U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:microsoft:edge:84.0.522.52:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 252 matching records.
Displaying matches 181 through 200.
Vuln ID Summary CVSS Severity
CVE-2017-0230

A remote code execution vulnerability exists in Microsoft Edge in the way JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238.

Published: May 12, 2017; 10:29:02 AM -0400
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2017-0229

A remote code execution vulnerability exists in Microsoft Edge in the way JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238.

Published: May 12, 2017; 10:29:02 AM -0400
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2017-0228

A remote code execution vulnerability exists in Microsoft browsers in the way JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238.

Published: May 12, 2017; 10:29:02 AM -0400
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2017-0227

A remote code execution vulnerability exists in Microsoft Edge in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0221 and CVE-2017-0240.

Published: May 12, 2017; 10:29:02 AM -0400
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2017-0224

A remote code execution vulnerability exists in the way JavaScript engines render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238.

Published: May 12, 2017; 10:29:02 AM -0400
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2017-0221

A vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0227 and CVE-2017-0240.

Published: May 12, 2017; 10:29:02 AM -0400
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2017-0208

An information disclosure vulnerability exists in Microsoft Edge when the Chakra scripting engine does not properly handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system, a.k.a. "Scripting Engine Information Disclosure Vulnerability."

Published: April 12, 2017; 10:59:01 AM -0400
V3.0: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-0205

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user, aka "Microsoft Edge Memory Corruption Vulnerability."

Published: April 12, 2017; 10:59:01 AM -0400
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2017-0203

A vulnerability exists in Microsoft Edge when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents. An attacker could trick a user into loading a web page with malicious content, aka "Microsoft Edge Security Feature Bypass Vulnerability."

Published: April 12, 2017; 10:59:01 AM -0400
V3.0: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-0200

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user, aka "Microsoft Edge Memory Corruption Vulnerability."

Published: April 12, 2017; 10:59:01 AM -0400
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2017-0093

A remote code execution vulnerability in Microsoft Edge exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0201.

Published: April 12, 2017; 10:59:00 AM -0400
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2017-0140

Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0066 and CVE-2017-0135.

Published: March 16, 2017; 8:59:03 PM -0400
V3.0: 4.2 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2017-0135

Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0066 and CVE-2017-0140.

Published: March 16, 2017; 8:59:03 PM -0400
V3.0: 4.2 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2017-0069

Microsoft Edge allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0012 and CVE-2017-0033.

Published: March 16, 2017; 8:59:01 PM -0400
V3.0: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-0068

Browsers in Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0017, and CVE-2017-0065.

Published: March 16, 2017; 8:59:01 PM -0400
V3.0: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-0066

Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0135 and CVE-2017-0140.

Published: March 16, 2017; 8:59:01 PM -0400
V3.0: 4.2 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2017-0065

Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0017, and CVE-2017-0068.

Published: March 16, 2017; 8:59:01 PM -0400
V3.0: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-0034

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Published: March 16, 2017; 8:59:01 PM -0400
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2017-0033

Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0012 and CVE-2017-0069.

Published: March 16, 2017; 8:59:01 PM -0400
V3.0: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-0023

The PDF library in Microsoft Edge; Windows 8.1; Windows Server 2012 and R2; Windows RT 8.1; and Windows 10, 1511, and 1607 allows remote attackers to execute arbitrary code via a crafted PDF file, aka "Microsoft PDF Remote Code Execution Vulnerability."

Published: March 16, 2017; 8:59:00 PM -0400
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH