) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- CPE Product Version: cpe:/a:microsoft:edge:-
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2020-1462 |
An information disclosure vulnerability exists when Skype for Business is accessed via Microsoft Edge (EdgeHTML-based), aka 'Skype for Business via Microsoft Edge (EdgeHTML-based) Information Disclosure Vulnerability'. Published: July 14, 2020; 7:15:20 PM -0400 |
V3.1: 4.3 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2020-1433 |
An information disclosure vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka 'Microsoft Edge PDF Information Disclosure Vulnerability'. Published: July 14, 2020; 7:15:18 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2020-1242 |
An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests, aka 'Microsoft Edge Information Disclosure Vulnerability'. Published: June 09, 2020; 4:15:16 PM -0400 |
V3.1: 5.3 MEDIUM V2.0: 2.6 LOW |
| CVE-2020-1220 |
A spoofing vulnerability exists when theMicrosoft Edge (Chromium-based) in IE Mode improperly handles specific redirects, aka 'Microsoft Edge (Chromium-based) in IE Mode Spoofing Vulnerability'. Published: June 09, 2020; 4:15:15 PM -0400 |
V3.1: 6.1 MEDIUM V2.0: 5.8 MEDIUM |
| CVE-2020-1219 |
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'. Published: June 09, 2020; 4:15:14 PM -0400 |
V3.1: 7.5 HIGH V2.0: 7.6 HIGH |
| CVE-2020-1073 |
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. Published: June 09, 2020; 4:15:12 PM -0400 |
V3.1: 8.1 HIGH V2.0: 9.3 HIGH |
| CVE-2020-1195 |
An elevation of privilege vulnerability exists in Microsoft Edge (Chromium-based) when the Feedback extension improperly validates input, aka 'Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability'. Published: May 21, 2020; 7:15:18 PM -0400 |
V3.1: 5.9 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2020-1096 |
A remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka 'Microsoft Edge PDF Remote Code Execution Vulnerability'. Published: May 21, 2020; 7:15:14 PM -0400 |
V3.1: 7.5 HIGH V2.0: 7.6 HIGH |
| CVE-2020-1065 |
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. Published: May 21, 2020; 7:15:12 PM -0400 |
V3.1: 7.5 HIGH V2.0: 7.6 HIGH |
| CVE-2020-1059 |
A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka 'Microsoft Edge Spoofing Vulnerability'. Published: May 21, 2020; 7:15:12 PM -0400 |
V3.1: 4.3 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2020-1056 |
An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability, aka 'Microsoft Edge Elevation of Privilege Vulnerability'. Published: May 21, 2020; 7:15:12 PM -0400 |
V3.1: 8.1 HIGH V2.0: 5.8 MEDIUM |
| CVE-2020-1037 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. Published: May 21, 2020; 7:15:11 PM -0400 |
V3.1: 7.5 HIGH V2.0: 7.6 HIGH |
| CVE-2020-0970 |
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0968. Published: April 15, 2020; 11:15:18 AM -0400 |
V3.1: 7.5 HIGH V2.0: 7.6 HIGH |
| CVE-2020-0969 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. Published: April 15, 2020; 11:15:18 AM -0400 |
V3.1: 7.5 HIGH V2.0: 7.6 HIGH |
| CVE-2020-0848 |
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833. Published: March 12, 2020; 12:15:18 PM -0400 |
V3.1: 7.5 HIGH V2.0: 7.6 HIGH |
| CVE-2020-0831 |
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848. Published: March 12, 2020; 12:15:17 PM -0400 |
V3.1: 7.5 HIGH V2.0: 7.6 HIGH |
| CVE-2020-0830 |
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848. Published: March 12, 2020; 12:15:17 PM -0400 |
V3.1: 7.5 HIGH V2.0: 7.6 HIGH |
| CVE-2020-0829 |
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848. Published: March 12, 2020; 12:15:17 PM -0400 |
V3.1: 7.5 HIGH V2.0: 7.6 HIGH |
| CVE-2020-0828 |
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848. Published: March 12, 2020; 12:15:17 PM -0400 |
V3.1: 7.5 HIGH V2.0: 7.6 HIGH |
| CVE-2020-0827 |
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848. Published: March 12, 2020; 12:15:17 PM -0400 |
V3.1: 7.5 HIGH V2.0: 7.6 HIGH |