Vulnerabilities > Microsoft > Edge

DATE CVE VULNERABILITY TITLE RISK
2017-03-17 CVE-2017-0068 Information Exposure vulnerability in Microsoft Edge
Browsers in Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0017, and CVE-2017-0065.
network
low complexity
microsoft CWE-200
4.3
2017-03-17 CVE-2017-0067 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers.
network
high complexity
microsoft CWE-119
7.5
2017-03-17 CVE-2017-0066 Unspecified vulnerability in Microsoft Edge
Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0135 and CVE-2017-0140.
network
high complexity
microsoft
4.2
2017-03-17 CVE-2017-0065 Information Exposure vulnerability in Microsoft Edge
Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0017, and CVE-2017-0068.
network
low complexity
microsoft CWE-200
4.3
2017-03-17 CVE-2017-0035 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers.
network
high complexity
microsoft CWE-119
7.5
2017-03-17 CVE-2017-0034 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory.
network
high complexity
microsoft CWE-119
7.5
2017-03-17 CVE-2017-0033 Improper Input Validation vulnerability in Microsoft Edge and Internet Explorer
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0012 and CVE-2017-0069.
network
low complexity
microsoft CWE-20
4.3
2017-03-17 CVE-2017-0032 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers.
network
high complexity
microsoft CWE-119
7.5
2017-03-17 CVE-2017-0023 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products
The PDF library in Microsoft Edge; Windows 8.1; Windows Server 2012 and R2; Windows RT 8.1; and Windows 10, 1511, and 1607 allows remote attackers to execute arbitrary code via a crafted PDF file, aka "Microsoft PDF Remote Code Execution Vulnerability."
network
high complexity
microsoft CWE-119
7.5
2017-03-17 CVE-2017-0017 Cross-site Scripting vulnerability in Microsoft Edge
The RegEx class in the XSS filter in Microsoft Edge allows remote attackers to conduct cross-site scripting (XSS) attacks and obtain sensitive information via unspecified vectors, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0065, and CVE-2017-0068.
network
low complexity
microsoft CWE-79
6.1