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.00NETWORK
CVE‑2018‑08562018‑02‑15 02:29:03HIGH (8)Microsoft Edge and ChakraCore in Microsoft Windows 10 1703 and 1709 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.00NETWORK
CVE‑2018‑08402018‑02‑15 02:29:03HIGH (9)Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.00NETWORK
CVE‑2018‑08392018‑02‑15 02:29:03MEDIUM (4)Microsoft Edge in Microsoft Windows 10 1703 allows information disclosure, due to how Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0763.00NETWORK
CVE‑2018‑08382018‑02‑15 02:29:03HIGH (8)Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.00NETWORK
CVE‑2018‑08372018‑02‑15 02:29:03HIGH (8)Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.00NETWORK
CVE‑2018‑08362018‑02‑15 02:29:02HIGH (8)Microsoft Edge and ChakraCore in Microsoft Windows 10 1703 and 1709 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.00NETWORK
CVE‑2018‑08352018‑02‑15 02:29:02HIGH (8)Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.00NETWORK
CVE‑2018‑08342018‑02‑15 02:29:02HIGH (9)Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.00NETWORK
CVE‑2018‑08032018‑01‑04 14:29:01MEDIUM (6)Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to access information from one domain and inject it into another domain, due to how Microsoft Edge enforces cross-domain policies, aka "Microsoft Edge Elevation of Privilege Vulnerability".00NETWORK
CVE‑2018‑08002018‑01‑04 14:29:01MEDIUM (4)Microsoft Edge in Microsoft Windows 10 1709 allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0767 and CVE-2018-0780.00NETWORK
CVE‑2018‑07812018‑01‑04 14:29:01HIGH (8)Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, and CVE-2018-0778.00NETWORK
CVE‑2018‑07802018‑01‑04 14:29:01LOW (3)Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0767 and CVE-2018-0800.00NETWORK
CVE‑2018‑07782018‑01‑04 14:29:01HIGH (8)Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, and CVE-2018-0781.00NETWORK
CVE‑2018‑07772018‑01‑04 14:29:01HIGH (8)Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0778, and CVE-2018-0781.00NETWORK
CVE‑2018‑07762018‑01‑04 14:29:01HIGH (8)Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.00NETWORK
CVE‑2018‑07752018‑01‑04 14:29:01HIGH (8)Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.00NETWORK
CVE‑2018‑07742018‑01‑04 14:29:01HIGH (8)Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.00NETWORK
CVE‑2018‑07732018‑01‑04 14:29:01HIGH (8)Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.00NETWORK
CVE‑2018‑07722018‑01‑04 14:29:01HIGH (8)Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.00NETWORK
CVE‑2018‑07712018‑02‑15 02:29:02MEDIUM (4)Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows a security feature bypass, due to how Edge handles different-origin requests, aka "Microsoft Edge Security Feature Bypass".00NETWORK
CVE‑2018‑07702018‑01‑04 14:29:01HIGH (8)Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.00NETWORK
CVE‑2018‑07692018‑01‑04 14:29:01HIGH (8)Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.00NETWORK
CVE‑2018‑07682018‑01‑04 14:29:01HIGH (8)Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.00NETWORK
CVE‑2018‑07672018‑01‑04 14:29:01LOW (3)Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0780 and CVE-2018-0800.00NETWORK
CVE‑2018‑07662018‑01‑04 14:29:01MEDIUM (4)Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system, due to how the Microsoft Edge PDF Reader handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability".00NETWORK
CVE‑2018‑07632018‑02‑15 02:29:02LOW (3)Microsoft Edge in Microsoft Windows 10 1703 and 1709 allows information disclosure, due to how Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0839.00NETWORK
CVE‑2018‑07622018‑01‑04 14:29:01HIGH (8)Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.00NETWORK
CVE‑2018‑07582018‑01‑04 14:29:01HIGH (8)Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.00NETWORK
CVE‑2017‑87572017‑09‑13 01:29:12HIGH (8)Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way Microsoft Edge handles objects in memory, aka "Microsoft Edge Remote Code Execution Vulnerability".00NETWORK
CVE‑2017‑87562017‑09‑13 01:29:12HIGH (8)Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft Edge accesses objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8660, CVE-2017-8729, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8752, CVE-2017-8753, CVE-2017-8755, and CVE-2017-11764.00NETWORK
CVE‑2017‑87552017‑09‑13 01:29:12HIGH (8)Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8649, CVE-2017-8660, CVE-2017-8729, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8752, CVE-2017-8753, CVE-2017-8756, and CVE-2017-11764.00NETWORK
CVE‑2017‑87542017‑09‑13 01:29:12MEDIUM (4)Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to trick a user into loading a page containing malicious content, due to the way that the Edge Content Security Policy (CSP) validates certain specially crafted documents, aka "Microsoft Edge Security Feature Bypass Vulnerability". This CVE ID is unique from CVE-2017-8723.00NETWORK
CVE‑2017‑87532017‑09‑13 01:29:12HIGH (8)Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8660, CVE-2017-8729, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8752, CVE-2017-8755, CVE-2017-8756, and CVE-2017-11764.00NETWORK
CVE‑2017‑87522017‑09‑13 01:29:12HIGH (8)Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8660, CVE-2017-8729, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8753, CVE-2017-8755, CVE-2017-8756, and CVE-2017-11764.00NETWORK
CVE‑2017‑87512017‑09‑13 01:29:12HIGH (8)Microsoft Edge in Microsoft Windows 1703 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft Edge accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8731, CVE-2017-8734, and CVE-2017-11766.00NETWORK
CVE‑2017‑87502017‑09‑13 01:29:12HIGH (8)Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browsers access objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability".00NETWORK
CVE‑2017‑87482017‑09‑13 01:29:12HIGH (8)Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8660, CVE-2017-8729, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8752, CVE-2017-8753, CVE-2017-8755, CVE-2017-8756, and CVE-2017-11764.00NETWORK
CVE‑2017‑87412017‑09‑13 01:29:12HIGH (8)Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8660, CVE-2017-8729, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8752, CVE-2017-8753, CVE-2017-8755, CVE-2017-8756, and CVE-2017-11764.00NETWORK
CVE‑2017‑87402017‑09‑13 01:29:12HIGH (8)Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8660, CVE-2017-8729, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8752, CVE-2017-8753, CVE-2017-8755, CVE-2017-8756, and CVE-2017-11764.00NETWORK
CVE‑2017‑87392017‑09‑13 01:29:12MEDIUM (4)Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability".00NETWORK
CVE‑2017‑87382017‑09‑13 01:29:11HIGH (8)Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8660, CVE-2017-8729, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8752, CVE-2017-8753, CVE-2017-8755, CVE-2017-8756, and CVE-2017-11764.00NETWORK
CVE‑2017‑87372017‑09‑13 01:29:11HIGH (8)Microsoft Windows PDF Library in Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Windows PDF Library handles objects in memory, aka "Windows PDF Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8728.00NETWORK
CVE‑2017‑87362017‑09‑13 01:29:11MEDIUM (4)Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to obtain specific information used in the parent domain, due to Microsoft browser parent domain verification in certain functionality, aka "Microsoft Browser Information Disclosure Vulnerability".00NETWORK
CVE‑2017‑87352017‑09‑13 01:29:11MEDIUM (4)Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to trick a user by redirecting the user to a specially crafted website, due to the way that Microsoft Edge parses HTTP content, aka "Microsoft Edge Spoofing Vulnerability". This CVE ID is unique from CVE-2017-8724.00NETWORK
CVE‑2017‑87342017‑09‑13 01:29:11HIGH (8)Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft Edge accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8731, CVE-2017-8751, and CVE-2017-11766.00NETWORK
CVE‑2017‑87312017‑09‑13 01:29:11HIGH (8)Microsoft Edge in Microsoft Windows 10 1607 and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft Edge accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8734, CVE-2017-8751, and CVE-2017-11766.00NETWORK
CVE‑2017‑87292017‑09‑13 01:29:11HIGH (8)Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8660, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8752, CVE-2017-8753, CVE-2017-8755, CVE-2017-8756, and CVE-2017-11764.00NETWORK
CVE‑2017‑87282017‑09‑13 01:29:11HIGH (8)Microsoft Windows PDF Library in Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Windows PDF Library handles objects in memory, aka "Windows PDF Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8737.00NETWORK
CVE‑2017‑87262017‑10‑13 13:29:02MEDIUM (4)Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how affected Microsoft scripting engines handle objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11794 and CVE-2017-11803.00NETWORK
CVE‑2017‑87242017‑09‑13 01:29:11MEDIUM (4)Microsoft Edge in Microsoft Windows 10 Version 1703 allows an attacker to trick a user by redirecting the user to a specially crafted website, due to the way that Microsoft Edge parses HTTP content, aka "Microsoft Edge Spoofing Vulnerability". This CVE ID is unique from CVE-2017-8735.00NETWORK
CVE‑2017‑87232017‑09‑13 01:29:11MEDIUM (4)Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to trick a user into loading a page containing malicious content, due to the way that the Edge Content Security Policy (CSP) validates certain specially crafted documents, aka "Microsoft Edge Security Feature Bypass Vulnerability". This CVE ID is unique from CVE-2017-8754.00NETWORK
CVE‑2017‑86742017‑08‑08 21:29:02HIGH (8)Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, and CVE-2017-8672.00NETWORK
CVE‑2017‑86722017‑08‑08 21:29:02HIGH (8)Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, and CVE-2017-8674.00NETWORK
CVE‑2017‑86712017‑08‑08 21:29:02HIGH (8)Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8672, and CVE-2017-8674.00NETWORK
CVE‑2017‑86702017‑08‑08 21:29:02HIGH (8)Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674.00NETWORK
CVE‑2017‑86692017‑08‑08 21:29:02HIGH (8)Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to Microsoft browsers improperly handling objects in memory while rendering content, aka "Microsoft Browser Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8653.00NETWORK
CVE‑2017‑86622017‑08‑08 21:29:02MEDIUM (4)Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to disclose information due to how strings are validated in specific scenarios, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8644 and CVE-2017-8652.00NETWORK
CVE‑2017‑86612017‑08‑08 21:29:02HIGH (8)Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability".00NETWORK
CVE‑2017‑86602017‑09‑13 01:29:10HIGH (9)Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8729, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8752, CVE-2017-8753, CVE-2017-8755, CVE-2017-8756, and CVE-2017-11764.00NETWORK
CVE‑2017‑86592017‑08‑08 21:29:02MEDIUM (4)Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to obtain information to further compromise the user's system due to the Chakra scripting engine not properly handling objects in memory, aka "Scripting Engine Information Disclosure Vulnerability".00NETWORK
