threat
engine
.sh
Back
·
··:··
Home
/
Product
/
microsoft edge
Product
microsoft edge
500 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-35429
< 148.0.3967.55
User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker t
4.3
MEDIUM
CVE-2026-33119
< 147.0.3912.60
User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker t
5.4
MEDIUM
CVE-2026-26133
< 145.3800.99
AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.
7.1
HIGH
CVE-2025-62224
< 143.0.3650.97
User interface (ui) misrepresentation of critical information in Microsoft Edge for Android allows an authorized attacker to perfo
5.5
MEDIUM
CVE-2025-47967
< 140.0.3485.71
Insufficient ui warning of dangerous operations in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing
4.7
MEDIUM
CVE-2025-49755
< 139.0.3405.86
User interface (ui) misrepresentation of critical information in Microsoft Edge for Android allows an unauthorized attacker to per
4.3
MEDIUM
CVE-2025-49736
< 139.0.3405.86
The ui performs the wrong action in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network.
4.3
MEDIUM
CVE-2025-29796
< 135.0.3179.54
User interface (ui) misrepresentation of critical information in Microsoft Edge for iOS allows an unauthorized attacker to perform
4.7
MEDIUM
CVE-2025-25001
< 132.0.2957.118
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an
4.3
MEDIUM
CVE-2025-21253
all versions
Microsoft Edge for IOS and Android Spoofing Vulnerability
5.3
MEDIUM
CVE-2024-38222
< 128.0.2739.42
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
6.5
MEDIUM
CVE-2024-41879
< 128.0.2739.42
Acrobat Reader versions 127.0.2651.105 and earlier are affected by an out-of-bounds write vulnerability that could result in arbit
7.8
HIGH
CVE-2024-38208
< 128.0.2739.42
Microsoft Edge for Android Spoofing Vulnerability
6.1
MEDIUM
CVE-2024-7971
< 128.0.2739.42
Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HT
9.6
CRITICAL
CVE-2024-38103
< 127.0.2651.74
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
5.9
MEDIUM
CVE-2024-38156
< 126.0.2592.102
Microsoft Edge (Chromium-based) Spoofing Vulnerability
6.1
MEDIUM
CVE-2024-38093
< 126.0.2592.68
Microsoft Edge (Chromium-based) Spoofing Vulnerability
4.3
MEDIUM
CVE-2024-38082
< 126.0.2592.68
Microsoft Edge (Chromium-based) Spoofing Vulnerability
4.7
MEDIUM
CVE-2024-30057
< 126.0.2592.56
Microsoft Edge for iOS Spoofing Vulnerability
5.4
MEDIUM
CVE-2024-29057
< 123.0.2420.53
Microsoft Edge (Chromium-based) Spoofing Vulnerability
4.3
MEDIUM
CVE-2024-26247
< 123.0.2420.53
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
4.7
MEDIUM
CVE-2024-26196
< 122.0.2365.63
Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability
4.3
MEDIUM
CVE-2024-26246
< 122.0.2365.92
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
3.9
LOW
CVE-2024-26167
< 122.0.2365.92
Microsoft Edge for Android Spoofing Vulnerability
4.3
MEDIUM
CVE-2024-26188
< 122.0.2365.52
Microsoft Edge (Chromium-based) Spoofing Vulnerability
4.3
MEDIUM
CVE-2021-42797
< 2020
Path traversal vulnerability in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior allows an unauthenticated user
7.5
HIGH
CVE-2021-42796
< 2020
An issue was discovered in ExecuteCommand() in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior that allows unau
9.8
CRITICAL
CVE-2021-42794
< 2020
An issue was discovered in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior. The application allows a client to
5.3
MEDIUM
CVE-2023-34982
<= 20.1.101
This external control vulnerability, if exploited, could allow a local OS-authenticated user with standard privileges to delete fi
5.5
MEDIUM
CVE-2023-33873
<= 20.1.101
