U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:microsoft:edge:81.0.416.68:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 254 matching records.
Displaying matches 181 through 200.
Vuln ID Summary CVSS Severity
CVE-2017-0233

An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft Edge Elevation of Privilege Vulnerability." This CVE ID is unique from CVE-2017-0241.

Published: May 12, 2017; 10:29:02 AM -0400
V3.0: 8.3 HIGH
V2.0: 5.1 MEDIUM
CVE-2017-0231

A spoofing vulnerability exists when Microsoft browsers render SmartScreen Filter, aka "Microsoft Browser Spoofing Vulnerability."

Published: May 12, 2017; 10:29:02 AM -0400
V3.0: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-0230

A remote code execution vulnerability exists in Microsoft Edge in the way JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238.

Published: May 12, 2017; 10:29:02 AM -0400
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2017-0229

A remote code execution vulnerability exists in Microsoft Edge in the way JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238.

Published: May 12, 2017; 10:29:02 AM -0400
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2017-0228

A remote code execution vulnerability exists in Microsoft browsers in the way JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238.

Published: May 12, 2017; 10:29:02 AM -0400
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2017-0227

A remote code execution vulnerability exists in Microsoft Edge in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0221 and CVE-2017-0240.

Published: May 12, 2017; 10:29:02 AM -0400
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2017-0224

A remote code execution vulnerability exists in the way JavaScript engines render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238.

Published: May 12, 2017; 10:29:02 AM -0400
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2017-0221

A vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0227 and CVE-2017-0240.

Published: May 12, 2017; 10:29:02 AM -0400
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2017-0208

An information disclosure vulnerability exists in Microsoft Edge when the Chakra scripting engine does not properly handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system, a.k.a. "Scripting Engine Information Disclosure Vulnerability."

Published: April 12, 2017; 10:59:01 AM -0400
V3.0: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-0205

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user, aka "Microsoft Edge Memory Corruption Vulnerability."

Published: April 12, 2017; 10:59:01 AM -0400
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2017-0203

A vulnerability exists in Microsoft Edge when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents. An attacker could trick a user into loading a web page with malicious content, aka "Microsoft Edge Security Feature Bypass Vulnerability."

Published: April 12, 2017; 10:59:01 AM -0400
V3.0: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-0200

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user, aka "Microsoft Edge Memory Corruption Vulnerability."

Published: April 12, 2017; 10:59:01 AM -0400
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2017-0093

A remote code execution vulnerability in Microsoft Edge exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0201.

Published: April 12, 2017; 10:59:00 AM -0400
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2017-0140

Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0066 and CVE-2017-0135.

Published: March 16, 2017; 8:59:03 PM -0400
V3.0: 4.2 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2017-0135

Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0066 and CVE-2017-0140.

Published: March 16, 2017; 8:59:03 PM -0400
V3.0: 4.2 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2017-0069

Microsoft Edge allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0012 and CVE-2017-0033.

Published: March 16, 2017; 8:59:01 PM -0400
V3.0: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-0068

Browsers in Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0017, and CVE-2017-0065.

Published: March 16, 2017; 8:59:01 PM -0400
V3.0: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-0066

Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0135 and CVE-2017-0140.

Published: March 16, 2017; 8:59:01 PM -0400
V3.0: 4.2 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2017-0065

Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0017, and CVE-2017-0068.

Published: March 16, 2017; 8:59:01 PM -0400
V3.0: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-0034

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Published: March 16, 2017; 8:59:01 PM -0400
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH