Microsoft Edge vulnerabilities
411 known vulnerabilities affecting microsoft/microsoft_edge.
Total CVEs
411
CISA KEV
2
actively exploited
Public exploits
26
Exploited in wild
4
Severity breakdown
CRITICAL7HIGH244MEDIUM152LOW8
Vulnerabilities
Page 18 of 21
CVE-2018-8387HIGHCVSS 7.5vWindows 10 Version 1803 for 32-bit SystemsvWindows 10 Version 1803 for x64-based Systems2018-08-15
CVE-2018-8387 [HIGH] CVE-2018-8387: A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerab
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8377.
cvelistv5
CVE-2018-8380HIGHCVSS 7.5vWindows 10 Version 1803 for 32-bit SystemsvWindows 10 Version 1803 for x64-based Systems2018-08-15
CVE-2018-8380 [HIGH] CVE-2018-8380: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scri
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8266, CVE-2018-8381, CVE-2018-8384.
cvelistv5
CVE-2018-8353HIGHCVSS 7.5PoCvWindows 10 Version 1703 for 32-bit SystemsvWindows 10 Version 1703 for x64-based Systems+4 more2018-08-15
CVE-2018-8353 [HIGH] CWE-416 CVE-2018-8353: A remote code execution vulnerability exists in the way that the scripting engine handles objects in
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-
nvd
CVE-2018-8377HIGHCVSS 7.5vWindows 10 Version 1803 for 32-bit SystemsvWindows 10 Version 1803 for x64-based Systems2018-08-15
CVE-2018-8377 [HIGH] CWE-787 CVE-2018-8377: A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memo
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8387.
cvelistv5nvd
CVE-2018-8403HIGHCVSS 7.5vWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+5 more2018-08-15
CVE-2018-8403 [HIGH] CWE-787 CVE-2018-8403: A remote code execution vulnerability exists in the way that Microsoft browsers access objects in me
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability." This affects Internet Explorer 11, Microsoft Edge, Internet Explorer 10.
cvelistv5nvd
CVE-2018-8266HIGHCVSS 7.5vWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+9 more2018-08-15
CVE-2018-8266 [HIGH] CVE-2018-8266: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scri
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8380, CVE-2018-8381, CVE-2018-8384.
cvelistv5
CVE-2018-8385HIGHCVSS 7.5vWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+9 more2018-08-15
CVE-2018-8385 [HIGH] CVE-2018-8385: A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Me
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique fro
cvelistv5
CVE-2018-8357HIGHCVSS 8.3vWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+9 more2018-08-15
CVE-2018-8357 [HIGH] CVE-2018-8357: An elevation of privilege vulnerability exists in Microsoft browsers allowing sandbox escape, aka "M
An elevation of privilege vulnerability exists in Microsoft browsers allowing sandbox escape, aka "Microsoft Browser Elevation of Privilege Vulnerability." This affects Internet Explorer 11, Microsoft Edge.
cvelistv5nvd
CVE-2018-8372HIGHCVSS 7.5PoCvWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+9 more2018-08-15
CVE-2018-8372 [HIGH] CVE-2018-8372: A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Me
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-83
cvelistv5
CVE-2018-8390HIGHCVSS 7.5vWindows 10 Version 1703 for 32-bit SystemsvWindows 10 Version 1703 for x64-based Systems+4 more2018-08-15
CVE-2018-8390 [HIGH] CVE-2018-8390: A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory C
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-
cvelistv5
CVE-2018-8381HIGHCVSS 7.5vWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+9 more2018-08-15
CVE-2018-8381 [HIGH] CVE-2018-8381: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scri
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8266, CVE-2018-8380, CVE-2018-8384.
cvelistv5
CVE-2018-8351MEDIUMCVSS 6.5vWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+2 more2018-08-15
CVE-2018-8351 [MEDIUM] CWE-829 CVE-2018-8351: An information disclosure vulnerability exists when affected Microsoft browsers improperly allow cro
An information disclosure vulnerability exists when affected Microsoft browsers improperly allow cross-frame interaction, aka "Microsoft Browser Information Disclosure Vulnerability." This affects Internet Explorer 11, Microsoft Edge, Internet Explorer 10.
cvelistv5nvd
CVE-2018-8358MEDIUMCVSS 4.3vWindows 10 Version 1607 for 32-bit SystemsvWindows 10 Version 1607 for x64-based Systems+1 more2018-08-15
CVE-2018-8358 [MEDIUM] CVE-2018-8358: A security feature bypass vulnerability exists when Microsoft Edge improperly handles redirect reque
A security feature bypass vulnerability exists when Microsoft Edge improperly handles redirect requests, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge.
cvelistv5nvd
CVE-2018-8388MEDIUMCVSS 4.3vWindows 10 Version 1607 for 32-bit SystemsvWindows 10 Version 1607 for x64-based Systems+7 more2018-08-15
CVE-2018-8388 [MEDIUM] CVE-2018-8388: A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnerability
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8383.
cvelistv5
CVE-2018-8383MEDIUMCVSS 4.3vWindows 10 Version 1803 for 32-bit SystemsvWindows 10 Version 1803 for x64-based Systems2018-08-15
CVE-2018-8383 [MEDIUM] CVE-2018-8383: A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka "Microsoft Edge Spoofing Vulnerability
A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8388.
cvelistv5
CVE-2018-8370LOWCVSS 3.1vWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+9 more2018-08-15
CVE-2018-8370 [LOW] CWE-200 CVE-2018-8370: A information disclosure vulnerability exists when WebAudio Library improperly handles audio request
A information disclosure vulnerability exists when WebAudio Library improperly handles audio requests, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge.
cvelistv5nvd
CVE-2018-8274HIGHCVSS 7.5vWindows 10 Version 1703 for 32-bit SystemsvWindows 10 Version 1703 for x64-based Systems+4 more2018-07-11
CVE-2018-8274 [HIGH] CVE-2018-8274: A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerab
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8125, CVE-2018-8262, CVE-2018-8275, CVE-2018-8279, CVE-2018-8301.
cvelistv5
CVE-2018-8280HIGHCVSS 7.5vWindows 10 Version 1803 for 32-bit SystemsvWindows 10 Version 1803 for x64-based Systems2018-07-11
CVE-2018-8280 [HIGH] CWE-787 CVE-2018-8280: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8286, CVE-2018-8290, CVE-2018-8294.
cvelistv5nvd
CVE-2018-8125HIGHCVSS 7.5vWindows 10 Version 1709 for 32-bit SystemsvWindows 10 Version 1709 for x64-based Systems+2 more2018-07-11
CVE-2018-8125 [HIGH] CWE-787 CVE-2018-8125: A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memo
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8262, CVE-2018-8274, CVE-2018-8275, CVE-2018-8279, CVE-2018-8301.
cvelistv5nvd
CVE-2018-8287HIGHCVSS 7.5vWindows 10 for 32-bit SystemsvWindows 10 for x64-based Systems+9 more2018-07-11
CVE-2018-8287 [HIGH] CVE-2018-8287: A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Me
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-8242, CVE-
cvelistv5