This privilege escalation vulnerability, if exploited, cloud allow a local OS-authenticated user with standard privileges to escal
7.8
HIGH
CVE-2023-36029
< 118.0.2088.88
Microsoft Edge (Chromium-based) Spoofing Vulnerability
4.3
MEDIUM
CVE-2023-5217
all versions
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacke
8.8
HIGH
CVE-2023-36883
< 114.0.1823.82
Microsoft Edge for iOS Spoofing Vulnerability
4.3
MEDIUM
CVE-2023-28301
< 112.0.1722.34
Microsoft Edge (Chromium-based) Tampering Vulnerability
3.7
LOW
CVE-2023-28284
< 112.0.1722.34
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
4.3
MEDIUM
CVE-2022-44708
< 108.0.1462.42
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
8.3
HIGH
CVE-2022-4135
< 107.0.1418.62
Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer pr
9.6
CRITICAL
CVE-2022-23258
< 97.0.1072.69
Microsoft Edge for Android Spoofing Vulnerability
4.3
MEDIUM
CVE-2021-41351
all versions
Microsoft Edge (Chrome based) Spoofing on IE Mode
4.3
MEDIUM
CVE-2021-23443
< 5.3.2
This affects the package edge.js before 5.3.2. A type confusion vulnerability can be used to bypass input sanitization when the in
5.4
MEDIUM
CVE-2021-38669
< 93.0.961.44
Microsoft Edge (Chromium-based) Tampering Vulnerability
6.4
MEDIUM
CVE-2021-30624
<= 93.0.961.38
Chromium: CVE-2021-30624 Use after free in Autofill
8.8
HIGH
CVE-2021-30623
<= 93.0.961.38
Chromium: CVE-2021-30623 Use after free in Bookmarks
8.8
HIGH
CVE-2021-30622
<= 93.0.961.38
Chromium: CVE-2021-30622 Use after free in WebApp Installs
8.8
HIGH
CVE-2021-30621
<= 93.0.961.38
Chromium: CVE-2021-30621 UI Spoofing in Autofill
6.5
MEDIUM
CVE-2021-30620
<= 93.0.961.38
Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink
8.8
HIGH
CVE-2021-30619
<= 93.0.961.38
Chromium: CVE-2021-30619 UI Spoofing in Autofill
6.5
MEDIUM
CVE-2021-30618
<= 93.0.961.38
Chromium: CVE-2021-30618 Inappropriate implementation in DevTools
8.8
HIGH
CVE-2021-30617
<= 93.0.961.38
Chromium: CVE-2021-30617 Policy bypass in Blink
6.5
MEDIUM
CVE-2021-30616
<= 93.0.961.38
Chromium: CVE-2021-30616 Use after free in Media
8.8
HIGH
CVE-2021-30615
<= 93.0.961.38
Chromium: CVE-2021-30615 Cross-origin data leak in Navigation
6.5
MEDIUM
CVE-2021-30614
<= 93.0.961.38
Chromium: CVE-2021-30614 Heap buffer overflow in TabStrip
8.8
HIGH
CVE-2021-30613
<= 93.0.961.38
Chromium: CVE-2021-30613 Use after free in Base internals
8.8
HIGH
CVE-2021-30612
<= 93.0.961.38
Chromium: CVE-2021-30612 Use after free in WebRTC
8.8
HIGH
CVE-2021-30611
<= 93.0.961.38
Chromium: CVE-2021-30611 Use after free in WebRTC
8.8
HIGH
CVE-2021-30610
<= 93.0.961.38
Chromium: CVE-2021-30610 Use after free in Extensions API
8.8
HIGH
CVE-2021-30609
<= 93.0.961.38
Chromium: CVE-2021-30609 Use after free in Sign-In
8.8
HIGH
CVE-2021-30608
<= 93.0.961.38
Chromium: CVE-2021-30608 Use after free in Web Share
8.8
HIGH
CVE-2021-30607
<= 93.0.961.38
Chromium: CVE-2021-30607 Use after free in Permissions
8.8
HIGH
CVE-2021-30606
<= 93.0.961.38
Chromium: CVE-2021-30606 Use after free in Blink
8.8
HIGH
CVE-2021-38642
< 93.0.961.38
Microsoft Edge for iOS Spoofing Vulnerability
6.1
MEDIUM
CVE-2021-38641
< 93.0.961.38
Microsoft Edge for Android Spoofing Vulnerability
6.1
MEDIUM
CVE-2021-36930
< 93.0.961.38
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
5.3
MEDIUM
CVE-2021-26439
< 93.0.961.38
Microsoft Edge for Android Information Disclosure Vulnerability
4.6
MEDIUM
CVE-2021-26436
< 93.0.961.38
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
6.1
MEDIUM
CVE-2021-27338
< 3.7
Faraday Edge before 3.7 allows XSS via the network/create/ page and its network name parameter.
5.4
MEDIUM
CVE-2021-26411
all versions
Internet Explorer Memory Corruption Vulnerability
8.8
HIGH
CVE-2021-24100
all versions
Microsoft Edge for Android Information Disclosure Vulnerability
5.0
MEDIUM
CVE-2021-21157
< 88.0.705.74
Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit he
8.8
HIGH
CVE-2021-21141
< 88.0.705.74
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass file
6.5
MEDIUM
CVE-2021-21140
< 88.0.705.74
Uninitialized use in USB in Google Chrome prior to 88.0.4324.96 allowed a local attacker to potentially perform out of bounds memo
6.8
MEDIUM
CVE-2021-1705
all versions
Microsoft Edge (HTML-based) Memory Corruption Vulnerability
4.2
MEDIUM
CVE-2020-17153
all versions
Microsoft Edge for Android Spoofing Vulnerability
4.3
MEDIUM
CVE-2020-17131
all versions
Chakra Scripting Engine Memory Corruption Vulnerability
4.2
MEDIUM
CVE-2020-17058
all versions
Microsoft Browser Memory Corruption Vulnerability
7.5
HIGH
CVE-2020-17054
all versions
Chakra Scripting Engine Memory Corruption Vulnerability
4.2
MEDIUM
CVE-2020-17052
all versions
Scripting Engine Memory Corruption Vulnerability
7.5
HIGH
CVE-2020-17048
all versions
Chakra Scripting Engine Memory Corruption Vulnerability
4.2
MEDIUM
CVE-2020-16009
< 86.0.622.63
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap c
8.8
HIGH
CVE-2020-1180
all versions
<p>A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vul
4.2
MEDIUM
CVE-2020-1172
all versions
<p>A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vul
4.2
MEDIUM
CVE-2020-1057
all versions
<p>A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vul
4.2
MEDIUM
CVE-2020-16884
all versions
<p>A remote code execution vulnerability exists in the way that the IEToEdge Browser Helper Object (BHO) plugin on Internet Explor
4.2
MEDIUM
CVE-2020-0878
all versions
<p>A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability cou
4.2
MEDIUM
CVE-2020-1569
all versions
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could co
7.8
HIGH
CVE-2020-1568
all versions
A remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory. The vulnerabilit
7.5
HIGH
CVE-2020-1555
all versions
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTM
8.8
HIGH
CVE-2020-1462
all versions
An information disclosure vulnerability exists when Skype for Business is accessed via Microsoft Edge (EdgeHTML-based), aka 'Skype
4.3
MEDIUM
CVE-2020-1433
all versions
An information disclosure vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka 'Microsoft
6.5
MEDIUM
CVE-2020-1242
all versions
An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests, aka 'Microsoft Edge I
5.3
MEDIUM
CVE-2020-1220
all versions
A spoofing vulnerability exists when theMicrosoft Edge (Chromium-based) in IE Mode improperly handles specific redirects, aka 'Mic
6.1
MEDIUM
CVE-2020-1219
all versions
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser M
7.5
HIGH
CVE-2020-1073
all versions
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
8.1
HIGH
CVE-2020-1195
all versions
An elevation of privilege vulnerability exists in Microsoft Edge (Chromium-based) when the Feedback extension improperly validates
5.9
MEDIUM
CVE-2020-1096
all versions
A remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka 'Microsoft E
7.5
HIGH
CVE-2020-1065
all versions
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
7.5
HIGH
CVE-2020-1059
all versions
A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka 'Microsoft Edge Spoofing Vulnerabili
4.3
MEDIUM
CVE-2020-1056
all versions
An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could al
8.1
HIGH
CVE-2020-1037
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2020-0970
all versions
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
7.5
HIGH
CVE-2020-0969
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2020-0848
all versions
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
7.5
HIGH
CVE-2020-0831
all versions
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
7.5
HIGH
CVE-2020-0830
all versions
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka
7.5
HIGH
CVE-2020-0829
all versions
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
7.5
HIGH
CVE-2020-0828
all versions
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
7.5
HIGH
CVE-2020-0827
all versions
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
7.5
HIGH
CVE-2020-0826
all versions
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
7.5
HIGH
CVE-2020-0825
all versions
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
7.5
HIGH
CVE-2020-0823
all versions
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
7.5
HIGH
CVE-2020-0816
all versions
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory
8.8
HIGH
CVE-2020-0813
all versions
An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an
7.5
HIGH
CVE-2020-0812
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2020-0811
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2020-0768
all versions
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka
7.5
HIGH
CVE-2020-0767
all versions
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
7.5
HIGH
CVE-2020-0713
all versions
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
7.5
HIGH
CVE-2020-0712
all versions
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
7.5
HIGH
CVE-2020-0711
all versions
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
7.5
HIGH
CVE-2020-0710
all versions
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip
7.5
HIGH
CVE-2020-0706
all versions
An information disclosure vulnerability exists in the way that affected Microsoft browsers handle cross-origin requests, aka 'Micr
4.3
MEDIUM
CVE-2020-0663
all versions
An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could al
4.2
MEDIUM
CVE-2019-1428
all versions
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTM
7.5
HIGH
CVE-2019-1427
all versions
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTM
7.5
HIGH
CVE-2019-1426
all versions
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTM
7.5
HIGH
CVE-2019-1413
all versions
A security feature bypass vulnerability exists when Microsoft Edge improperly handles extension requests and fails to request host
4.3
MEDIUM
CVE-2019-1366
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-1357
all versions
A spoofing vulnerability exists when Microsoft Browsers improperly handle browser cookies, aka 'Microsoft Browser Spoofing Vulnera
4.3
MEDIUM
CVE-2019-1356
all versions
An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory, aka 'M
6.5
MEDIUM
CVE-2019-1335
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-1308
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-1307
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0608
all versions
A spoofing vulnerability exists when Microsoft Browsers does not properly parse HTTP content, aka 'Microsoft Browser Spoofing Vuln
4.3
MEDIUM
CVE-2019-1300
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-1299
all versions
An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory, aka 'M
6.5
MEDIUM
CVE-2019-1298
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-1237
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-1220
all versions
A security feature bypass vulnerability exists when Microsoft Browsers fail to validate the correct Security Zone of requests for
4.3
MEDIUM
CVE-2019-1217
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-1138
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-1197
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
4.2
MEDIUM
CVE-2019-1196
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
4.2
MEDIUM
CVE-2019-1195
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
4.2
MEDIUM
CVE-2019-1193
all versions
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could
6.4
MEDIUM
CVE-2019-1192
all versions
A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of different origins. The vulner
4.3
MEDIUM
CVE-2019-1141
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
4.2
MEDIUM
CVE-2019-1140
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
8.8
HIGH
CVE-2019-1139
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
4.2
MEDIUM
CVE-2019-1131
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
4.2
MEDIUM
CVE-2019-1030
all versions
An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory. An att
4.3
MEDIUM
CVE-2019-1107
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-1106
