edge chromium · threatengine.sh

Home/Product/microsoft edge chromium

Product

microsoft edge chromium

224 known vulnerabilities across versions

Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.

Sort Min CVSS Published since

< 148.0.3967.55

User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker t

< 148.0.3967.55

Improper neutralization of special elements in output used by a downstream component ('injection') in Microsoft Edge (Chromium-bas

< 148.0.3967.55

External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information o

< 148.0.3967.55

User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker t

< 147.0.3912.60

Microsoft Edge (Chromium-based) Spoofing Vulnerability

< 146.0.3856.59

Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability

< 145.0.3800.58

Under specific conditions, a malicious webpage may trigger autofill population after two consecutive taps, potentially without cle

< 143.0.3650.66

User interface (ui) misrepresentation of critical information in Microsoft Edge for Android allows an unauthorized attacker to per

< 144.0.3719.82

Improper privilege management in Microsoft Edge (Chromium-based) allows an authorized attacker to bypass a security feature locall

< 143.0.3650.88

Microsoft Edge (Chromium-based) Spoofing Vulnerability

< 143.0.3650.80

Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499.110 allowed a remote attacker to perform out of b

< 143.0.3650.66

User interface (ui) misrepresentation of critical information in Microsoft Edge for iOS allows an unauthorized attacker to perform

< 142.0.3595.53

Protection mechanism failure in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

< 140.0.3485.81

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

< 140.0.3485.54

Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a net

< 138.0.3351.55

Microsoft Edge (Chromium-based) Spoofing Vulnerability

< 138.0.3351.55

No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

< 138.0.3351.55

Improper input validation in Microsoft Edge (Chromium-based) allows an authorized attacker to bypass a security feature locally.

< 138.0.3351.65

Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker t

< 135.0.3179.98

No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network.

< 137.0.3296.62

Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap c

< 136.0.3240.50

User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker t

< 134.0.3124.93

Out-of-bounds read in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

< 134.0.3124.66

Use after free in Microsoft Edge (Chromium-based) allows an authorized attacker to execute code over a network.

< 135.0.3179.54

Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker t

< 129.0.2792.52

No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

< 134.0.3124.51

The UI performs the wrong action in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a net

< 133.0.3065.69

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

< 133.0.3065.51

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

< 133.0.3065.51

Microsoft Edge (Chromium-based) Spoofing Vulnerability

< 133.0.3065.51

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

< 133.0.3065.51

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

< 133.0.3065.51

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

< 133.0.3065.51

Microsoft Edge (Chromium-based) Spoofing Vulnerability

< 132.0.2957.127

User Interface (UI) Misrepresentation of Critical Information in Microsoft Edge (Chromium-based) allows an unauthorized attacker t