CVE‑2017‑86572017‑08‑08 21:29:02HIGH (8)Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674.00NETWORK
CVE‑2017‑86562017‑08‑08 21:29:02HIGH (8)Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674.00NETWORK
CVE‑2017‑86552017‑08‑08 21:29:02HIGH (8)Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674.00NETWORK
CVE‑2017‑86532017‑08‑08 21:29:01HIGH (8)Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to Microsoft browsers improperly accessing objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8669.00NETWORK
CVE‑2017‑86522017‑08‑08 21:29:01MEDIUM (4)Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to disclose information due to the way that Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8644 and CVE-2017-8662.00NETWORK
CVE‑2017‑86502017‑08‑08 21:29:01MEDIUM (6)Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to exploit a security feature bypass due to Microsoft Edge not properly enforcing same-origin policies, aka "Microsoft Edge Security Feature Bypass Vulnerability".00NETWORK
CVE‑2017‑86492017‑09‑13 01:29:10HIGH (8)Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8660, CVE-2017-8729, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8752, CVE-2017-8753, CVE-2017-8755, CVE-2017-8756, and CVE-2017-11764.00NETWORK
CVE‑2017‑86482017‑09‑13 01:29:10MEDIUM (4)Microsoft Edge in Microsoft Windows Version 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8597 and CVE-2017-8643.00NETWORK
CVE‑2017‑86472017‑08‑08 21:29:01HIGH (8)Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674.00NETWORK
CVE‑2017‑86462017‑08‑08 21:29:01HIGH (8)Microsoft Edge in Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674.00NETWORK
CVE‑2017‑86452017‑08‑08 21:29:01HIGH (8)Microsoft Edge in Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674.00NETWORK
CVE‑2017‑86442017‑08‑08 21:29:01MEDIUM (4)Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to disclose information due to the way that Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8652 and CVE-2017-8662.00NETWORK
CVE‑2017‑86432017‑09‑13 01:29:10MEDIUM (4)Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to leave a malicious website open during user clipboard activities, due to the way that Microsoft Edge handles clipboard events, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8597 and CVE-2017-8648.00NETWORK
CVE‑2017‑86422017‑08‑08 21:29:01MEDIUM (4)Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to elevate privileges due to the way that Microsoft Edge validates JavaScript under specific conditions, aka "Microsoft Edge Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-8503.00NETWORK
CVE‑2017‑86412017‑08‑08 21:29:01HIGH (8)Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674.00NETWORK
CVE‑2017‑86402017‑08‑08 21:29:01HIGH (8)Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674.00NETWORK
CVE‑2017‑86392017‑08‑08 21:29:01HIGH (8)Microsoft Edge in Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674.00NETWORK
CVE‑2017‑86382017‑08‑08 21:29:01HIGH (8)Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674.00NETWORK
CVE‑2017‑86372017‑08‑08 21:29:01LOW (3)Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to bypass Arbitrary Code Guard (ACG) due to how Microsoft Edge accesses memory in code compiled by the Edge Just-In-Time (JIT) compiler, aka "Scripting Engine Security Feature Bypass Vulnerability".00NETWORK
CVE‑2017‑86362017‑08‑08 21:29:01HIGH (8)Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674.00NETWORK
CVE‑2017‑86352017‑08‑08 21:29:01HIGH (8)Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to the way that JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674.00NETWORK
CVE‑2017‑86342017‑08‑08 21:29:01HIGH (8)Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674.00NETWORK
CVE‑2017‑86192017‑07‑11 21:29:03HIGH (8)Microsoft Edge on Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way affected Microsoft scripting engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-8596, CVE-2017-8610, CVE-2017-8601, CVE-2017-8603, CVE-2017-8604, CVE-2017-8605, CVE-2017-8606, CVE-2017-8607, CVE-2017-8608, CVE-2017-8618, CVE-2017-9598 and CVE-2017-8609.00NETWORK
CVE‑2017‑86172017‑07‑11 21:29:02HIGH (8)Microsoft Edge in Windows 10 1703 Microsoft Edge allows a remote code execution vulnerability in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Remote Code Execution Vulnerability."00NETWORK
CVE‑2017‑86112017‑07‑11 21:29:02MEDIUM (4)Microsoft Edge on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability."00NETWORK
CVE‑2017‑86102017‑07‑11 21:29:02HIGH (8)Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8598, CVE-2017-8596, CVE-2017-8595, CVE-2017-8618, CVE-2017-8619, CVE-2017-8601, CVE-2017-8603, CVE-2017-8604, CVE-2017-8605, CVE-2017-8606, CVE-2017-8607, CVE-2017-8608, and CVE-2017-8609.00NETWORK
CVE‑2017‑86092017‑07‑11 21:29:02HIGH (8)Microsoft Internet Explorer in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8596, CVE-2017-8610, CVE-2017-8618, CVE-2017-8619, CVE-2017-8595, CVE-2017-8601, CVE-2017-8603, CVE-2017-8604, CVE-2017-8605, CVE-2017-8606, CVE-2017-8607, CVE-2017-8608, and CVE-2017-8609.00NETWORK
CVE‑2017‑86082017‑07‑11 21:29:02HIGH (8)Microsoft browsers in Microsoft Windows Server 2008 and R2, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engines fail to render when handling objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8598, CVE-2017-8596, CVE-2017-8610, CVE-2017-8601, CVE-2017-8618, CVE-2017-8619, CVE-2017-8603, CVE-2017-8604, CVE-2017-8605, CVE-2017-8595, CVE-2017-8606, CVE-2017-8607, and CVE-2017-860900NETWORK
CVE‑2017‑86072017‑07‑11 21:29:02HIGH (8)Microsoft browsers in Microsoft Windows 7, Windows Server 2008 and R2, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engines fail to render when handling objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8598, CVE-2017-8596, CVE-2017-8618, CVE-2017-8619, CVE-2017-8610, CVE-2017-8601, CVE-2017-8603, CVE-2017-8604, CVE-2017-8605, CVE-2017-8595, CVE-2017-8606, CVE-2017-8608, and CVE-2017-860900NETWORK
CVE‑2017‑86062017‑07‑11 21:29:02HIGH (8)Microsoft browsers in Microsoft Windows 7, Windows Server 2008 and R2, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engines fail to render when handling objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8598, CVE-2017-8596, CVE-2017-8618, CVE-2017-8619, CVE-2017-8610, CVE-2017-8601, CVE-2017-8603, CVE-2017-8604, CVE-2017-8605, CVE-2017-8595, CVE-2017-8607, CVE-2017-8608, and CVE-2017-860900NETWORK
CVE‑2017‑86052017‑07‑11 21:29:02HIGH (8)Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8596, CVE-2017-8601, CVE-2017-8618, CVE-2017-8619, CVE-2017-8610, CVE-2017-8601, CVE-2017-8603, CVE-2017-8604, CVE-2017-8598, CVE-2017-8606, CVE-2017-8607, CVE-2017-8608, and CVE-2017-8609.00NETWORK
CVE‑2017‑86042017‑07‑11 21:29:02HIGH (8)Microsoft Edge in Microsoft Windows 10 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8596, CVE-2017-8618, CVE-2017-8619, CVE-2017-8601, CVE-2017-8610, CVE-2017-8603, CVE-2017-8598, CVE-2017-8601, CVE-2017-8605, CVE-2017-8606, CVE-2017-8607, CVE-2017-8608, and CVE-2017-8609.00NETWORK
CVE‑2017‑86032017‑07‑11 21:29:02HIGH (8)Microsoft Edge in Microsoft Windows 10 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8596, CVE-2017-8610, CVE-2017-8598, CVE-2017-8618, CVE-2017-8619, CVE-2017-8595, CVE-2017-8601, CVE-2017-8604, CVE-2017-8605, CVE-2017-8606, CVE-2017-8607, CVE-2017-8608, and CVE-2017-8609.00NETWORK
CVE‑2017‑86022017‑07‑11 21:29:02MEDIUM (4)Microsoft browsers on Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow a spoofing vulnerability in the way they parse HTTP content, aka "Microsoft Browser Spoofing Vulnerability."00NETWORK
CVE‑2017‑86012017‑07‑11 21:29:02HIGH (8)Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8596, CVE-2017-8610, CVE-2017-8618, CVE-2017-8619, CVE-2017-8603, CVE-2017-8604, CVE-2017-8605, CVE-2017-8606, CVE-2017-8607, CVE-2017-8608, CVE-2017-8598 and CVE-2017-8609.00NETWORK
CVE‑2017‑85992017‑07‑11 21:29:02MEDIUM (4)Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to trick a user into loading a page with malicious content when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents, aka "Microsoft Edge Security Feature Bypass Vulnerability".00NETWORK
CVE‑2017‑85982017‑07‑11 21:29:02HIGH (8)Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8596, CVE-2017-8610, CVE-2017-8618, CVE-2017-8619, CVE-2017-8595, CVE-2017-8601, CVE-2017-8603, CVE-2017-8604, CVE-2017-8605, CVE-2017-8606, CVE-2017-8607, CVE-2017-8608, and CVE-2017-8609.00NETWORK
CVE‑2017‑85972017‑09‑13 01:29:10MEDIUM (4)Microsoft Edge in Microsoft Windows 10 Version 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8643 and CVE-2017-8648.00NETWORK
CVE‑2017‑85962017‑07‑11 21:29:02HIGH (8)Microsoft Edge in Microsoft Windows 10 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8598, CVE-2017-8610, CVE-2017-8595, CVE-2017-8601, CVE-2017-8603, CVE-2017-8604, CVE-2017-8605, CVE-2017-8606, CVE-2017-8607, CVE-2017-8608, and CVE-2017-8609.00NETWORK
CVE‑2017‑85952017‑07‑11 21:29:02HIGH (8)Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8596, CVE-2017-8601,CVE-2017-8618, CVE-2017-8619, CVE-2017-8610, CVE-2017-8601, CVE-2017-8603, CVE-2017-8604, CVE-2017-8605, CVE-2017-8606, CVE-2017-8607, CVE-2017-8608, and CVE-2017-8609.00NETWORK
CVE‑2017‑85922017‑07‑11 21:29:02MEDIUM (4)Microsoft browsers on when Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows RT 8.1, and Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow a security feature bypass vulnerability when they improperly handle redirect requests, aka "Microsoft Browser Security Feature Bypass".00NETWORK
CVE‑2017‑85552017‑06‑15 01:29:05MEDIUM (4)Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to trick a user into loading a page with malicious content when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents, aka "Microsoft Edge Security Feature Bypass Vulnerability". This CVE ID is unique from CVE-2017-8523 and CVE-2017-8530.00NETWORK
CVE‑2017‑85492017‑06‑15 01:29:05HIGH (8)Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system when Microsoft Edge improperly handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8499, CVE-2017-8520, CVE-2017-8521, and CVE-2017-8548.00NETWORK
CVE‑2017‑85482017‑06‑15 01:29:05HIGH (8)Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system when Microsoft Edge improperly handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8499, CVE-2017-8520, CVE-2017-8521, and CVE-2017-8549.00NETWORK
CVE‑2017‑85302017‑06‑15 01:29:04MEDIUM (6)Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to trick a user into loading a page with malicious content when Microsoft Edge does not properly enforce same-origin policies, aka "Microsoft Edge Security Feature Bypass Vulnerability". This CVE ID is unique from CVE-2017-8523 and CVE-2017-8555.00NETWORK
CVE‑2017‑85292017‑06‑15 01:29:04MEDIUM (7)Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, and Windows Server 2012 and R2 allow an attacker to detect specific files on the user's computer when affected Microsoft scripting engines do not properly handle objects in memory, aka "Microsoft Browser Information Disclosure Vulnerability".34NETWORK
CVE‑2017‑85242017‑06‑15 01:29:04HIGH (8)Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engines fail to render when handling objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8517 and CVE-2017-8522.00NETWORK
CVE‑2017‑85232017‑06‑15 01:29:04MEDIUM (4)Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to trick a user into loading a page with malicious content when Microsoft Edge fails to correctly apply Same Origin Policy for HTML elements present in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability". This CVE ID is unique from CVE-2017-8530 and CVE-2017-8555.00NETWORK
CVE‑2017‑85222017‑06‑15 01:29:04HIGH (8)Microsoft browsers in Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engines fail to render when handling objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8517 and CVE-2017-8524.00NETWORK
CVE‑2017‑85212017‑06‑15 01:29:04HIGH (8)Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the Edge JavaScript scripting engine fails to handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8499, CVE-2017-8520, CVE-2017-8548, and CVE-2017-8549.00NETWORK
CVE‑2017‑85202017‑06‑15 01:29:04HIGH (8)Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the Edge JavaScript scripting engine fails to handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8499, CVE-2017-8521, CVE-2017-8548, and CVE-2017-8549.00NETWORK
CVE‑2017‑85182017‑08‑10 18:29:00HIGH (8)Microsoft Edge allows a remote code execution vulnerability due to the way it accesses objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".00NETWORK
CVE‑2017‑85042017‑06‑15 01:29:04MEDIUM (4)Microsoft Edge in Windows 10 1607 and 1703, and Windows Server 2016 allows an attacker to read the URL of a cross-origin request when the Microsoft Edge Fetch API incorrectly handles a filtered response type, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8498.00NETWORK
CVE‑2017‑85032017‑08‑08 21:29:01MEDIUM (5)Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to escape from the AppContainer sandbox, aka "Microsoft Edge Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-8642.00LOCAL
CVE‑2017‑84992017‑06‑15 01:29:04HIGH (8)Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the Edge JavaScript scripting engine fails to handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8520, CVE-2017-8521, CVE-2017-8548, and CVE-2017-8549.00NETWORK
CVE‑2017‑84982017‑06‑15 01:29:04MEDIUM (4)Microsoft Edge in Windows 10 1607 and 1703, and Windows Server 2016 allows an attacker to read data not intended to be disclosed when Edge allows JavaScript XML DOM objects to detect installed browser extensions, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8504.00NETWORK
CVE‑2017‑84972017‑06‑15 01:29:04HIGH (8)Microsoft Edge in Windows 10 1607 and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8496.00NETWORK
CVE‑2017‑84962017‑06‑15 01:29:04HIGH (8)Microsoft Edge in Windows 10 1607 and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8497.00NETWORK
CVE‑2017‑119192017‑12‑12 21:29:02LOW (3)ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016, and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-11887 and CVE-2017-11906.00NETWORK
CVE‑2017‑119182017‑12‑12 21:29:02HIGH (8)ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, and CVE-2017-11930.00NETWORK
CVE‑2017‑119142017‑12‑12 21:29:02HIGH (8)ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930.00NETWORK
CVE‑2017‑119122017‑12‑12 21:29:02HIGH (8)ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930.00NETWORK
CVE‑2017‑119052017‑12‑12 21:29:01HIGH (8)ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930.00NETWORK
CVE‑2017‑118952017‑12‑12 21:29:01HIGH (8)ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930.00NETWORK
CVE‑2017‑118942017‑12‑12 21:29:01HIGH (8)ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and and Internet Explorer adn Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930.00NETWORK
CVE‑2017‑118932017‑12‑12 21:29:01HIGH (8)ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930.00NETWORK
CVE‑2017‑118892017‑12‑12 21:29:01HIGH (8)ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930.00NETWORK
CVE‑2017‑118882017‑12‑12 21:29:01HIGH (8)Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how Microsoft Edge handles objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability".00NETWORK
CVE‑2017‑118742017‑11‑15 03:29:02LOW (3)Microsoft Edge in Microsoft Windows 10 1703, 1709, Windows Server, version 1709, and ChakraCore allows an attacker to bypass Control Flow Guard (CFG) to run arbitrary code on a target system, due to how Microsoft Edge handles accessing memory in code compiled by the Edge Just-In-Time (JIT) compiler, aka "Microsoft Edge Security Feature Bypass Vulnerability". This CVE ID is unique from CVE-2017-11863 and CVE-2017-11872.00NETWORK
CVE‑2017‑118732017‑11‑15 03:29:02HIGH (8)ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, and CVE-2017-11871.00NETWORK
CVE‑2017‑118722017‑11‑15 03:29:02MEDIUM (4)Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to force the browser to send data that would otherwise be restricted to a destination website of the attacker's choice, due to how Microsoft Edge handles redirect requests, aka "Microsoft Edge Security Feature Bypass Vulnerability". This CVE ID is unique from CVE-2017-11863 and CVE-2017-11874.00NETWORK
CVE‑2017‑118712017‑11‑15 03:29:02HIGH (8)ChakraCore and Microsoft Edge in Windows 10 1703, 1709, and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, and CVE-2017-11873.00NETWORK
CVE‑2017‑118702017‑11‑15 03:29:02HIGH (8)ChakraCore and Microsoft Edge in Windows 10 1703, 1709, and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11871, and CVE-2017-11873.00NETWORK
CVE‑2017‑118662017‑11‑15 03:29:01HIGH (8)ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873.00NETWORK
CVE‑2017‑118632017‑11‑15 03:29:01MEDIUM (4)Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to trick a user into loading a page containing malicious content, due to how the Edge Content Security Policy (CSP) validates documents, aka "Microsoft Edge Security Feature Bypass Vulnerability". This CVE ID is unique from CVE-2017-11872 and CVE-2017-11874.00NETWORK
CVE‑2017‑118622017‑11‑15 03:29:01HIGH (8)ChakraCore and Microsoft Edge in Windows 10 1709 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873.00NETWORK
CVE‑2017‑118612017‑11‑15 03:29:01HIGH (8)Microsoft Edge in Windows 10 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873.00NETWORK
CVE‑2017‑118582017‑11‑15 03:29:01HIGH (8)ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how Microsoft browsers handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873.00NETWORK
CVE‑2017‑118462017‑11‑15 03:29:01HIGH (8)ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873.00NETWORK
CVE‑2017‑118452017‑11‑15 03:29:01HIGH (8)Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how Microsoft Edge handles objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability".00NETWORK
CVE‑2017‑118442017‑11‑15 03:29:01MEDIUM (4)Microsoft Edge in Microsoft Windows 10 1703, 1709 and Windows Server, version 1709 allows an attacker to obtain information to further compromise the user's system, due to how Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-11803 and CVE-2017-11833.00NETWORK
CVE‑2017‑118432017‑11‑15 03:29:01HIGH (8)ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873.00NETWORK
CVE‑2017‑118412017‑11‑15 03:29:01HIGH (8)ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873.00NETWORK
CVE‑2017‑118402017‑11‑15 03:29:01HIGH (8)ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873.00NETWORK
CVE‑2017‑118392017‑11‑15 03:29:01HIGH (8)Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to take control of an affected system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873.00NETWORK
CVE‑2017‑118382017‑11‑15 03:29:01HIGH (8)ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873.00NETWORK
CVE‑2017‑118372017‑11‑15 03:29:01HIGH (8)ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873.00NETWORK
CVE‑2017‑118362017‑11‑15 03:29:01HIGH (8)ChakraCore, and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to take control of an affected system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873.00NETWORK
CVE‑2017‑118332017‑11‑15 03:29:01LOW (3)Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to determine the origin of all webpages in the affected browser, due to how Microsoft Edge handles cross-origin requests, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-11803 and CVE-2017-11844.00NETWORK
CVE‑2017‑118272017‑11‑15 03:29:00HIGH (9)Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how Microsoft browsers handle objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability".00NETWORK
CVE‑2017‑118212017‑10‑13 13:29:02HIGH (8)ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, and CVE-2017-11812.00NETWORK
CVE‑2017‑118122017‑10‑13 13:29:02HIGH (9)ChakraCore and Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11812, and CVE-2017-11821.00NETWORK
CVE‑2017‑118112017‑10‑13 13:29:02HIGH (8)ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11812, and CVE-2017-11821.00NETWORK
CVE‑2017‑118092017‑10‑13 13:29:01HIGH (8)ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821.00NETWORK
CVE‑2017‑118082017‑10‑13 13:29:01HIGH (8)ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821.00NETWORK
CVE‑2017‑118072017‑10‑13 13:29:01HIGH (8)ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821.00NETWORK
CVE‑2017‑118062017‑10‑13 13:29:01HIGH (8)ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821.00NETWORK
CVE‑2017‑118052017‑10‑13 13:29:01HIGH (8)ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821.00NETWORK
CVE‑2017‑118042017‑10‑13 13:29:01HIGH (8)ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821.00NETWORK
CVE‑2017‑118032017‑11‑15 03:29:00MEDIUM (4)Microsoft Edge in Microsoft Windows 10 1703, 1709 and Windows Server, version 1709 allows an attacker to obtain information to further compromise the user's system, due to how Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-11833 and CVE-2017-11844.00NETWORK
CVE‑2017‑118022017‑10‑13 13:29:01HIGH (8)ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821.00NETWORK
CVE‑2017‑118002017‑10‑13 13:29:01HIGH (8)Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821.00NETWORK
CVE‑2017‑117992017‑10‑13 13:29:01HIGH (8)ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821.00NETWORK
CVE‑2017‑117982017‑10‑13 13:29:01HIGH (8)Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821.00NETWORK
CVE‑2017‑117962017‑10‑13 13:29:01HIGH (8)ChakraCore and Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821.00NETWORK
CVE‑2017‑117942017‑10‑13 13:29:01MEDIUM (4)Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to obtain information to further compromise the user's system, due to how Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8726 and CVE-2017-11803.00NETWORK
CVE‑2017‑117922017‑10‑13 13:29:01HIGH (8)ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allow an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11793, CVE-2017-11796, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821.00NETWORK
CVE‑2017‑117912017‑11‑15 03:29:00LOW (3)ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-11834.00NETWORK
CVE‑2017‑117662017‑09‑13 01:29:08HIGH (8)Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft Edge accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8731, CVE-2017-8734, and CVE-2017-8751.00NETWORK
CVE‑2017‑117642017‑09‑13 01:29:08HIGH (8)Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8660, CVE-2017-8729, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8752, CVE-2017-8753, CVE-2017-8755, and CVE-2017-8756.00NETWORK
CVE‑2017‑02932017‑08‑08 21:29:01HIGH (8)Microsoft Windows PDF Library in Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability when it improperly handles objects in memory, aka "Windows PDF Remote Code Execution Vulnerability".00NETWORK
CVE‑2017‑02662017‑05‑12 14:29:05HIGH (8)A remote code execution vulnerability exists in Microsoft Edge in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Remote Code Execution Vulnerability."00NETWORK
CVE‑2017‑02522017‑05‑15 17:29:00HIGH (8)A remote code execution vulnerability exists in Microsoft Chakra Core in the way JavaScript engines render when handling objects in memory. aka "Scripting Engine Memory Corruption Vulnerability". This vulnerability is unique from CVE-2017-0223.00NETWORK
CVE‑2017‑02412017‑05‑12 14:29:04MEDIUM (5)An elevation of privilege vulnerability exists when Microsoft Edge renders a domain-less page in the URL, which could allow Microsoft Edge to perform actions in the context of the Intranet Zone and access functionality that is not typically available to the browser when browsing in the context of the Internet Zone, aka "Microsoft Edge Elevation of Privilege Vulnerability." This CVE ID is unique from CVE-2017-0233.00NETWORK
CVE‑2017‑02402017‑05‑12 14:29:03HIGH (8)A remote code execution vulnerability exists in Microsoft Edge in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0221 and CVE-2017-0227.00NETWORK
CVE‑2017‑02382017‑05‑12 14:29:03HIGH (8)A remote code execution vulnerability exists in Microsoft browsers in the way JavaScript scripting engines handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, and CVE-2017-0236.00NETWORK
CVE‑2017‑02362017‑05‑12 14:29:03HIGH (8)A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, and CVE-2017-0238.00NETWORK
CVE‑2017‑02352017‑05‑12 14:29:03HIGH (8)A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0236, and CVE-2017-0238.00NETWORK
CVE‑2017‑02342017‑05‑12 14:29:03HIGH (8)A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238.00NETWORK
CVE‑2017‑02332017‑05‑12 14:29:03MEDIUM (5)An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft Edge Elevation of Privilege Vulnerability." This CVE ID is unique from CVE-2017-0241.00NETWORK
CVE‑2017‑02312017‑05‑12 14:29:03MEDIUM (4)A spoofing vulnerability exists when Microsoft browsers render SmartScreen Filter, aka "Microsoft Browser Spoofing Vulnerability."00NETWORK
CVE‑2017‑02302017‑05‑12 14:29:03HIGH (8)A remote code execution vulnerability exists in Microsoft Edge in the way JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238.00NETWORK
CVE‑2017‑02292017‑05‑12 14:29:02HIGH (8)A remote code execution vulnerability exists in Microsoft Edge in the way JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238.00NETWORK
CVE‑2017‑02282017‑05‑12 14:29:02HIGH (8)A remote code execution vulnerability exists in Microsoft browsers in the way JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238.00NETWORK
CVE‑2017‑02272017‑05‑12 14:29:02HIGH (8)A remote code execution vulnerability exists in Microsoft Edge in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0221 and CVE-2017-0240.00NETWORK
CVE‑2017‑02242017‑05‑12 14:29:02HIGH (8)A remote code execution vulnerability exists in the way JavaScript engines render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238.00NETWORK
CVE‑2017‑02232017‑05‑15 17:29:00HIGH (8)A remote code execution vulnerability exists in Microsoft Chakra Core in the way JavaScript engines render when handling objects in memory. aka "Scripting Engine Memory Corruption Vulnerability". This vulnerability is unique from CVE-2017-0252.00NETWORK
CVE‑2017‑02212017‑05‑12 14:29:02HIGH (8)A vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0227 and CVE-2017-0240.00NETWORK
CVE‑2017‑02082017‑04‑12 14:59:01MEDIUM (4)An information disclosure vulnerability exists in Microsoft Edge when the Chakra scripting engine does not properly handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system, a.k.a. "Scripting Engine Information Disclosure Vulnerability."00NETWORK
CVE‑2017‑02052017‑04‑12 14:59:01HIGH (8)A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user, aka "Microsoft Edge Memory Corruption Vulnerability."00NETWORK
CVE‑2017‑02032017‑04‑12 14:59:01MEDIUM (4)A vulnerability exists in Microsoft Edge when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents. An attacker could trick a user into loading a web page with malicious content, aka "Microsoft Edge Security Feature Bypass Vulnerability."00NETWORK
CVE‑2017‑02002017‑04‑12 14:59:01HIGH (8)A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user, aka "Microsoft Edge Memory Corruption Vulnerability."00NETWORK
CVE‑2017‑01962017‑07‑17 13:18:11MEDIUM (4)An information disclosure vulnerability in Microsoft scripting engine allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."00NETWORK
CVE‑2017‑01522017‑07‑17 13:18:11HIGH (9)A remote code execution vulnerability exists in the way affected Microsoft scripting engine render when handling objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user, aka "Scripting Engine Memory Corruption Vulnerability."00NETWORK
CVE‑2017‑01512017‑03‑17 00:59:04HIGH (8)A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, and CVE-2017-0150.00NETWORK
CVE‑2017‑01502017‑03‑17 00:59:04HIGH (8)A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, and CVE-2017-0151.00NETWORK
CVE‑2017‑01412017‑03‑17 00:59:04HIGH (8)A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0150, and CVE-2017-0151.00NETWORK
CVE‑2017‑01402017‑03‑17 00:59:04MEDIUM (4)Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0066 and CVE-2017-0135.00NETWORK
CVE‑2017‑01382017‑03‑17 00:59:04HIGH (8)A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151.00NETWORK
CVE‑2017‑01372017‑03‑17 00:59:04HIGH (8)A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151.00NETWORK
CVE‑2017‑01362017‑03‑17 00:59:04HIGH (8)A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151.00NETWORK
CVE‑2017‑01352017‑03‑17 00:59:04MEDIUM (4)Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0066 and CVE-2017-0140.00NETWORK
CVE‑2017‑01342017‑03‑17 00:59:04HIGH (8)A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151.00NETWORK
CVE‑2017‑01332017‑03‑17 00:59:04HIGH (8)A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151.00NETWORK
CVE‑2017‑01322017‑03‑17 00:59:04HIGH (8)A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151.00NETWORK
CVE‑2017‑01312017‑03‑17 00:59:04HIGH (8)A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151.00NETWORK
CVE‑2017‑00942017‑03‑17 00:59:03HIGH (8)A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151.00NETWORK
CVE‑2017‑00932017‑04‑12 14:59:00HIGH (8)A remote code execution vulnerability in Microsoft Edge exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0201.00NETWORK
CVE‑2017‑00712017‑03‑17 00:59:02HIGH (8)A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151.00NETWORK
CVE‑2017‑00702017‑03‑17 00:59:02HIGH (8)A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151.00NETWORK
CVE‑2017‑00692017‑03‑17 00:59:02MEDIUM (4)Microsoft Edge allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0012 and CVE-2017-0033.00NETWORK
CVE‑2017‑00682017‑03‑17 00:59:02MEDIUM (4)Browsers in Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0017, and CVE-2017-0065.00NETWORK
CVE‑2017‑00672017‑03‑17 00:59:02HIGH (8)A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151.00NETWORK
CVE‑2017‑00662017‑03‑17 00:59:02MEDIUM (4)Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0135 and CVE-2017-0140.00NETWORK
CVE‑2017‑00652017‑03‑17 00:59:02MEDIUM (4)Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0017, and CVE-2017-0068.00NETWORK
CVE‑2017‑00372017‑02‑26 23:59:00HIGH (8)Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote attackers to execute arbitrary code via vectors involving a crafted Cascading Style Sheets (CSS) token sequence and crafted JavaScript code that operates on a TH element.26NETWORK
CVE‑2017‑00352017‑03‑17 00:59:01HIGH (8)A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151.00NETWORK
CVE‑2017‑00342017‑03‑17 00:59:01HIGH (8)A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.00NETWORK
CVE‑2017‑00332017‑03‑17 00:59:01MEDIUM (4)Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0012 and CVE-2017-0069.00NETWORK
CVE‑2017‑00322017‑03‑17 00:59:01HIGH (8)A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151.00NETWORK
CVE‑2017‑00282017‑07‑17 13:18:09HIGH (10)A remote code execution vulnerability exists when Microsoft scripting engine improperly accesses objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user, aka "Scripting Engine Memory Corruption Vulnerability."00NETWORK
CVE‑2017‑00232017‑03‑17 00:59:01HIGH (8)The PDF library in Microsoft Edge; Windows 8.1; Windows Server 2012 and R2; Windows RT 8.1; and Windows 10, 1511, and 1607 allows remote attackers to execute arbitrary code via a crafted PDF file, aka "Microsoft PDF Remote Code Execution Vulnerability."00NETWORK
CVE‑2017‑00172017‑03‑17 00:59:01MEDIUM (4)The RegEx class in the XSS filter in Microsoft Edge allows remote attackers to conduct cross-site scripting (XSS) attacks and obtain sensitive information via unspecified vectors, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0065, and CVE-2017-0068.00NETWORK
CVE‑2017‑00152017‑03‑17 00:59:00HIGH (8)A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151.00NETWORK
CVE‑2017‑00122017‑03‑17 00:59:00MEDIUM (4)Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0033 and CVE-2017-0069.00NETWORK
CVE‑2017‑00112017‑03‑17 00:59:00MEDIUM (4)Microsoft Edge allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0017, CVE-2017-0065, and CVE-2017-0068.00NETWORK
CVE‑2017‑00102017‑03‑17 00:59:00HIGH (8)A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151.00NETWORK
CVE‑2017‑00022017‑01‑10 21:59:00MEDIUM (7)Microsoft Edge allows remote attackers to bypass the Same Origin Policy via vectors involving the about:blank URL and data: URLs, aka "Microsoft Edge Elevation of Privilege Vulnerability."00NETWORK
CVE‑2016‑72972016‑12‑20 06:59:01HIGH (8)The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7286, CVE-2016-7288, and CVE-2016-7296.00NETWORK
CVE‑2016‑72962016‑12‑20 06:59:01HIGH (8)The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7286, CVE-2016-7288, and CVE-2016-7297.00NETWORK
CVE‑2016‑72882016‑12‑20 06:59:01HIGH (8)The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7286, CVE-2016-7296, and CVE-2016-7297.00NETWORK
CVE‑2016‑72872016‑12‑20 06:59:01HIGH (8)The scripting engines in Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."00NETWORK
CVE‑2016‑72862016‑12‑20 06:59:01HIGH (8)The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7288, CVE-2016-7296, and CVE-2016-7297.00NETWORK
CVE‑2016‑72822016‑12‑20 06:59:01MEDIUM (4)Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability."00NETWORK
CVE‑2016‑72812016‑12‑20 06:59:01LOW (3)The Web Workers implementation in Microsoft Internet Explorer 10 and 11 and Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Browser Security Feature Bypass Vulnerability."00NETWORK
CVE‑2016‑72802016‑12‑20 06:59:01MEDIUM (4)Cross-site scripting (XSS) vulnerability in Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Edge Information Disclosure Vulnerability," a different vulnerability than CVE-2016-7206.00NETWORK
CVE‑2016‑72792016‑12‑20 06:59:01HIGH (8)Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."00NETWORK
CVE‑2016‑72432016‑11‑10 06:59:57HIGH (8)The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, and CVE-2016-7242.00NETWORK
CVE‑2016‑72422016‑11‑10 06:59:56HIGH (8)The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, and CVE-2016-7243.00NETWORK
CVE‑2016‑72412016‑11‑10 06:59:54HIGH (8)Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."00NETWORK