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-1104
all versions
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser M
7.5
HIGH
CVE-2019-1103
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-1092
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-1062
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-1001
all versions
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka
7.5
HIGH
CVE-2019-1081
all versions
An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory. An attacker w
4.2
MEDIUM
CVE-2019-1054
all versions
A security feature bypass vulnerability exists in Edge that allows for bypassing Mark of the Web Tagging (MOTW). Failing to set th
5.0
MEDIUM
CVE-2019-1052
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
4.2
MEDIUM
CVE-2019-1051
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
4.2
MEDIUM
CVE-2019-1038
all versions
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could
7.5
HIGH
CVE-2019-1024
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
4.2
MEDIUM
CVE-2019-1023
all versions
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft E
6.5
MEDIUM
CVE-2019-1003
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
4.2
MEDIUM
CVE-2019-1002
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
4.2
MEDIUM
CVE-2019-0993
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
4.2
MEDIUM
CVE-2019-0992
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
4.2
MEDIUM
CVE-2019-0991
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
4.2
MEDIUM
CVE-2019-0990
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
6.5
MEDIUM
CVE-2019-0989
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
4.2
MEDIUM
CVE-2019-0940
all versions
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser M
7.5
HIGH
CVE-2019-0938
all versions
An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sand
9.0
CRITICAL
CVE-2019-0937
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0933
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0927
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0926
all versions
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory
7.5
HIGH
CVE-2019-0925
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0924
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0923
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0922
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0917
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0916
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0915
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0914
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0913
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0912
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0911
all versions
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka
7.5
HIGH
CVE-2019-0884
all versions
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka
7.5
HIGH
CVE-2019-0861
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0860
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0833
all versions
An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka 'Microsoft Edge Infor
6.5
MEDIUM
CVE-2019-0829
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0812
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0810
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0806
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0764
all versions
A tampering vulnerability exists when Microsoft browsers do not properly validate input under specific conditions, aka 'Microsoft
6.5
MEDIUM
CVE-2019-0739
all versions
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0780
all versions
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser M
7.5
HIGH
CVE-2019-0779
all versions
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory
7.5
HIGH
CVE-2019-0773
all versions
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0771
all versions
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0770
all versions
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0769
all versions
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0762
all versions
A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of different origins, aka 'Micro
4.3
MEDIUM
CVE-2019-0746
all versions
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft E
6.5
MEDIUM
CVE-2019-0678
all versions
An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could al
6.8
MEDIUM
CVE-2019-0612
all versions
A security feature bypass vulnerability exists when Click2Play protection in Microsoft Edge improperly handles flash objects. By i
5.3
MEDIUM
CVE-2019-0611
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0609
all versions
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka
7.5
HIGH
CVE-2019-0592
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0658
all versions
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft E
6.5
MEDIUM
CVE-2019-0655
all versions
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0654
all versions
A spoofing vulnerability exists when Microsoft browsers improperly handles specific redirects, aka 'Microsoft Browser Spoofing Vul
4.3
MEDIUM
CVE-2019-0652
all versions
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0651
all versions
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0650
all versions
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory
7.5
HIGH
CVE-2019-0649
all versions
A vulnerability exists in Microsoft Chakra JIT server, aka 'Scripting Engine Elevation of Privileged Vulnerability'.
8.1
HIGH
CVE-2019-0648
all versions
An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an
4.3
MEDIUM
CVE-2019-0645
all versions
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory
7.5
HIGH
CVE-2019-0644
all versions
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0643
all versions
An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests, aka 'Microsoft Edge I
4.3
MEDIUM
CVE-2019-0642
all versions
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0641
all versions
A security feature bypass vulnerability exists in Microsoft Edge handles whitelisting, aka 'Microsoft Edge Security Feature Bypass
5.9
MEDIUM
CVE-2019-0640
all versions
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0634
all versions
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory
7.5
HIGH
CVE-2019-0610
all versions
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0607
all versions
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0605
all versions
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0593
all versions
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0591
all versions
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0590
all versions
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2019-0568
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0567
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2019-0566
all versions
An elevation of privilege vulnerability exists in Microsoft Edge Browser Broker COM object, aka "Microsoft Edge Elevation of Privi
8.8
HIGH
CVE-2019-0565
all versions
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory
7.5
HIGH
CVE-2019-0539
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8629
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8624
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8618
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8617
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8583
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8588
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8567
all versions
An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could al
5.4
MEDIUM
CVE-2018-8564
all versions
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnera
4.3
MEDIUM
CVE-2018-8557
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8556
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8555
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8551
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8545
all versions
An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests, aka "Microsoft Edge I
4.3
MEDIUM
CVE-2018-8543
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8542
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8541
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-17916
all versions
InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2.
