Microsoft Edge vulnerabilities
411 known vulnerabilities affecting microsoft/microsoft_edge.
Total CVEs
411
CISA KEV
2
actively exploited
Public exploits
26
Exploited in wild
4
Severity breakdown
CRITICAL7HIGH244MEDIUM152LOW8
Vulnerabilities
Page 11 of 21
CVE-2019-1140HIGHCVSS 8.8≥ 1.0..0, < publication2019-08-14
CVE-2019-1140 [HIGH] CWE-787 CVE-2019-1140: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the s
cvelistv5nvd
CVE-2019-1196MEDIUMCVSS 4.2≥ 1.0..0, < publication2019-08-14
CVE-2019-1196 [MEDIUM] CWE-787 CVE-2019-1196: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the
cvelistv5nvd
CVE-2019-1030MEDIUMCVSS 4.3≥ 1.0..0, < publication2019-08-14
CVE-2019-1030 [MEDIUM] CWE-200 CVE-2019-1030: An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly han
An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.
To exploit the vulnerability, in a web-based attack scenario, an attacker could host a website in an attem
cvelistv5nvd
CVE-2019-1139MEDIUMCVSS 4.2≥ 1.0..0, < publication2019-08-14
CVE-2019-1139 [MEDIUM] CWE-787 CVE-2019-1139: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the
cvelistv5nvd
CVE-2019-1193MEDIUMCVSS 6.4≥ 1.0..0, < publication2019-08-14
CVE-2019-1193 [MEDIUM] CWE-787 CVE-2019-1193: A remote code execution vulnerability exists in the way that Microsoft browsers access objects in me
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user
cvelistv5nvd
CVE-2019-1192MEDIUMCVSS 4.3≥ 1.0..0, < publication2019-08-14
CVE-2019-1192 [MEDIUM] CWE-863 CVE-2019-1192: A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of
A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of different origins. The vulnerability allows Microsoft browsers to bypass Same-Origin Policy (SOP) restrictions, and to allow requests that should otherwise be ignored. An attacker who successfully exploited the vulnerability could force the browser to
cvelistv5nvd
CVE-2019-1197MEDIUMCVSS 4.2≥ 1.0..0, < publication2019-08-14
CVE-2019-1197 [MEDIUM] CWE-787 CVE-2019-1197: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the
cvelistv5nvd
CVE-2019-1131MEDIUMCVSS 4.2≥ 1.0..0, < publication2019-08-14
CVE-2019-1131 [MEDIUM] CWE-787 CVE-2019-1131: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the
cvelistv5nvd
CVE-2019-1195MEDIUMCVSS 4.2≥ 1.0..0, < publication2019-08-14
CVE-2019-1195 [MEDIUM] CWE-787 CVE-2019-1195: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the
cvelistv5nvd
CVE-2019-1141MEDIUMCVSS 4.2≥ 1.0..0, < publication2019-08-14
CVE-2019-1141 [MEDIUM] CWE-787 CVE-2019-1141: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the
cvelistv5nvd
CVE-2019-1103HIGHCVSS 7.5vWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+15 more2019-07-29
CVE-2019-1103 [HIGH] CVE-2019-1103: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scri
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1106, CVE-2019-1107.
cvelistv5
CVE-2019-1107HIGHCVSS 7.5vWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+15 more2019-07-29
CVE-2019-1107 [HIGH] CVE-2019-1107: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scri
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1103, CVE-2019-1106.
cvelistv5
CVE-2019-1106HIGHCVSS 7.5vWindows Server 2016vWindows 10 Version 1607 for 32-bit Systems+13 more2019-07-29
CVE-2019-1106 [HIGH] CVE-2019-1106: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scri
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1103, CVE-2019-1107.
cvelistv5
CVE-2019-1104HIGHCVSS 7.5vWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+15 more2019-07-15
CVE-2019-1104 [HIGH] CWE-787 CVE-2019-1104: A remote code execution vulnerability exists in the way that Microsoft browsers access objects in me
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'.
cvelistv5nvd
CVE-2019-1001HIGHCVSS 7.5vWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+15 more2019-07-15
CVE-2019-1001 [HIGH] CVE-2019-1001: A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Me
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1004, CVE-2019-1056, CVE-2019-1059.
cvelistv5
CVE-2019-1092HIGHCVSS 7.5vWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+15 more2019-07-15
CVE-2019-1092 [HIGH] CVE-2019-1092: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scri
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1062, CVE-2019-1103, CVE-2019-1106, CVE-2019-1107.
cvelistv5
CVE-2019-1062HIGHCVSS 7.5vWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+15 more2019-07-15
CVE-2019-1062 [HIGH] CWE-787 CVE-2019-1062: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1092, CVE-2019-1103, CVE-2019-1106, CVE-2019-1107.
cvelistv5nvd
CVE-2019-0988HIGHCVSS 7.5≥ 1.0..0, < publication2019-06-12
CVE-2019-0988 [HIGH] CWE-787 CVE-2019-0988: A remote code execution vulnerability exists in the way the scripting engine handles objects in memo
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as th
cvelistv5nvd
CVE-2019-1038HIGHCVSS 7.5≥ 1.0..0, < publication2019-06-12
CVE-2019-1038 [HIGH] CWE-787 CVE-2019-1038: A remote code execution vulnerability exists in the way that Microsoft browsers access objects in me
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.
cvelistv5nvd
CVE-2019-1003MEDIUMCVSS 4.2≥ 1.0..0, < publication2019-06-12
CVE-2019-1003 [MEDIUM] CWE-787 CVE-2019-1003: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the
cvelistv5nvd