CVE‑2016‑72402016‑11‑10 06:59:53HIGH (8)The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7242, and CVE-2016-7243.00NETWORK
CVE‑2016‑72392016‑11‑10 06:59:52LOW (3)The RegEx class in the XSS filter in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allows remote attackers to conduct cross-site scripting (XSS) attacks and obtain sensitive information via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability."00NETWORK
CVE‑2016‑72272016‑11‑10 06:59:40LOW (3)The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the existence of local files via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability."00NETWORK
CVE‑2016‑72092016‑11‑10 06:59:23LOW (3)Microsoft Edge allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability."00NETWORK
CVE‑2016‑72082016‑11‑10 06:59:22HIGH (8)The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243.00NETWORK
CVE‑2016‑72062016‑12‑20 06:59:00MEDIUM (4)Cross-site scripting (XSS) vulnerability in Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Edge Information Disclosure Vulnerability," a different vulnerability than CVE-2016-7280.00NETWORK
CVE‑2016‑72042016‑11‑10 06:59:20LOW (3)Microsoft Edge allows remote attackers to access arbitrary "My Documents" files via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability."00NETWORK
CVE‑2016‑72032016‑11‑10 06:59:19HIGH (8)The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7202, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243.00NETWORK
CVE‑2016‑72022016‑11‑10 06:59:18HIGH (8)The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," as demonstrated by the Chakra JavaScript engine, a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243.00NETWORK
CVE‑2016‑72012016‑11‑10 06:59:17HIGH (9)The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243.36NETWORK
CVE‑2016‑72002016‑11‑10 06:59:16HIGH (9)The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243.36NETWORK
CVE‑2016‑71992016‑11‑10 06:59:15LOW (3)Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to bypass the Same Origin Policy and obtain sensitive window-state information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."00NETWORK
CVE‑2016‑71982016‑11‑10 06:59:14HIGH (8)Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7195.00NETWORK
CVE‑2016‑71962016‑11‑10 06:59:13HIGH (8)Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."00NETWORK
CVE‑2016‑71952016‑11‑10 06:59:11HIGH (8)Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7198.00NETWORK
CVE‑2016‑71942016‑10‑14 02:59:39HIGH (8)The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3386, CVE-2016-3389, and CVE-2016-7190.00NETWORK
CVE‑2016‑71902016‑10‑14 02:59:37HIGH (8)The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3386, CVE-2016-3389, and CVE-2016-7194.00NETWORK
CVE‑2016‑71892016‑10‑14 02:59:36HIGH (9)The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Remote Code Execution Vulnerability."00NETWORK
CVE‑2016‑71812016‑12‑20 06:59:00HIGH (8)Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."00NETWORK
CVE‑2016‑41162016‑05‑11 11:01:11HIGH (8)Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.00NETWORK
CVE‑2016‑41152016‑05‑11 11:01:10HIGH (8)Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.00NETWORK
CVE‑2016‑41142016‑05‑11 11:01:09HIGH (8)Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.00NETWORK
CVE‑2016‑41132016‑05‑11 11:01:08HIGH (8)Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.00NETWORK
CVE‑2016‑41122016‑05‑11 11:01:07HIGH (8)Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.00NETWORK
CVE‑2016‑41112016‑05‑11 11:01:05HIGH (8)Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.00NETWORK
CVE‑2016‑41102016‑05‑11 11:01:04HIGH (8)Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.00NETWORK
CVE‑2016‑41092016‑05‑11 11:01:03HIGH (8)Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.00NETWORK
CVE‑2016‑41082016‑05‑11 11:01:02HIGH (8)Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.00NETWORK
CVE‑2016‑33922016‑10‑14 02:59:29LOW (3)The Edge Content Security Policy feature in Microsoft Edge does not properly validate documents, which allows remote attackers to bypass intended access restrictions via a crafted web site, aka "Microsoft Browser Security Feature Bypass Vulnerability."00NETWORK
CVE‑2016‑33912016‑10‑14 02:59:28LOW (3)Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow context-dependent attackers to discover credentials by leveraging access to a memory dump, aka "Microsoft Browser Information Disclosure Vulnerability."00NETWORK
CVE‑2016‑33902016‑10‑14 02:59:27HIGH (8)The scripting engines in Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as demonstrated by the Chakra JavaScript engine, aka "Scripting Engine Memory Corruption Vulnerability."00NETWORK
CVE‑2016‑33892016‑10‑14 02:59:26HIGH (8)The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3386, CVE-2016-7190, and CVE-2016-7194.00NETWORK
CVE‑2016‑33882016‑10‑14 02:59:25LOW (3)Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsoft Browser Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3387.00NETWORK
CVE‑2016‑33872016‑10‑14 02:59:24MEDIUM (7)Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsoft Browser Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3388.00NETWORK
CVE‑2016‑33862016‑10‑14 02:59:23HIGH (9)The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3389, CVE-2016-7190, and CVE-2016-7194.00NETWORK
CVE‑2016‑33822016‑10‑14 02:59:18HIGH (9)The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as demonstrated by the Chakra JavaScript engine, aka "Scripting Engine Memory Corruption Vulnerability."00NETWORK
CVE‑2016‑33772016‑09‑14 10:59:52HIGH (8)The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3350.00NETWORK
CVE‑2016‑33742016‑09‑14 10:59:49MEDIUM (4)The PDF library in Microsoft Edge, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information via a crafted web site, aka "PDF Library Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3370.00NETWORK
CVE‑2016‑33702016‑09‑14 10:59:45MEDIUM (4)The PDF library in Microsoft Edge, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information via a crafted web site, aka "PDF Library Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3374.00NETWORK
CVE‑2016‑33512016‑09‑14 10:59:24MEDIUM (7)Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."34NETWORK
CVE‑2016‑33502016‑09‑14 10:59:23HIGH (8)The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3377.00NETWORK
CVE‑2016‑33312016‑10‑14 02:59:15HIGH (9)Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."00NETWORK
CVE‑2016‑33302016‑09‑14 10:59:17HIGH (8)Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3294.00NETWORK
CVE‑2016‑33292016‑08‑09 21:59:33LOW (3)Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to determine the existence of files via a crafted webpage, aka "Internet Explorer Information Disclosure Vulnerability."00NETWORK
CVE‑2016‑33272016‑08‑09 21:59:32LOW (3)Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to obtain sensitive information via a crafted web page, aka "Microsoft Browser Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3326.00NETWORK
CVE‑2016‑33262016‑08‑09 21:59:31LOW (3)Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to obtain sensitive information via a crafted web page, aka "Microsoft Browser Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3327.00NETWORK
CVE‑2016‑33252016‑09‑14 10:59:16LOW (3)Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."00NETWORK
CVE‑2016‑33222016‑08‑09 21:59:30HIGH (8)Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3289.00NETWORK
CVE‑2016‑33192016‑08‑09 21:59:26HIGH (9)The PDF library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allows remote attackers to execute arbitrary code via a crafted PDF file, aka "Microsoft PDF Remote Code Execution Vulnerability."00NETWORK
CVE‑2016‑32972016‑09‑14 10:59:10MEDIUM (7)Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."00NETWORK
CVE‑2016‑32962016‑08‑09 21:59:08HIGH (8)The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."00NETWORK
CVE‑2016‑32952016‑09‑14 10:59:09MEDIUM (5)Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."00NETWORK
CVE‑2016‑32942016‑09‑14 10:59:08HIGH (8)Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3330.00NETWORK
CVE‑2016‑32932016‑08‑09 21:59:07HIGH (8)Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability."00NETWORK
CVE‑2016‑32912016‑09‑14 10:59:06LOW (3)Microsoft Internet Explorer 11 and Microsoft Edge mishandle cross-origin requests, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."00NETWORK
CVE‑2016‑32892016‑08‑09 21:59:03HIGH (8)Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3322.00NETWORK
CVE‑2016‑32772016‑07‑13 01:59:31LOW (3)Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."00NETWORK
CVE‑2016‑32742016‑07‑13 01:59:30LOW (3)Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to conduct content-spoofing attacks via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability."00NETWORK
CVE‑2016‑32732016‑07‑13 01:59:29LOW (3)The XSS Filter in Microsoft Internet Explorer 9 through 11 and Microsoft Edge does not properly restrict JavaScript code, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."00NETWORK
CVE‑2016‑32712016‑07‑13 01:59:26MEDIUM (4)The VBScript engine in Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability."00NETWORK
CVE‑2016‑32692016‑07‑13 01:59:25HIGH (9)The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3265.00NETWORK
CVE‑2016‑32672016‑10‑14 02:59:12MEDIUM (4)Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the existence of unspecified files via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."00NETWORK
CVE‑2016‑32652016‑07‑13 01:59:24HIGH (9)The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3269.00NETWORK
CVE‑2016‑32642016‑07‑13 01:59:23HIGH (8)Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."00NETWORK
CVE‑2016‑32602016‑07‑13 01:59:21HIGH (9)The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."00NETWORK
CVE‑2016‑32592016‑07‑13 01:59:20HIGH (9)The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3248.00NETWORK
CVE‑2016‑32482016‑07‑13 01:59:10HIGH (9)The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3259.00NETWORK
CVE‑2016‑32472016‑09‑14 10:59:04MEDIUM (5)Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."00NETWORK
CVE‑2016‑32462016‑07‑13 01:59:09HIGH (8)Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."00NETWORK
CVE‑2016‑32442016‑07‑13 01:59:08MEDIUM (4)Microsoft Edge allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Edge Security Feature Bypass."00NETWORK
CVE‑2016‑32222016‑06‑16 01:59:26HIGH (9)Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."00NETWORK
CVE‑2016‑32152016‑06‑16 01:59:20MEDIUM (4)Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 1511, and Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted PDF document, aka "Windows PDF Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3201.00NETWORK
CVE‑2016‑32142016‑06‑16 01:59:19HIGH (9)The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3199.00NETWORK
CVE‑2016‑32032016‑06‑16 01:59:10HIGH (9)Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allow remote attackers to execute arbitrary code via a crafted PDF document, aka "Windows PDF Remote Code Execution Vulnerability."00NETWORK
CVE‑2016‑32022016‑06‑16 01:59:09HIGH (8)The Microsoft (1) Chakra JavaScript, (2) JScript, and (3) VBScript engines, as used in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."00NETWORK
CVE‑2016‑32012016‑06‑16 01:59:08MEDIUM (4)Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted PDF document, aka "Windows PDF Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3215.00NETWORK