9.8
CRITICAL
CVE-2018-17914
all versions
InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2.
9.8
CRITICAL
CVE-2018-8530
all versions
A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins, aka "Microsof
4.3
MEDIUM
CVE-2018-8513
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8512
all versions
A security feature bypass vulnerability exists in Microsoft Edge when the Edge Content Security Policy (CSP) fails to properly val
5.4
MEDIUM
CVE-2018-8511
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8510
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8509
all versions
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory
7.5
HIGH
CVE-2018-8505
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8503
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8473
all versions
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory
7.5
HIGH
CVE-2018-8469
all versions
An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sand
7.4
HIGH
CVE-2018-8467
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8466
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8465
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8464
all versions
An remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka "Microsoft
7.5
HIGH
CVE-2018-8463
all versions
An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sand
7.4
HIGH
CVE-2018-8459
all versions
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scrip
7.5
HIGH
CVE-2018-8457
all versions
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka
7.5
HIGH
CVE-2018-8456
all versions
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scrip
7.5
HIGH
CVE-2018-8452
all versions
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft b
4.3
MEDIUM
CVE-2018-8425
all versions
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnera
4.3
MEDIUM
CVE-2018-8367
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8366
all versions
An information disclosure vulnerability exists when the Microsoft Edge Fetch API incorrectly handles a filtered response type, aka
3.1
LOW
CVE-2018-8354
all versions
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2018-8315
all versions
An information disclosure vulnerability exists when the browser scripting engine improperly handle object types, aka "Microsoft Sc
4.2
MEDIUM
CVE-2018-8403
all versions
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka "Microsoft Browser M
7.5
HIGH
CVE-2018-8390
all versions
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scrip
7.5
HIGH
CVE-2018-8388
all versions
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnera
4.3
MEDIUM
CVE-2018-8387
all versions
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory
7.5
HIGH
CVE-2018-8385
all versions
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka
7.5
HIGH
CVE-2018-8383
all versions
A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka "Microsoft Edge Spoofing Vulnerabili
4.3
MEDIUM
CVE-2018-8381
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8380
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8377
all versions
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory
7.5
HIGH
CVE-2018-8372
all versions
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka
7.5
HIGH
CVE-2018-8370
all versions
A information disclosure vulnerability exists when WebAudio Library improperly handles audio requests, aka "Microsoft Edge Informa
3.1
LOW
CVE-2018-8358
all versions
A security feature bypass vulnerability exists when Microsoft Edge improperly handles redirect requests, aka "Microsoft Edge Secur
4.3
MEDIUM
CVE-2018-8357
all versions
An elevation of privilege vulnerability exists in Microsoft browsers allowing sandbox escape, aka "Microsoft Browser Elevation of
8.3
HIGH
CVE-2018-8355
all versions
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka
7.5
HIGH
CVE-2018-8351
all versions
An information disclosure vulnerability exists when affected Microsoft browsers improperly allow cross-frame interaction, aka "Mic
6.5
MEDIUM
CVE-2018-8266
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8325
all versions
An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Infor
4.3
MEDIUM
CVE-2018-8324
all versions
An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Infor
4.3
MEDIUM
CVE-2018-8301
all versions
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory
7.5
HIGH
CVE-2018-8297
all versions
An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Infor
4.3
MEDIUM
CVE-2018-8294
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8291
all versions
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka
7.5
HIGH
CVE-2018-8290
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8289
all versions
An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Infor
4.3
MEDIUM
CVE-2018-8288
all versions
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka
7.5
HIGH
CVE-2018-8287
all versions
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka
7.5
HIGH
CVE-2018-8286
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8280
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8279
all versions
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory
7.5
HIGH
CVE-2018-8278
all versions
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnera
6.1
MEDIUM
CVE-2018-8276
all versions
A security feature bypass vulnerability exists in the Microsoft Chakra scripting engine that allows Control Flow Guard (CFG) to be
6.5
MEDIUM
CVE-2018-8275
all versions
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory
7.5
HIGH
CVE-2018-8274
all versions
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory
7.5
HIGH
CVE-2018-8262
all versions
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory
7.5
HIGH
CVE-2018-8125
all versions
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory
7.5
HIGH
CVE-2018-8236
all versions
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory
7.5
HIGH
CVE-2018-8235
all versions
A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins, aka "Microsof
4.3
MEDIUM
CVE-2018-8234
all versions
An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Infor
4.3
MEDIUM
CVE-2018-8229
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8227
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8111
all versions
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory
7.5
HIGH
CVE-2018-8110
all versions
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory
7.5
HIGH
CVE-2018-0871
all versions
