Microsoft Edge vulnerabilities
411 known vulnerabilities affecting microsoft/microsoft_edge.
Total CVEs
411
CISA KEV
2
actively exploited
Public exploits
26
Exploited in wild
4
Severity breakdown
CRITICAL7HIGH244MEDIUM152LOW8
Vulnerabilities
Page 17 of 21
CVE-2018-8513HIGHCVSS 7.5vWindows 10 Version 1809 for 32-bit SystemsvWindows 10 Version 1809 for ARM64-based Systems+2 more2018-10-10
CVE-2018-8513 [HIGH] CVE-2018-8513: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scri
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8503, CVE-2018-8505, CVE-2018-8510, CVE
cvelistv5
CVE-2018-8510HIGHCVSS 7.5vWindows 10 Version 1809 for 32-bit SystemsvWindows 10 Version 1809 for ARM64-based Systems+2 more2018-10-10
CVE-2018-8510 [HIGH] CVE-2018-8510: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scri
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8503, CVE-2018-8505, CVE-2018-8511, CVE
cvelistv5
CVE-2018-8512MEDIUMCVSS 5.4vWindows 10 Version 1703 for 32-bit SystemsvWindows 10 Version 1703 for x64-based Systems+4 more2018-10-10
CVE-2018-8512 [MEDIUM] CWE-20 CVE-2018-8512: A security feature bypass vulnerability exists in Microsoft Edge when the Edge Content Security Poli
A security feature bypass vulnerability exists in Microsoft Edge when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8530.
cvelistv5nvd
CVE-2018-8530MEDIUMCVSS 5.4vWindows 10 Version 1703 for 32-bit SystemsvWindows 10 Version 1703 for x64-based Systems+4 more2018-10-10
CVE-2018-8530 [MEDIUM] CVE-2018-8530: A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins, aka "Microsoft Edge Security Feat
A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8512.
cvelistv5
CVE-2018-8456HIGHCVSS 7.5vWindows 10 Version 1703 for 32-bit SystemsvWindows 10 Version 1703 for x64-based Systems+4 more2018-09-13
CVE-2018-8456 [HIGH] CVE-2018-8456: A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory C
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8354, CVE-2018-8391, CVE-2018-8457, CVE-2018-8459.
cvelistv5
CVE-2018-8457HIGHCVSS 7.5vWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+9 more2018-09-13
CVE-2018-8457 [HIGH] CVE-2018-8457: A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Me
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-8354, CVE-2018-8391, C
cvelistv5
CVE-2018-8469HIGHCVSS 7.4PoCvWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+9 more2018-09-13
CVE-2018-8469 [HIGH] CVE-2018-8469: An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser,
An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft Edge Elevation of Privilege Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8463.
cvelistv5
CVE-2018-8367HIGHCVSS 7.5vWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+9 more2018-09-13
CVE-2018-8367 [HIGH] CWE-787 CVE-2018-8367: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8465, CVE-2018-8466, CVE-2018-8467.
cvelistv5nvd
CVE-2018-8354HIGHCVSS 7.5vWindows 10 Version 1803 for 32-bit SystemsvWindows 10 Version 1803 for x64-based Systems2018-09-13
CVE-2018-8354 [HIGH] CWE-787 CVE-2018-8354: A remote code execution vulnerability exists in the way that the scripting engine handles objects in
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8391, CVE-2018-8456, CVE-2018-8457, CVE-2018-8459.
cvelistv5nvd
CVE-2018-8464HIGHCVSS 7.5vWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+9 more2018-09-13
CVE-2018-8464 [HIGH] CWE-119 CVE-2018-8464: An remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles obje
An remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka "Microsoft Edge PDF Remote Code Execution Vulnerability." This affects Microsoft Edge.
cvelistv5nvd
CVE-2018-8459HIGHCVSS 7.5vWindows 10 Version 1803 for 32-bit SystemsvWindows 10 Version 1803 for x64-based Systems2018-09-13
CVE-2018-8459 [HIGH] CVE-2018-8459: A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory C
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8354, CVE-2018-8391, CVE-2018-8456, CVE-2018-8457.
cvelistv5
CVE-2018-8465HIGHCVSS 7.5vWindows 10 Version 1607 for 32-bit SystemsvWindows 10 Version 1607 for x64-based Systems+7 more2018-09-13
CVE-2018-8465 [HIGH] CVE-2018-8465: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scri
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8367, CVE-2018-8466, CVE-2018-8467.
cvelistv5
CVE-2018-8463HIGHCVSS 7.4PoCvWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+9 more2018-09-13
CVE-2018-8463 [HIGH] CVE-2018-8463: An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to esc
An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft Edge Elevation of Privilege Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8469.
cvelistv5nvd
CVE-2018-8466HIGHCVSS 7.5PoCvWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+9 more2018-09-13
CVE-2018-8466 [HIGH] CVE-2018-8466: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scri
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8367, CVE-2018-8465, CVE-2018-8467.
cvelistv5
CVE-2018-8467HIGHCVSS 7.5PoCvWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+9 more2018-09-13
CVE-2018-8467 [HIGH] CVE-2018-8467: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scri
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8367, CVE-2018-8465, CVE-2018-8466.
cvelistv5
CVE-2018-8452MEDIUMCVSS 4.3vWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+9 more2018-09-13
CVE-2018-8452 [MEDIUM] CWE-200 CVE-2018-8452: An information disclosure vulnerability exists when the scripting engine does not properly handle ob
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers, aka "Scripting Engine Information Disclosure Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge.
cvelistv5nvd
CVE-2018-8315MEDIUMCVSS 4.2vWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+9 more2018-09-13
CVE-2018-8315 [MEDIUM] CWE-200 CVE-2018-8315: An information disclosure vulnerability exists when the browser scripting engine improperly handle o
An information disclosure vulnerability exists when the browser scripting engine improperly handle object types, aka "Microsoft Scripting Engine Information Disclosure Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10.
cvelistv5nvd
CVE-2018-8425MEDIUMCVSS 4.3vWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+9 more2018-09-13
CVE-2018-8425 [MEDIUM] CWE-290 CVE-2018-8425: A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "M
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge.
cvelistv5nvd
CVE-2018-8366LOWCVSS 3.1vWindows 10 Version 1803 for 32-bit SystemsvWindows 10 Version 1803 for x64-based Systems2018-09-13
CVE-2018-8366 [LOW] CWE-200 CVE-2018-8366: An information disclosure vulnerability exists when the Microsoft Edge Fetch API incorrectly handles
An information disclosure vulnerability exists when the Microsoft Edge Fetch API incorrectly handles a filtered response type, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge.
cvelistv5nvd
CVE-2018-8355HIGHCVSS 7.5PoCvWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+9 more2018-08-15
CVE-2018-8355 [HIGH] CVE-2018-8355: A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Me
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8353, CVE-2018-8359, CVE-2018-83
cvelistv5