Vulnerabilities > Microsoft > Edge

DATE CVE VULNERABILITY TITLE RISK
2017-03-17 CVE-2017-0015 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers.
network
high complexity
microsoft CWE-119
7.5
2017-03-17 CVE-2017-0012 Improper Input Validation vulnerability in Microsoft Edge and Internet Explorer
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0033 and CVE-2017-0069.
network
low complexity
microsoft CWE-20
4.3
2017-03-17 CVE-2017-0011 Information Exposure vulnerability in Microsoft Edge
Microsoft Edge allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0017, CVE-2017-0065, and CVE-2017-0068.
network
low complexity
microsoft CWE-200
4.3
2017-03-17 CVE-2017-0010 Unspecified vulnerability in Microsoft Edge
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers.
network
high complexity
microsoft
7.5
2017-02-26 CVE-2017-0037 Type Confusion vulnerability in Microsoft Edge and Internet Explorer
Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote attackers to execute arbitrary code via vectors involving a crafted Cascading Style Sheets (CSS) token sequence and crafted JavaScript code that operates on a TH element.
network
high complexity
microsoft CWE-843
8.1
2017-01-10 CVE-2017-0002 Unspecified vulnerability in Microsoft Edge
Microsoft Edge allows remote attackers to bypass the Same Origin Policy via vectors involving the about:blank URL and data: URLs, aka "Microsoft Edge Elevation of Privilege Vulnerability."
network
low complexity
microsoft
8.8
2016-12-20 CVE-2016-7297 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge
The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7286, CVE-2016-7288, and CVE-2016-7296.
network
high complexity
microsoft CWE-119
7.5
2016-12-20 CVE-2016-7296 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge
The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7286, CVE-2016-7288, and CVE-2016-7297.
network
high complexity
microsoft CWE-119
7.5
2016-12-20 CVE-2016-7288 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge
The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7286, CVE-2016-7296, and CVE-2016-7297.
network
high complexity
microsoft CWE-119
7.5
2016-12-20 CVE-2016-7287 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge and Internet Explorer
The scripting engines in Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."
network
high complexity
microsoft CWE-119
7.5