An information disclosure vulnerability exists when Edge improperly marks files, aka "Microsoft Edge Information Disclosure Vulner
4.3
MEDIUM
CVE-2018-8179
all versions
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory
7.5
HIGH
CVE-2018-8178
all versions
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka "Microsoft Browser M
7.5
HIGH
CVE-2018-8177
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8145
all versions
An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an
7.5
HIGH
CVE-2018-8139
all versions
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2018-8137
all versions
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2018-8133
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8130
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-8128
all versions
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2018-8123
all versions
An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Infor
4.3
MEDIUM
CVE-2018-8112
all versions
A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins, aka "Microsof
4.3
MEDIUM
CVE-2018-1025
all versions
An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory, aka "Microsof
4.3
MEDIUM
CVE-2018-1022
all versions
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka
7.5
HIGH
CVE-2018-1021
all versions
An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Infor
4.3
MEDIUM
CVE-2018-0954
all versions
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka
7.5
HIGH
CVE-2018-0953
all versions
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2018-0951
all versions
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2018-0946
all versions
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2018-0945
all versions
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka
7.5
HIGH
CVE-2018-0943
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-1023
all versions
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka "Microsoft Browser M
7.5
HIGH
CVE-2018-1019
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-0998
all versions
An information disclosure vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka "Microsoft
4.3
MEDIUM
CVE-2018-0995
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-0994
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-0993
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-0990
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-0980
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-0979
all versions
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed
7.5
HIGH
CVE-2018-0892
all versions
An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Infor
4.3
MEDIUM
CVE-2018-0939
all versions
ChakraCore and Microsoft Edge in Windows 10 1703 and 1709 allow information disclosure, due to how the scripting engine handles ob
4.3
MEDIUM
CVE-2018-0937
all versions
ChakraCore and Microsoft Windows 10 1703 and 1709 allow remote code execution, due to how the Chakra scripting engine handles obje
7.5
HIGH
CVE-2018-0936
all versions
ChakraCore and Microsoft Windows 10 1709 allow remote code execution, due to how the Chakra scripting engine handles objects in me
7.5
HIGH
CVE-2018-0934
all versions
ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how
7.5
HIGH
CVE-2018-0933
all versions
ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how
7.5
HIGH
CVE-2018-0932
all versions
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and
4.3
MEDIUM
CVE-2018-0931
all versions
ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how
7.5
HIGH
CVE-2018-0930
all versions
ChakraCore and Microsoft Edge in Microsoft Windows 10 1709 allows remote code execution, due to how the Chakra scripting engine ha
7.5
HIGH
CVE-2018-0927
all versions
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and
4.3
MEDIUM
CVE-2018-0893
all versions
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the sc
7.5
HIGH
CVE-2018-0891
all versions
ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Wind
4.3
MEDIUM
CVE-2018-0879
all versions
Microsoft Edge in Windows 10 1709 allows information disclosure, due to how Edge handles objects in memory, aka "Microsoft Edge In
7.5
HIGH
CVE-2018-0876
all versions
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the sc
7.5
HIGH
CVE-2018-0874
all versions
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code exe
7.5
HIGH
CVE-2018-0873
all versions
ChakraCore and Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution
7.5
HIGH
CVE-2018-0872
all versions
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code exe
7.5
HIGH
CVE-2018-0861
all versions
Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows remote code execution, due to how the scripting
7.5
HIGH
CVE-2018-0860
all versions
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code exe
7.5
HIGH
CVE-2018-0859
all versions
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code exe
7.5
HIGH
CVE-2018-0857
all versions
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code exe
7.5
HIGH
CVE-2018-0856
all versions
Microsoft Edge and ChakraCore in Microsoft Windows 10 1703 and 1709 allows remote code execution, due to how the scripting engine
7.5
HIGH
CVE-2018-0840
all versions
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and
7.5
HIGH
CVE-2018-0839
all versions
Microsoft Edge in Microsoft Windows 10 1703 allows information disclosure, due to how Edge handles objects in memory, aka "Microso
4.3
MEDIUM
CVE-2018-0838
all versions
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code exe
7.5
HIGH
CVE-2018-0837
all versions
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code exe
7.5
HIGH
CVE-2018-0836
all versions
Microsoft Edge and ChakraCore in Microsoft Windows 10 1703 and 1709 allows remote code execution, due to how the scripting engine
7.5
HIGH
CVE-2018-0835
all versions
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code exe
7.5
HIGH
CVE-2018-0834
all versions
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code exe
7.5
HIGH
CVE-2018-0771
all versions
Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows a security feature bypass, due to how Edge handl
4.3
MEDIUM
CVE-2018-0763
all versions
Microsoft Edge in Microsoft Windows 10 1703 and 1709 allows information disclosure, due to how Edge handles objects in memory, aka
3.1
LOW
CVE-2018-0803
all versions
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to access informat
4.2
MEDIUM
CVE-2018-0800
all versions
Microsoft Edge in Microsoft Windows 10 1709 allows an attacker to obtain information to further compromise the user's system, due
5.3
MEDIUM
CVE-2018-0781
all versions
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in
7.5
HIGH
CVE-2018-0780
all versions
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain informat
5.3
MEDIUM
CVE-2018-0778
all versions
Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the
7.5
HIGH
CVE-2018-0777
all versions
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in
7.5
HIGH
CVE-2018-0776
all versions
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in
7.5
HIGH
CVE-2018-0775
all versions
Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the
7.5
HIGH
CVE-2018-0774
all versions
Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the
7.5
HIGH
CVE-2018-0773
all versions
Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the
7.5
HIGH
CVE-2018-0772
all versions
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012
7.5
HIGH
CVE-2018-0770
all versions
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in
7.5
HIGH
CVE-2018-0769
all versions
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in
7.5
HIGH
CVE-2018-0768
all versions
Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the
7.5
HIGH
CVE-2018-0767
all versions
Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to
5.3
MEDIUM
CVE-2018-0766
all versions
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain informat
4.3
MEDIUM
CVE-2018-0762
all versions
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012
7.5
HIGH
CVE-2018-0758
all versions
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in
7.5
HIGH
CVE-2017-3195
all versions
Commvault Edge Communication Service (cvd) prior to version 11 SP7 or version 11 SP6 with hotfix 590 is prone to a stack-based buf
9.8
CRITICAL
CVE-2017-11919
all versions
ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows
5.3
MEDIUM
CVE-2017-11918
all versions
ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the s
7.5
HIGH
CVE-2017-11914
all versions
ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same us
7.5
HIGH
CVE-2017-11912
all versions
ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Wind
7.5
HIGH
CVE-2017-11911
all versions
ChakraCore and Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the cont
7.5
HIGH
CVE-2017-11910
all versions
ChakraCore and Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in th
7.5
HIGH
CVE-2017-11909
all versions
ChakraCore and Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the cont
7.5
HIGH
CVE-2017-11908
all versions
ChakraCore and Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scr
7.5
HIGH
CVE-2017-11905
all versions
ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrar
7.5
HIGH
CVE-2017-11895
all versions
ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows
7.5
HIGH
CVE-2017-11894
all versions
ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Wind
7.5
HIGH
CVE-2017-11893
all versions
ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrar
7.5
HIGH
CVE-2017-11889
all versions
ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute ar
7.5
HIGH
CVE-2017-11888
all versions
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitra
7.5
HIGH
CVE-2017-11874
all versions
Microsoft Edge in Microsoft Windows 10 1703, 1709, Windows Server, version 1709, and ChakraCore allows an attacker to bypass Contr
3.1
LOW
CVE-2017-11873
all versions
ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an
7.5
HIGH
CVE-2017-11872
all versions
Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to force the browser to send data th
6.5
MEDIUM
CVE-2017-11871
all versions
ChakraCore and Microsoft Edge in Windows 10 1703, 1709, and Windows Server, version 1709 allows an attacker to gain the same user
7.5
HIGH
CVE-2017-11870
all versions
ChakraCore and Microsoft Edge in Windows 10 1703, 1709, and Windows Server, version 1709 allows an attacker to gain the same user
7.5
HIGH
CVE-2017-11866
all versions
ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 all
7.5
HIGH
CVE-2017-11863
all versions
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows a
6.1
MEDIUM
CVE-2017-11862
all versions
ChakraCore and Microsoft Edge in Windows 10 1709 and Windows Server, version 1709 allows an attacker to gain the same user rights
7.5
HIGH
CVE-2017-11861
all versions
Microsoft Edge in Windows 10 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the
7.5
HIGH
CVE-2017-11858
all versions
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windo
7.5
HIGH
CVE-2017-11846
all versions
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windo
7.5
HIGH
CVE-2017-11845
all versions
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due t
7.5
HIGH
CVE-2017-11844
all versions
Microsoft Edge in Microsoft Windows 10 1703, 1709 and Windows Server, version 1709 allows an attacker to obtain information to fur
4.3
MEDIUM
CVE-2017-11843
all versions
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windo
7.5
HIGH
CVE-2017-11841
all versions
ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 all
7.5
HIGH
CVE-2017-11840
all versions
ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 all
7.5
HIGH
CVE-2017-11839
all versions
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker
7.5
HIGH
CVE-2017-11838
all versions
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows S
7.5
HIGH
CVE-2017-11837
all versions
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows S
7.5
HIGH
CVE-2017-11836
all versions
ChakraCore, and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, versi
7.5
HIGH
CVE-2017-11833
all versions
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows a
3.1
LOW
CVE-2017-11827
all versions
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and
7.5
HIGH
CVE-2017-11803
all versions
Microsoft Edge in Microsoft Windows 10 1703, 1709 and Windows Server, version 1709 allows an attacker to obtain information to fur
4.3
MEDIUM
CVE-2017-11791
all versions
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, W
3.1
LOW
CVE-2017-8726
all versions
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary cod
4.3
MEDIUM
CVE-2017-11821
all versions
ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the curr
7.5
HIGH
CVE-2017-11812
all versions
ChakraCore and Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbi
7.5
HIGH
CVE-2017-11811
all versions
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execut
7.5
HIGH
CVE-2017-11809
all versions
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execut
