National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:microsoft:edge:-
There are 650 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2020-0767

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713.

Published: February 11, 2020; 05:15:22 PM -05:00
V3.1: 7.5 HIGH
    V2: 7.6 HIGH
CVE-2020-0713

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0767.

Published: February 11, 2020; 05:15:17 PM -05:00
V3.1: 7.5 HIGH
    V2: 7.6 HIGH
CVE-2020-0712

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0713, CVE-2020-0767.

Published: February 11, 2020; 05:15:17 PM -05:00
V3.1: 7.5 HIGH
    V2: 7.6 HIGH
CVE-2020-0711

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767.

Published: February 11, 2020; 05:15:17 PM -05:00
V3.1: 7.5 HIGH
    V2: 7.6 HIGH
CVE-2020-0710

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767.

Published: February 11, 2020; 05:15:17 PM -05:00
V3.1: 7.5 HIGH
    V2: 7.6 HIGH
CVE-2020-0706

An information disclosure vulnerability exists in the way that affected Microsoft browsers handle cross-origin requests, aka 'Microsoft Browser Information Disclosure Vulnerability'.

Published: February 11, 2020; 05:15:17 PM -05:00
V3.1: 4.3 MEDIUM
    V2: 4.3 MEDIUM
CVE-2020-0663

An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability, aka 'Microsoft Edge Elevation of Privilege Vulnerability'.

Published: February 11, 2020; 05:15:14 PM -05:00
V3.1: 4.2 MEDIUM
    V2: 4.0 MEDIUM
CVE-2019-1428

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1427, CVE-2019-1429.

Published: November 12, 2019; 02:15:14 PM -05:00
V3.1: 7.5 HIGH
    V2: 7.6 HIGH
CVE-2019-1427

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1428, CVE-2019-1429.

Published: November 12, 2019; 02:15:14 PM -05:00
V3.1: 7.5 HIGH
    V2: 7.6 HIGH
CVE-2019-1426

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1427, CVE-2019-1428, CVE-2019-1429.

Published: November 12, 2019; 02:15:14 PM -05:00
V3.1: 7.5 HIGH
    V2: 7.6 HIGH
CVE-2019-1413

A security feature bypass vulnerability exists when Microsoft Edge improperly handles extension requests and fails to request host permission for all_urls, aka 'Microsoft Edge Security Feature Bypass Vulnerability'.

Published: November 12, 2019; 02:15:13 PM -05:00
V3.1: 4.3 MEDIUM
    V2: 4.3 MEDIUM
CVE-2019-1366

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1307, CVE-2019-1308, CVE-2019-1335.

Published: October 10, 2019; 10:15:18 AM -04:00
V3.1: 7.5 HIGH
    V2: 7.6 HIGH
CVE-2019-1357

A spoofing vulnerability exists when Microsoft Browsers improperly handle browser cookies, aka 'Microsoft Browser Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-0608.

Published: October 10, 2019; 10:15:17 AM -04:00
V3.1: 4.3 MEDIUM
    V2: 4.3 MEDIUM
CVE-2019-1356

An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory, aka 'Microsoft Edge based on Edge HTML Information Disclosure Vulnerability'.

Published: October 10, 2019; 10:15:17 AM -04:00
V3.1: 6.5 MEDIUM
    V2: 4.3 MEDIUM
CVE-2019-1335

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1307, CVE-2019-1308, CVE-2019-1366.

Published: October 10, 2019; 10:15:16 AM -04:00
V3.1: 7.5 HIGH
    V2: 7.6 HIGH
CVE-2019-1308

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1307, CVE-2019-1335, CVE-2019-1366.

Published: October 10, 2019; 10:15:15 AM -04:00
V3.1: 7.5 HIGH
    V2: 7.6 HIGH
CVE-2019-1307

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1308, CVE-2019-1335, CVE-2019-1366.

Published: October 10, 2019; 10:15:15 AM -04:00
V3.1: 7.5 HIGH
    V2: 7.6 HIGH
CVE-2019-0608

A spoofing vulnerability exists when Microsoft Browsers does not properly parse HTTP content, aka 'Microsoft Browser Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-1357.

Published: October 10, 2019; 10:15:14 AM -04:00
V3.1: 4.3 MEDIUM
    V2: 4.3 MEDIUM
CVE-2019-1300

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1138, CVE-2019-1217, CVE-2019-1237, CVE-2019-1298.

Published: September 11, 2019; 06:15:18 PM -04:00
V3.1: 7.5 HIGH
    V2: 7.6 HIGH
CVE-2019-1299

An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory, aka 'Microsoft Edge based on Edge HTML Information Disclosure Vulnerability'.

Published: September 11, 2019; 06:15:18 PM -04:00
V3.1: 6.5 MEDIUM
    V2: 4.3 MEDIUM