CVE‑2016‑31992016‑06‑16 01:59:07HIGH (9)The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3214.00NETWORK
CVE‑2016‑31982016‑06‑16 01:59:06MEDIUM (4)Microsoft Edge allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via a crafted document, aka "Microsoft Edge Security Feature Bypass."00NETWORK
CVE‑2016‑11102016‑05‑11 11:00:22HIGH (8)Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.00NETWORK
CVE‑2016‑11092016‑05‑11 11:00:21HIGH (8)Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.00NETWORK
CVE‑2016‑11082016‑05‑11 11:00:20HIGH (8)Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.00NETWORK
CVE‑2016‑11072016‑05‑11 11:00:19HIGH (8)Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.00NETWORK
CVE‑2016‑11062016‑05‑11 11:00:18HIGH (8)Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.00NETWORK
CVE‑2016‑11052016‑05‑11 11:00:17HIGH (8)Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.00NETWORK
CVE‑2016‑11042016‑05‑11 11:00:16HIGH (8)Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.00NETWORK
CVE‑2016‑11032016‑05‑11 11:00:15HIGH (8)Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.00NETWORK
CVE‑2016‑11022016‑05‑11 11:00:14HIGH (8)Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.00NETWORK
CVE‑2016‑11012016‑05‑11 11:00:12HIGH (8)Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.00NETWORK
CVE‑2016‑11002016‑05‑11 11:00:11HIGH (8)Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.00NETWORK
CVE‑2016‑10992016‑05‑11 11:00:10HIGH (8)Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.00NETWORK
CVE‑2016‑10982016‑05‑11 11:00:09HIGH (8)Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.00NETWORK
CVE‑2016‑10972016‑05‑11 11:00:08HIGH (8)Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.00NETWORK
CVE‑2016‑10962016‑05‑11 11:00:07HIGH (8)Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.00NETWORK
CVE‑2016‑01932016‑05‑11 01:59:35HIGH (8)The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0186 and CVE-2016-0191.00NETWORK
CVE‑2016‑01922016‑05‑11 01:59:34HIGH (8)Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."00NETWORK
CVE‑2016‑01912016‑05‑11 01:59:33HIGH (8)The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0186 and CVE-2016-0193.00NETWORK
CVE‑2016‑01862016‑05‑11 01:59:27HIGH (8)The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0191 and CVE-2016-0193.00NETWORK
CVE‑2016‑01612016‑04‑12 23:59:25MEDIUM (4)Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Edge Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0158.00NETWORK
CVE‑2016‑01582016‑04‑12 23:59:22MEDIUM (4)Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Edge Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0161.00NETWORK
CVE‑2016‑01572016‑04‑12 23:59:21HIGH (8)Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0155 and CVE-2016-0156.00NETWORK
CVE‑2016‑01562016‑04‑12 23:59:20HIGH (8)Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0155 and CVE-2016-0157.00NETWORK
CVE‑2016‑01552016‑04‑12 23:59:19HIGH (8)Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0156 and CVE-2016-0157.00NETWORK
CVE‑2016‑01542016‑04‑12 23:59:18HIGH (8)Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."00NETWORK
CVE‑2016‑01302016‑03‑09 11:59:33HIGH (8)Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0116, CVE-2016-0123, CVE-2016-0124, and CVE-2016-0129.00NETWORK
CVE‑2016‑01292016‑03‑09 11:59:32HIGH (8)Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0116, CVE-2016-0123, CVE-2016-0124, and CVE-2016-0130.00NETWORK
CVE‑2016‑01252016‑03‑09 11:59:31LOW (3)Microsoft Edge mishandles the Referer policy, which allows remote attackers to obtain sensitive browser-history and request information via a crafted HTTPS web site, aka "Microsoft Edge Information Disclosure Vulnerability."00NETWORK
CVE‑2016‑01242016‑03‑09 11:59:30HIGH (8)Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0116, CVE-2016-0123, CVE-2016-0129, and CVE-2016-0130.00NETWORK
CVE‑2016‑01232016‑03‑09 11:59:29HIGH (8)Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0116, CVE-2016-0124, CVE-2016-0129, and CVE-2016-0130.00NETWORK
CVE‑2016‑01162016‑03‑09 11:59:25HIGH (8)Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0123, CVE-2016-0124, CVE-2016-0129, and CVE-2016-0130.00NETWORK
CVE‑2016‑01112016‑03‑09 11:59:21HIGH (8)Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0105, CVE-2016-0107, CVE-2016-0112, and CVE-2016-0113.00NETWORK
CVE‑2016‑01102016‑03‑09 11:59:20HIGH (8)Microsoft Internet Explorer 10 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."00NETWORK
CVE‑2016‑01092016‑03‑09 11:59:19HIGH (8)Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0102, CVE-2016-0103, CVE-2016-0106, CVE-2016-0108, and CVE-2016-0114.00NETWORK
CVE‑2016‑01052016‑03‑09 11:59:15HIGH (8)Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0107, CVE-2016-0111, CVE-2016-0112, and CVE-2016-0113.00NETWORK
CVE‑2016‑01022016‑03‑09 11:59:13HIGH (8)Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0103, CVE-2016-0106, CVE-2016-0108, CVE-2016-0109, and CVE-2016-0114.00NETWORK
CVE‑2016‑00842016‑02‑10 11:59:34HIGH (9)Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."00NETWORK
CVE‑2016‑00802016‑02‑10 11:59:33MEDIUM (4)Microsoft Edge mishandles exceptions during window-message dispatch operations, which allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Edge ASLR Bypass."00NETWORK
CVE‑2016‑00772016‑02‑10 11:59:32MEDIUM (4)Microsoft Internet Explorer 9 through 11 and Microsoft Edge misparse HTTP responses, which allows remote attackers to spoof web sites via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability."00NETWORK
CVE‑2016‑00622016‑02‑10 11:59:26HIGH (9)Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."00NETWORK
CVE‑2016‑00612016‑02‑10 11:59:25HIGH (9)Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0060, CVE-2016-0063, CVE-2016-0067, and CVE-2016-0072.00NETWORK
CVE‑2016‑00602016‑02‑10 11:59:24HIGH (9)Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0061, CVE-2016-0063, CVE-2016-0067, and CVE-2016-0072.00NETWORK
CVE‑2016‑00242016‑01‑13 05:59:18HIGH (9)The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via unspecified vectors, aka "Scripting Engine Memory Corruption Vulnerability."00NETWORK
CVE‑2016‑00032016‑01‑13 05:59:03HIGH (9)Microsoft Edge allows remote attackers to execute arbitrary code via unspecified vectors, aka "Microsoft Edge Memory Corruption Vulnerability."00NETWORK
CVE‑2015‑61762015‑12‑09 11:59:57MEDIUM (4)Microsoft Edge mishandles HTML attributes in HTTP responses, which allows remote attackers to bypass a cross-site scripting (XSS) protection mechanism via unspecified vectors, aka "Microsoft Edge XSS Filter Bypass Vulnerability."00NETWORK
CVE‑2015‑61702015‑12‑09 11:59:52MEDIUM (7)Microsoft Edge allows remote attackers to gain privileges via a crafted web site, aka "Microsoft Browser Elevation of Privilege Vulnerability."00NETWORK
CVE‑2015‑61692015‑12‑09 11:59:51MEDIUM (4)Microsoft Edge misparses HTTP responses, which allows remote attackers to redirect users to arbitrary web sites via unspecified vectors, aka "Microsoft Edge Spoofing Vulnerability."00NETWORK
CVE‑2015‑61682015‑12‑09 11:59:50HIGH (9)Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6153.00NETWORK
CVE‑2015‑61592015‑12‑09 11:59:43HIGH (9)Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6140, CVE-2015-6142, CVE-2015-6143, CVE-2015-6153, CVE-2015-6158, and CVE-2015-6160.00NETWORK
CVE‑2015‑61582015‑12‑09 11:59:42HIGH (9)Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6140, CVE-2015-6142, CVE-2015-6143, CVE-2015-6153, CVE-2015-6159, and CVE-2015-6160.00NETWORK
CVE‑2015‑61552015‑12‑09 11:59:39HIGH (9)Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."00NETWORK
CVE‑2015‑61542015‑12‑09 11:59:38HIGH (9)Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6150.00NETWORK
CVE‑2015‑61532015‑12‑09 11:59:37HIGH (9)Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6140, CVE-2015-6142, CVE-2015-6143, CVE-2015-6158, CVE-2015-6159, and CVE-2015-6160.00NETWORK
CVE‑2015‑61512015‑12‑09 11:59:35HIGH (9)Microsoft Internet Explorer 8 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6083.00NETWORK
CVE‑2015‑61422015‑12‑09 11:59:26HIGH (9)Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6140, CVE-2015-6143, CVE-2015-6153, CVE-2015-6158, CVE-2015-6159, and CVE-2015-6160.00NETWORK
CVE‑2015‑61402015‑12‑09 11:59:24HIGH (9)Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6142, CVE-2015-6143, CVE-2015-6153, CVE-2015-6158, CVE-2015-6159, and CVE-2015-6160.00NETWORK
CVE‑2015‑61392015‑12‑09 11:59:23HIGH (9)Microsoft Internet Explorer 11 and Microsoft Edge mishandle content types, which allows remote attackers to execute arbitrary web script in a privileged context via a crafted web site, aka "Microsoft Browser Elevation of Privilege Vulnerability."00NETWORK
CVE‑2015‑60882015‑11‑11 12:59:29MEDIUM (4)Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Browser ASLR Bypass."00NETWORK
CVE‑2015‑60782015‑11‑11 12:59:20HIGH (9)Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6065.00NETWORK
CVE‑2015‑60732015‑11‑11 12:59:15HIGH (9)Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6068, CVE-2015-6072, CVE-2015-6075, CVE-2015-6077, CVE-2015-6079, CVE-2015-6080, and CVE-2015-6082.00NETWORK
CVE‑2015‑60642015‑11‑11 11:59:35HIGH (9)Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6084 and CVE-2015-6085.00NETWORK
CVE‑2015‑60582015‑10‑14 01:59:29MEDIUM (4)Microsoft Edge mishandles HTML attributes in HTTP responses, which allows remote attackers to bypass a cross-site scripting (XSS) protection mechanism via unspecified vectors, aka "Microsoft Edge XSS Filter Bypass."00NETWORK
CVE‑2015‑60572015‑10‑14 01:59:28MEDIUM (5)Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability."00NETWORK
CVE‑2015‑25422015‑09‑09 00:59:49HIGH (9)Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability."00NETWORK
CVE‑2015‑24942015‑09‑09 00:59:12HIGH (9)Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2486, CVE-2015-2487, CVE-2015-2490, CVE-2015-2492, CVE-2015-2498, and CVE-2015-2499.00NETWORK
CVE‑2015‑24862015‑09‑09 00:59:05HIGH (9)Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2487, CVE-2015-2490, CVE-2015-2492, CVE-2015-2494, CVE-2015-2498, and CVE-2015-2499.00NETWORK
CVE‑2015‑24852015‑09‑09 00:59:04HIGH (9)Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2491 and CVE-2015-2541.00NETWORK
CVE‑2015‑24492015‑08‑14 10:59:09MEDIUM (4)Microsoft Internet Explorer 7 through 11 and Edge allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "ASLR Bypass."00NETWORK
CVE‑2015‑24462015‑08‑14 10:59:06HIGH (9)Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2447.00NETWORK
CVE‑2015‑24422015‑08‑14 10:59:01HIGH (9)Microsoft Internet Explorer 8 through 11 and Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2444.00NETWORK
CVE‑2015‑24412015‑08‑14 10:59:00HIGH (9)Microsoft Internet Explorer 7 through 11 and Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2452.00NETWORK
CVE‑2015‑03132015‑02‑02 19:59:00CRITICAL (10)Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2015, a different vulnerability than CVE-2015-0315, CVE-2015-0320, and CVE-2015-0322.46NETWORK
CVE‑2015‑03112015‑01‑23 21:59:05CRITICAL (10)Unspecified vulnerability in Adobe Flash Player through 13.0.0.262 and 14.x, 15.x, and 16.x through 16.0.0.287 on Windows and OS X and through 11.2.202.438 on Linux allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in January 2015.46NETWORK

Get the IT stuff done that nobody wants to do.

Patch more applications, achieve compliance, and prevent problems while reducing stress with Lavawall®.

Security First

A security tool by security auditors. From Passkeys and Argon2i to source validation and MVSP principles, Lavawall® has you covered.

Constant Improvement

More features and more security added nearly every day.

More patchable programs added every week

While Ninite and other patching tools have had the same patch offerings for decades, we're monitoring stats to keep adding the most useful prorgams.

Details matter

From wrapping TLS communications in extra encryption and uninstalling remote support tools when they aren't used to detailed statistical analysis of system and network performance, Lavawall® goes in-depth.

Chromium extensions and Notification Validation

Lavawall®p; goes beyond patches and breach detection. We also monitor for risky Chromium extensions and allowed notifications that might be part of a phishing or ransomware attack.

Extended Cloud Security

Extend the security features of Cloudflare, Microsoft, Google, Sophos, and other cloud providers to create a Lavawall® of protection

Secure Remote Management

Even if you used breached remote management tools like ScreenConnect through Lavawall® when it was vulnerable, your computers stayed safe because we only install the agent when it needs to be used.

Integrations and automation

Easily deploy, monitor, and analyze security tools like Huntress, AutoElevate, and Sophos. Magically gain details from ZenDesk, ConnectWise, Datto, Panorama9, Microsoft, and Google.

Human and automated support

Get immediate fixes, user notifications, admin notifications -- and even security-certified human level 3 support when our advanced statistical analysis confirms a problem or anomaly.

We are constantly improving the Lavawall® tools to add more value. Some of our most recent changes include:
2024‑10‑300.12.8.195Mac update refinements
2024‑10‑250.12.3.190
2024‑10‑210.12.0.187Macos implementaiton, linux and windows improvements
2024‑10‑160.11.128.186Linux stats and system information improvements, improvements for application shutdown
2024‑09‑120.11.113.171CPU Optimizations and Packages reliability improvements
2024‑09‑050.11.106.164Phased deployment enhancements
2024‑09‑040.11.103.161
2024‑09‑020.11.102.160CPU Optimizations and Packages reliability improvements
2024‑08‑300.11.99.157CPU Optimizations and Packages reliability improvements
2024‑08‑290.11.98.156CPU utilization and console event optimization
2024‑08‑280.11.97.155Reliability to detect unusual updates like redistributables.
2024‑08‑270.11.96.154
2024‑08‑260.11.95.153Faster response for reboot requests
2024‑08‑200.11.92.150Additional package upgrade pre-requisites
2024‑08‑150.11.89.147
2024‑08‑060.11.87.145
2024‑07‑260.11.83.141Add resiliency for MAC duplicates and uptime
2024‑07‑250.11.82.140Changes to facilitate cross-platform use. Bitlocker and Windows key refinements
2024‑07‑150.11.80.138Antivirus and temperature added to configuration checks
2024‑07‑150.11.79.137Add configuration checks for execution policy and secure boot
2024‑07‑110.11.77.135load balancing refinements
2024‑07‑100.11.76.134Add additional load balancing and data residency capabilities, add randomness to recurring task timings to decrease server load
2024‑07‑050.11.74.132changes to graph and residual work on user imporsonation
2024‑07‑040.11.73.131Add configuration checks for execution policy and secure boot.
2024‑07‑030.11.72.130Enhanced event log monitoring
2024‑07‑020.11.71.129Add details to Windows updates, enhanced risk metrics for application patches
2024‑06‑190.11.65.123Update resiliancy and garbage collection
2024‑06‑130.11.60.118Enhanced logging
2024‑06‑120.11.55.113Include the primary drive serial number; MAC addresses for built-in wireless, Bluetooth, and ethernet into the device hash to restore uninstalled and reinstalled devices in cases where the motherboard serial is not unique
2024‑06‑070.11.54.112Patch and package uninstall data addition
2024‑06‑050.11.47.105refine per-user registry application listing
2024‑06‑020.11.45.103uninstall and reinstall refinements, refine local logging, refine self-update and uninstall timing
2024‑05‑300.11.21.79various bug fixes and improvements
2024‑05‑280.11.16.74Error logging, registration, and uninstall improvements.
2024‑05‑240.11.14.72applied changes for devices and login commands, changes for registration as well
2024‑05‑220.11.13.71Add Windows computer model, improve Operating System parsing
2024‑05‑210.11.11.69Added additional states for Windows update, flexibility for non-standard program file configurations, support for network diagrams at the switch level, details for Windows editions
2024‑05‑210.11.10.68Add specific cases for Defender patterns and Composer versions.
2024‑05‑170.11.3.61Change Log storage location to c:\program files\Lavawall
2024‑05‑170.11.1.59self-update improvements.
2024‑05‑160.8.0.55 error log reporting and management.
2024‑05‑150.7.0.54Websocket resiliency improvements
2024‑05‑090.6.0.53 Error log reporting and management.
2024‑05‑010.5.44.52Even more improvements to scheduler
2024‑04‑240.5.41.49Install compatibility with Sandbox
2024‑04‑220.5.21.29Project property changes to enable automated compilation with new features.
2024‑04‑200.5.20.28Add motherboard serial number and company reassignment
2024‑04‑110.5.4.12Automate release notes as part of build process
2024‑04‑030.5.3.11Websocket and service enhancements
2024‑03‑210.5.2.10Enhance zip file validation

Although the Linux agent code base is mature, dating back to 2006, we're still constantly improving it to add value and compatibility for new distributions. Some of our most recent changes include:
2024‑05‑20253Added cleanup of old .json files during a re-install
2024‑05‑13252Added apt-get update to install
2024‑05‑06248Allow restart to use /var/run/reboot-required if needrestart is not installed
2024‑04‑22239Improve internal update and version tracking
2024‑04‑15235Add support for Yum packages
2024‑04‑08233Align patching with Windows patch reporting
2024‑04‑02228Add support for needrestart
2024‑03‑04224Schedule restarts
2024‑03‑25221Add support for apt packages
2024‑03‑18212Implement release management
2024‑03‑11202Add user login monitoring
2024‑03‑04189Enhance installation reliability
2024‑02‑26187Exapand triggers to identify if the instance needs to be restarted
2024‑02‑19146Improve compatibility for non-AWS instances
2024‑02‑14138Add self-uninstall capabilities
2024‑02‑12135Enhance scheduling flexibility
2024‑02‑07132Add kernel version tracking
2024‑02‑05124Add device hash to cryptographic self-update script validation
2024‑01‑29107Enhance encryption of patch data
2024‑01‑2298Improve how available storage is calculated
2024‑01‑1597Move initial tasks from installation file to sub scripts
2024‑05‑2191Improve multi-distribution compatibility
2024‑05‑2179Improve encryption reliability
2023‑12‑1168Enhance cryptographic validation of new scripts before updating
2023‑11‑2062Add inner layer of AES encryption in case TLS inspection doesn't allow for a secure connection
2023‑11‑2756Additional base cases for resiliancy
2023‑11‑2054Additional headers added to authentication process during installation.
2023‑11‑2053Enhanced key management
2023‑11‑1551Add insecure installation parameter to allow installation in environments with TLS inspection or other machine-in-the-middle situations.
2023‑11‑0642Enhance redundant encryption during installation.
2023‑10‑3033Improve install-over compatibility
2023‑10‑2318Add reboot configuration and scheduling
2023‑10‑2317Add self-updating functionality.
2023‑10‑1615Add Linux patching information for apt
2023‑10‑0914Collect system information
2023‑10‑0913Add Linux distribution information
2023‑09‑3012Add memory monitoring
2023‑09‑3010Add hardware information
2023‑09‑239Add AWS information
2023‑09‑238Add customized schedule capability for configuration updates
2023‑09‑237Add support for package monitoring using package and dpkg logs
2023‑09‑166Add storage data configuration gathering
2023‑09‑165Add CPU information

Lavawall®'s data gathering approach started with Government and Fortune 50 information security audits. When our founder transitioned from audit and assurance work to a Managed IT Service Provider (MSP), he was shocked that basics like Multi-Factor Authentication were painful to implement in some RMMs like ConnectWise and it was impossible to turn off remote access services in others like Datto RMM and SuperOps.

Lavawall® was built from the ground up with these concerns and the Minimum Viable Secure Product requirements in mind.

Some of the controls we implemented include:
  • PassKeys as the preferred primary authentication at no additional cost
  • Single Sign-on using modern, maintained, and industry-standard protocols for all customers at no additional cost
  • Multi-Factor Authentication as a non-negotiable default
  • Encrypting communications the same way as TLS again within the TLS tunnel, so we can allow TLS inspection without breaking like Huntress or disclosing security vulnerabilities to eavesdroppers.
  • Encouraging external vulnerability reports and customer testing
  • Passwords checked against popular disclosed passwords, hashed before they leave your computer, and then stored using Argon2id
  • Not requiring the use of passwords at all. We consider them a temporary backup authentication in case you can't use passkeys or SSO.

Lavawall® scanning computers are on dedicated servers in Calgary, Alberta, Canada.
Lavawall® databases and front-end systems are hosted with AWS in Montréal, Québec, Canada.
We send emails through AWS in Ireland and dedicated servers in Calgary, Alberta, Canada.
We send text messages for additional identity verification through Twilio in the United States.
We store executables and pass requests through Cloudflare at your nearest edge location.
We use Cloudflare for risk management, turnstile, and web application firewall services.
We use LeadPages for landing pages.
We use Google and Facebook for analytics on our public-facing pages, but they do not have access to the console.
We integrate with third-party tools, such as Microsoft, Google, Huntress, Screen Connect, Axcient, and Datto in their respective locations. However, you must initiate these integrations through single sign-on or by enabling them in your Lavawall® console.

Active security by design

Lavawall® is under active development with the latest release on

5+

Interfaces

150+

Monitored Applications

7+

System Metrics

Actively manage your IT with Lavawall®

Patching

Updates Beyond Windows

Lavawall® prevents the 80% of breaches and failed audits due to missing patches and updates.
You can reduce application patching delays from 67 days to nearly immediate with the 150+ applications that Lavawall® monitors and patches.

Patch release monitoring
Monitor everything without having to select packages or “managed applications”
Patch impact classification
Standard and optional Windows patches
Lavawall patch grid
Logos, products, trade names, and company names are all the property of their respective trademark holders.
The above listing includes products that Lavawall® monitors through public information and/or proprietary statistical analysis.
Although we do have a partner relationship with some of the listed products and companies, they do not necessarily endorse Lavawall® or have integrations with our systems.


Learn More
Flexible Term; Flexible Service

Flexibility for your dynamic business

You need to get your arms around compliance and security and don't want to get locked into “high watermark” monthly invoices or multi-year contracts.

Pay-as-you-need monthly pricing

DIY, full management, and coaching options

CMMI, PCI, SOC2, Canadian Cybersecurity, Minimum Viable Secure Product, and other compliance support

Choose the plan that's right for you

Simple pricing. No hidden fees. Advanced features for you business.

Month
Annual

Get 2 months free with Annual!
DIY

Security-focused RMM

C$3.25 /computer/Month

C$32.50 /computer/Year

  • 1 computer
    or 1 of the following cloud integrations:
    AWS, Axcient, Connectwise, Datto, Google, Huntress, M365, Sophos Central integrations
    (each integration counts as 1 computer)
  • 150+ application patches
  • 30-day Logs
  • Security configuration monitoring
  • Anomaly detection
  • CMMI, MVSP, CyberCanda compliance
  • Lavawall® support
  • Sophos MDR: C$13.50/desktop
    Sophos MDR: C$162/desktop
  • Huntress: C$5.40/device
    Huntress: C$64.80/device
  • Available white-label support for end users
  • Level 3+ IT support for IT
  • Weekly IT coaching sessions
Popular
Managed Security & Support

Unlimited end-user support

C$160 /user/Month

C$1,600 /user/Year

  • 1 computer/user
    Additional devices charged at DIY prices
  • AWS, Axcient, Connectwise, Datto, Google, Huntress, M365, Sophos Central integrations
  • 150+ application patches
  • 90-day Logs
  • Security configuration monitoring
  • Anomaly detection
  • CMMI, MVSP, CyberCanda compliance
  • Lavawall® support
  • Sophos MDR Essentials
  • Huntress
  • White-label email and phone support for end users
  • Level 3+ IT support for IT
  • Weekly IT coaching sessions
  • Automatic discount and upgrade to Support & Coaching after 15 users
Support & Coaching

Improve your IT performance

$2,250 /Month

$22,500 /Year

  • 25 computers included
    Additional computers charged at DIY prices
  • AWS, Axcient, Connectwise, Datto, Google, Huntress, M365, Sophos Central integrations
  • 150+ application patches
  • 90-day Logs
  • Security configuration monitoring
  • Anomaly detection
  • CMMI, MVSP, CyberCanda compliance
  • Lavawall®-only support
  • Sophos MDR Essentials
  • Huntress
  • White-label email and phone support for 15 users included Additional: C$150/user Additional: C$1,500/user
  • L3 IT support for IT
  • Weekly IT coaching sessions

Frequently Asked Questions

If you can not find answer to your question in our FAQ, you can always contact us or email us. We will answer you shortly!

General Questions

The three big catalysts for Lavawall® were:
  1. Two years after a missing Plex Media Server led to the LastPass breach, the Remote Monitorign and Management (RMM) tools availabel for Manged IT Service Providers (MSPs) still didn't monitor for it.
    Going through industry-specific applications, we noticed many were missing from the big RMM and patching providers. MSPs, insurance providers, and organizations that put their cleints at risk need to know about these risks, which lead to the largest number of critical audit findings and breaches
  2. After 20 years of writing the same audit findings about system configurations, Payment Card Industry (PCI) compliance, and missing patches, our technical co-founder wanted to make it easier fo avoid these findings
  3. The existing risk visibility tools for insurance underwriters took a shallow look at Internet-facing risks. They -- along with all businesses -- need a deeper view of the threats that could actually lead to breaches.

Lavawall® breaks vulnerabilities into the following groups:
  • Domain risks
  • Operating System (OS) patches
  • Application patches
  • Network vulnerabilities
  • Cloud vulnerabilities
  • OS configurations

We are currently building more third-party interfaces. Current interfaces include:
  • Axcient*
  • Cloudflare
  • Connectwise Screen Connect
  • Datto RMM
  • FreshDesk*
  • Huntress
  • Microsoft 365
  • Panorama9
  • ZenDesk
*In limited release/development

Yes!
You can use your own logo for the console and notifications. You can also use a CNAME to automatically brand your console.
Note: you cannot currently re-proxy the CNAME to Lavawall® through Cloudflare.
Privacy & Security

We encourage primary authentication for Lavawall® through Passkeys or Single Sign On (SSO).
However, we do allow passwords and use passwords as part of the zero-knowledge encryption for your clients' sensitive data, such as Bitlocker keys and Personally-Identifiable Information (PII).
These passwords use Argon2id slow hashes with individual salts and peppers.

Yes! Lavawall communicates with its endpoints through TLS. However, given that many of our clients want to be as secure as possible and have TLS inspection enabled, we allow for "insecure" connections with invalid certificates, which result from such configurations.
We have added an additional secure tunnel that mimics the TLS process within the public TLS tunnel. This extra tunnel provides authentication and privacy for the workstations and the Lavawall® servers to prevent attacks such as the one that took down Solar Winds.

We do not enable remote access tools like ScreenConnect unless you authorize them and are logged in. Lavawall® was not vulnerable to the ScreenConnect vulnerability because we install and uninstall it right before it's used. In addition, we give the option of linking to Access.

Remote access is not enabled for read-only and audit situations.

Lavawall®'s designer holds a CISSP and CISA. In addition, we have external and internal security reviews.

Get In Touch

Have a quick question and don't want to talk? Send us a quick note with the form below and we'll reply within one business day.

NW Calgary:
(By Appointment Only)
ThreeShield Information Security Corporation
600 Crowfoot Crescent N.W., Suite 340
Calgary, Alberta
T3G 0B4
SE Calgary:
(By Appointment Only)
ThreeShield Information Security Corporation
105, 11500 - 29th St. SE
Calgary, Alberta
T2Z 3W9
Canada
Sales Hours:
9:00am to 5:00pm Mountain Time
Support Hours:
7:00am to 7:00pm Mountain Time
On-Call Support Hours:
24/7

Monitor the real security risks with Lavawall®