Microsoft Corporation Edge vulnerabilities
7 known vulnerabilities affecting microsoft_corporation/edge.
Total CVEs
7
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH3MEDIUM4
Vulnerabilities
Page 1 of 1
CVE-2017-0205P3HIGHCVSS 7.5vEdge2017-04-12
CVE-2017-0205 [HIGH] CWE-119 CVE-2017-0205: A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memo
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user, aka "Microsoft Edge Memory Corruption Vulnerability."
nvd
CVE-2017-0200P3HIGHCVSS 7.5vEdge2017-04-12
CVE-2017-0200 [HIGH] CWE-119 CVE-2017-0200: A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memo
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user, aka "Microsoft Edge Memory Corruption Vulnerability."
nvd
CVE-2017-0034P3HIGHCVSS 7.5vEdge2017-03-17
CVE-2017-0034 [HIGH] CWE-119 CVE-2017-0034: A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memo
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the
nvd
CVE-2017-0009P4MEDIUMCVSS 4.3vEdge2017-03-17
CVE-2017-0009 [MEDIUM] CWE-200 CVE-2017-0009: Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from
Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0011, CVE-2017-0017, CVE-2017-0065, and CVE-2017-0068.
nvd
CVE-2017-0066P4MEDIUMCVSS 4.2vEdge2017-03-17
CVE-2017-0066 [MEDIUM] CVE-2017-0066: Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other b
Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0135 and CVE-2017-0140.
nvd
CVE-2017-0208P4MEDIUMCVSS 4.3vEdge2017-04-12
CVE-2017-0208 [MEDIUM] CWE-200 CVE-2017-0208: An information disclosure vulnerability exists in Microsoft Edge when the Chakra scripting engine do
An information disclosure vulnerability exists in Microsoft Edge when the Chakra scripting engine does not properly handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system, a.k.a. "Scripting Engine Information Disclosure Vulnerability."
nvd
CVE-2017-0012P4MEDIUMCVSS 4.3vEdge2017-03-17
CVE-2017-0012 [MEDIUM] CWE-20 CVE-2017-0012: Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0033 and CVE-2017-0069.
nvd