7.5
HIGH
CVE-2017-11808
all versions
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execut
7.5
HIGH
CVE-2017-11807
all versions
ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the curr
7.5
HIGH
CVE-2017-11806
all versions
ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the curr
7.5
HIGH
CVE-2017-11805
all versions
ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the curr
7.5
HIGH
CVE-2017-11804
all versions
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execut
7.5
HIGH
CVE-2017-11802
all versions
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execut
7.5
HIGH
CVE-2017-11800
all versions
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows an attacker to execute arbitrary code in t
7.5
HIGH
CVE-2017-11799
all versions
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execut
7.5
HIGH
CVE-2017-11798
all versions
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary cod
7.5
HIGH
CVE-2017-11796
all versions
ChakraCore and Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user,
7.5
HIGH
CVE-2017-11794
all versions
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to obtain information to further compromise the user's system, due
4.3
MEDIUM
CVE-2017-11792
all versions
ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allow an attacker to execute arbitrary code in the context of the curre
7.5
HIGH
CVE-2017-8757
all versions
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary cod
7.5
HIGH
CVE-2017-8756
all versions
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary cod
7.5
HIGH
CVE-2017-8755
all versions
Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in t
7.5
HIGH
CVE-2017-8754
all versions
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to trick a user into loa
4.2
MEDIUM
CVE-2017-8753
all versions
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary cod
7.5
HIGH
CVE-2017-8752
all versions
Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in t
7.5
HIGH
CVE-2017-8751
all versions
Microsoft Edge in Microsoft Windows 1703 allows an attacker to execute arbitrary code in the context of the current user, due to t
7.5
HIGH
CVE-2017-8750
all versions
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2,
7.5
HIGH
CVE-2017-8748
all versions
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2,
7.5
HIGH
CVE-2017-8741
all versions
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2
7.5
HIGH
CVE-2017-8740
all versions
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due t
7.5
HIGH
CVE-2017-8739
all versions
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to obtain information to further compromise the user's system, due
4.3
MEDIUM
CVE-2017-8738
all versions
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows an attacker to execute arbitrary code in t
7.5
HIGH
CVE-2017-8737
all versions
Microsoft Windows PDF Library in Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607
7.5
HIGH
CVE-2017-8736
all versions
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2,
4.3
MEDIUM
CVE-2017-8735
all versions
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to trick a user by redir
4.3
MEDIUM
CVE-2017-8734
all versions
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary cod
7.5
HIGH
CVE-2017-8731
all versions
Microsoft Edge in Microsoft Windows 10 1607 and Windows Server 2016 allows an attacker to execute arbitrary code in the context of
7.5
HIGH
CVE-2017-8729
all versions
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due t
7.5
HIGH
CVE-2017-8728
all versions
Microsoft Windows PDF Library in Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607
7.5
HIGH
CVE-2017-8724
all versions
Microsoft Edge in Microsoft Windows 10 Version 1703 allows an attacker to trick a user by redirecting the user to a specially craf
4.3
MEDIUM
CVE-2017-8723
all versions
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to trick a user into loa
4.3
MEDIUM
CVE-2017-8660
all versions
Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in t
8.8
HIGH
CVE-2017-8649
all versions
Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the con
7.5
HIGH
CVE-2017-8643
all versions
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to leave a malicious web
4.3
MEDIUM
CVE-2017-11766
all versions
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary cod
7.5
HIGH
CVE-2017-11764
all versions
Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the con
7.5
HIGH
CVE-2017-8518
all versions
Microsoft Edge allows a remote code execution vulnerability due to the way it accesses objects in memory, aka "Scripting Engine Me
7.5
HIGH
CVE-2017-8674
all versions
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user due to
7.5
HIGH
CVE-2017-8672
all versions
Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in t
7.5
HIGH
CVE-2017-8671
all versions
Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in t
7.5
HIGH
CVE-2017-8670
all versions
Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the con
7.5
HIGH
CVE-2017-8669
all versions
Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2,
7.5
HIGH
CVE-2017-8662
all versions
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to disclose information due to how strings are validated in specifi
4.3
MEDIUM
CVE-2017-8661
all versions
Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the con
7.5
HIGH
CVE-2017-8659
all versions
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to obtain information to further compromise the user's system due t
4.3
MEDIUM
CVE-2017-8657
all versions
Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in t
7.5
HIGH
CVE-2017-8656
all versions
Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the con
7.5
HIGH
CVE-2017-8655
all versions
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary cod
7.5
HIGH
CVE-2017-8653
all versions
Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server
7.5
HIGH
CVE-2017-8652
all versions
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to disclose information
6.5
MEDIUM
CVE-2017-8650
all versions
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to exploit a security feature bypass due to Microsoft Edge not prop
5.4
MEDIUM
CVE-2017-8647
all versions
Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user due to the way t
7.5
HIGH
CVE-2017-8646
all versions
Microsoft Edge in Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context
7.5
HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin