Microsoft Edge vulnerabilities

411 known vulnerabilities affecting microsoft/microsoft_edge.

Total CVEs

411

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL7HIGH244MEDIUM152LOW8

Vulnerabilities

Page 14 of 21

CVE-2019-0806HIGHCVSS 7.5vWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+15 more2019-04-09

CVE-2019-0806 [HIGH] CWE-787 CVE-2019-0806: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0810, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861.

cvelistv5nvd

CVE-2019-0861HIGHCVSS 7.5vWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+15 more2019-04-09

CVE-2019-0861 [HIGH] CVE-2019-0861: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scri A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860.

cvelistv5

CVE-2019-0771HIGHCVSS 7.5vWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+15 more2019-04-09

CVE-2019-0771 [HIGH] CVE-2019-0771: A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine M A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0773, CVE-2019-0783

cvelistv5

CVE-2019-0833MEDIUMCVSS 6.5vWindows 10 Version 1809 for 32-bit SystemsvWindows 10 Version 1809 for x64-based Systems+2 more2019-04-09

CVE-2019-0833 [MEDIUM] CVE-2019-0833: An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in mem An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka 'Microsoft Edge Information Disclosure Vulnerability'.

cvelistv5nvd

CVE-2019-0746MEDIUMCVSS 6.5vWindows Server 20122019-04-09

CVE-2019-0746 [MEDIUM] CVE-2019-0746: An information disclosure vulnerability exists when the scripting engine does not properly handle ob An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'.

cvelistv5nvd

CVE-2019-0762MEDIUMCVSS 4.3vWindows 10 Version 1709 for 32-bit Systems2019-04-09

CVE-2019-0762 [MEDIUM] CWE-863 CVE-2019-0762: A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of different origins, aka 'Microsoft Browsers Security Feature Bypass Vulnerability'.

cvelistv5nvd

CVE-2019-0764MEDIUMCVSS 6.5vWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+15 more2019-04-09

CVE-2019-0764 [MEDIUM] CWE-88 CVE-2019-0764: A tampering vulnerability exists when Microsoft browsers do not properly validate input under specif A tampering vulnerability exists when Microsoft browsers do not properly validate input under specific conditions, aka 'Microsoft Browsers Tampering Vulnerability'.

cvelistv5nvd

CVE-2019-0678MEDIUMCVSS 6.8vWindows Server 2016vWindows 10 Version 1607 for 32-bit Systems+13 more2019-04-09

CVE-2019-0678 [MEDIUM] CWE-863 CVE-2019-0678: An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-d An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability, aka 'Microsoft E

cvelistv5nvd

CVE-2019-0592HIGHCVSS 7.5vWindows 10 Version 1703 for 32-bit SystemsvWindows 10 Version 1703 for x64-based Systems+10 more2019-04-08

CVE-2019-0592 [HIGH] CWE-787 CVE-2019-0592: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0611.

cvelistv5nvd

CVE-2019-0609HIGHCVSS 7.5vWindows RT 8.1vWindows 10 for 32-bit Systems+14 more2019-04-08

CVE-2019-0609 [HIGH] CVE-2019-0609: A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Me A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783.

cvelistv5

CVE-2019-0639HIGHCVSS 7.5vWindows 10 Version 1803 for 32-bit SystemsvWindows 10 Version 1803 for x64-based Systems+3 more2019-04-08

CVE-2019-0639 [HIGH] CVE-2019-0639: A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory C A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783.

cvelistv5

CVE-2019-0611HIGHCVSS 7.5vWindows 10 Version 1703 for 32-bit SystemsvWindows 10 Version 1703 for x64-based Systems+10 more2019-04-08

CVE-2019-0611 [HIGH] CVE-2019-0611: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scri A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0592.

cvelistv5

CVE-2019-0612MEDIUMCVSS 5.3PoCvWindows 10 Version 1703 for 32-bit SystemsvWindows 10 Version 1703 for x64-based Systems+10 more2019-04-08

CVE-2019-0612 [MEDIUM] CVE-2019-0612: A security feature bypass vulnerability exists when Click2Play protection in Microsoft Edge improper A security feature bypass vulnerability exists when Click2Play protection in Microsoft Edge improperly handles flash objects. By itself, this bypass vulnerability does not allow arbitrary code execution, aka 'Microsoft Edge Security Feature Bypass Vulnerability'.

cvelistv5nvd

CVE-2019-0645HIGHCVSS 7.5vWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+15 more2019-03-06

CVE-2019-0645 [HIGH] CVE-2019-0645: A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerab A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0634, CVE-2019-0650.

cvelistv5

CVE-2019-0593HIGHCVSS 7.5vWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+15 more2019-03-06

CVE-2019-0593 [HIGH] CVE-2019-0593: A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine M A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642

cvelistv5

CVE-2019-0642HIGHCVSS 7.5vWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+15 more2019-03-06

CVE-2019-0642 [HIGH] CVE-2019-0642: A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine M A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640

cvelistv5

CVE-2019-0650HIGHCVSS 7.5vWindows 10 Version 1803 for 32-bit SystemsvWindows 10 Version 1803 for x64-based Systems+5 more2019-03-06

CVE-2019-0650 [HIGH] CVE-2019-0650: A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerab A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0634, CVE-2019-0645.

cvelistv5

CVE-2019-0640HIGHCVSS 7.5vWindows 10 Version 1703 for 32-bit SystemsvWindows 10 Version 1703 for x64-based Systems+10 more2019-03-06

CVE-2019-0640 [HIGH] CVE-2019-0640: A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine M A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0642

cvelistv5

CVE-2019-0655HIGHCVSS 7.5vWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+15 more2019-03-06

CVE-2019-0655 [HIGH] CVE-2019-0655: A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine M A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640

cvelistv5

CVE-2019-0651HIGHCVSS 7.5vWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+15 more2019-03-06

CVE-2019-0651 [HIGH] CVE-2019-0651: A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine M A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640

cvelistv5

← Previous14 / 21Next →