< 132.0.2957.115

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 131.0.2903.86

Microsoft Edge (Chromium-based) Spoofing Vulnerability

< 131.0.2903.63

Microsoft Edge (Chromium-based) Spoofing Vulnerability

< 131.0.2903.48

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

< 130.0.2849.46

Microsoft Edge (Chromium-based) Spoofing Vulnerability

< 130.0.2849.46

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

< 130.0.2849.46

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

< 130.0.2849.46

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

< 130.0.2849.46

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

< 130.0.2849.46

Microsoft Edge (Chromium-based) Spoofing Vulnerability

< 130.0.2849.46

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

< 130.0.2849.46

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

< 130.0.2849.46

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

< 129.0.2792.52

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

< 129.0.2792.52

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

< 129.0.2792.52

Microsoft Edge (Chromium-based) Spoofing Vulnerability

< 128.0.2739.42

Microsoft Edge (HTML-based) Memory Corruption Vulnerability

< 128.0.2739.42

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

< 128.0.2739.42

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

< 128.0.2739.42

Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap c

< 127.0.2651.105

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 127.0.2651.98

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

< 127.0.2651.98

Microsoft Edge (HTML-based) Memory Corruption Vulnerability

< 126.0.2592.56

Microsoft Edge (Chromium-based) Spoofing Vulnerability

< 126.0.2592.56

Microsoft Edge (Chromium-based) Spoofing Vulnerability

< 124.0.2478.109

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

< 124.0.2478.97

Microsoft Edge (Chromium-based) Spoofing Vulnerability

< 124.0.2478.51

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

< 124.0.2478.51

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

< 124.0.2478.51

Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability

< 122.0.2365.120

Microsoft Edge (Chromium-based) Spoofing Vulnerability

< 122.0.2365.120

Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability

< 122.0.2365.92

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

< 122.0.2365.52

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

< 122.0.2365.52

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

< 121.0.2277.98

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

< 121.0.2277.83

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 121.0.2277.83

Microsoft Edge (Chromium-based) Spoofing Vulnerability

< 121.0.2277.83

Microsoft Edge for Android Spoofing Vulnerability

< 121.0.2277.83

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 121.0.2277.83

Microsoft Edge (Chromium-based) Spoofing Vulnerability

< 121.0.2277.83

Microsoft Edge for Android Information Disclosure Vulnerability

< 121.0.2277.83

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 120.0.2210.133

Acrobat Reader T5 (MSFT Edge) versions 120.0.2210.91 and earlier are affected by an Improper Input Validation vulnerability. An un

< 120.0.2210.133

Acrobat Reader T5 (MSFT Edge) versions 120.0.2210.91 and earlier are affected by an Improper Input Validation vulnerability. An un

< 120.0.2210.133

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 120.0.2210.133

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

< 120.0.2210.77

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

< 120.0.2210.77

Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via

< 120.0.2210.61

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

< 120.0.2210.61

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

< 120.0.2210.61

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 119.0.2151.97

Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer proce

< 119.0.2151.72

Microsoft Edge (Chromium-based) Spoofing Vulnerability

< 119.0.2151.72

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

< 119.0.2151.58

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 119.0.2151.58

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 119.0.2151.58

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

< 118.0.2088.46

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

< 119.0.2151.44

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

< 119.0.2151.44

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

< 118.0.2088.76

Adobe Acrobat for Edge version 118.0.2088.46 (and earlier) is affected by a Use After Free vulnerability. An unauthenticated attac

< 118.0.2088.46

Microsoft Edge (Chromium-based) Spoofing Vulnerability

Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacke

< 117.0.2045.31

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 117.0.2045.31

Microsoft Edge (Chromium-based) Spoofing Vulnerability

< 117.0.2045.31

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 116.0.1938.81

Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an

< 116.0.1938.76

Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HT

< 116.0.1938.62

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 116.0.1938.54

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

< 116.0.1938.54

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 115.0.1901.200

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

< 115.0.1901.183

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 115.0.1901.183

Microsoft Edge for Android Spoofing Vulnerability

< 115.0.1901.183

Microsoft Edge (Chromium-based) Spoofing Vulnerability

< 114.0.1823.82

Microsoft Edge for Android (Chromium-based) Tampering Vulnerability

< 114.0.1823.82

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

Microsoft Edge (Chromium-based) Spoofing Vulnerability

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 101.0.1210.32

Microsoft Edge (Chromium-based) Spoofing Vulnerability

< 101.0.1210.32

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 100.0.1185.44

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 114.0.1823.51

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

< 114.0.1823.37

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

< 114.0.1823.37

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 113.0.1774.35

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

< 113.0.1774.35

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 112.0.1722.48

Microsoft Edge (Chromium-based) Spoofing Vulnerability

< 111.0.1661.54

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

< 111.0.1661.54

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 112.0.5615.49

Microsoft Edge (Chromium-based) Spoofing Vulnerability

< 111.0.1661.41

Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability

< 110.0.1587.41

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

< 110.0.1587.41

Microsoft Edge (Chromium-based) Spoofing Vulnerability

< 109.0.15.18.78

Microsoft Edge (Chromium-based) Tampering Vulnerability

< 108.0.1462.95

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 109.0.1518.70

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 109.0.1518.70

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

< 109.0.1518.70

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

< 108.0.1462.41

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 108.0.1462.41

Microsoft Edge (Chromium-based) Spoofing Vulnerability

< 108.0.1462.41

Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability

< 107.0.5304.150

Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer pr

< 106.0.1370.34

Microsoft Edge (Chromium-based) Spoofing Vulnerability

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

< 104.0.1293.47

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 104.0.1293.47

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

< 104.0.1293.47

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

< 103.0.1264.44

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 103.0.5060.53

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 103.0.5060.53

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 103.0.5060.53

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 102.0.1245.39

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

< 102.0.5005.61

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 102.0.5005.61

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 102.0.5005.61

Microsoft Edge (Chromium-based) Spoofing Vulnerability

< 100.0.1185.29

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 100.0.1185.29

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 100.0.1185.29

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 100.0.1185.29

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 100.0.1185.29

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 100.0.1185.29

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 100.0.1185.29

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

< 100.0.1185.29

Microsoft Edge (Chromium-based) Spoofing Vulnerability

< 100.0.1185.29

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Microsoft Edge (Chromium-based) Tampering Vulnerability

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Microsoft Edge (Chromium-based) Spoofing Vulnerability

Microsoft Edge (Chromium-based) Tampering Vulnerability

<= 93.0.4577.63

Chromium: CVE-2021-30624 Use after free in Autofill

<= 93.0.4577.63

Chromium: CVE-2021-30623 Use after free in Bookmarks

<= 93.0.4577.63

Chromium: CVE-2021-30622 Use after free in WebApp Installs

<= 93.0.4577.63

Chromium: CVE-2021-30621 UI Spoofing in Autofill

<= 93.0.4577.63

Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink

<= 93.0.4577.63

Chromium: CVE-2021-30619 UI Spoofing in Autofill

<= 93.0.4577.63

Chromium: CVE-2021-30618 Inappropriate implementation in DevTools

<= 93.0.4577.63

Chromium: CVE-2021-30617 Policy bypass in Blink

<= 93.0.4577.63

Chromium: CVE-2021-30616 Use after free in Media

<= 93.0.4577.63

Chromium: CVE-2021-30615 Cross-origin data leak in Navigation

<= 93.0.4577.63

Chromium: CVE-2021-30614 Heap buffer overflow in TabStrip

<= 93.0.4577.63

Chromium: CVE-2021-30613 Use after free in Base internals

<= 93.0.4577.63

Chromium: CVE-2021-30612 Use after free in WebRTC

<= 93.0.4577.63

Chromium: CVE-2021-30611 Use after free in WebRTC

<= 93.0.4577.63

Chromium: CVE-2021-30610 Use after free in Extensions API

<= 93.0.4577.63

Chromium: CVE-2021-30609 Use after free in Sign-In

<= 93.0.4577.63

Chromium: CVE-2021-30608 Use after free in Web Share

<= 93.0.4577.63

Chromium: CVE-2021-30607 Use after free in Permissions

<= 93.0.4577.63

Chromium: CVE-2021-30606 Use after free in Blink

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

< 88.0.4324.182

Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit he

Inappropriate implementation in iframe sandbox in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass navigati

Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to obtain potentially se

Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to leak cro

Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to leak cross-ori

Incorrect security UI in Page Info in Google Chrome on iOS prior to 88.0.4324.96 allowed a remote attacker to spoof security UI vi

Insufficient policy enforcement in Downloads in Google Chrome prior to 88.0.4324.96 allowed an attacker who convinced a user to do

Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform a

Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass file

Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass file

Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass file

Heap buffer overflow in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corrupt

Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass content s

Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass site isol

Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 88.0.4324.96 allowed a remote attacker to

Potential user after free in Speech Recognizer in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to pote

Insufficient data validation in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesys

Use after free in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption vi

Use after free in Omnibox in Google Chrome on Linux prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandb

Use after free in WebSQL in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption v

Use after free in Media in Google Chrome prior to 88.0.4324.96 allowed a remote attacker who had compromised the renderer process

Insufficient data validation in V8 in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform out of

< 86.0.4240.183

Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap c

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin