Vulnerabilities > Microsoft > Edge

DATE CVE VULNERABILITY TITLE RISK
2016-11-10 CVE-2016-7240 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7242, and CVE-2016-7243.
network
high complexity
microsoft CWE-119
7.5
2016-11-10 CVE-2016-7239 Information Exposure vulnerability in Microsoft Edge and Internet Explorer
The RegEx class in the XSS filter in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allows remote attackers to conduct cross-site scripting (XSS) attacks and obtain sensitive information via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability."
network
high complexity
microsoft CWE-200
3.1
2016-11-10 CVE-2016-7227 Information Exposure vulnerability in Microsoft Edge and Internet Explorer
The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the existence of local files via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability."
network
high complexity
microsoft CWE-200
3.1
2016-11-10 CVE-2016-7209 Improper Input Validation vulnerability in Microsoft Edge
Microsoft Edge allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability."
network
high complexity
microsoft CWE-20
5.3
2016-11-10 CVE-2016-7208 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243.
network
high complexity
microsoft CWE-119
7.5
2016-11-10 CVE-2016-7204 Information Exposure vulnerability in Microsoft Edge
Microsoft Edge allows remote attackers to access arbitrary "My Documents" files via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability."
network
high complexity
microsoft CWE-200
3.1
2016-11-10 CVE-2016-7203 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7202, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243.
network
high complexity
microsoft CWE-119
7.5
2016-11-10 CVE-2016-7202 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge
The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," as demonstrated by the Chakra JavaScript engine, a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243.
network
high complexity
microsoft CWE-119
7.5
2016-11-10 CVE-2016-7201 Type Confusion vulnerability in Microsoft Edge
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243.
network
low complexity
microsoft CWE-843
8.8
2016-11-10 CVE-2016-7200 Out-of-bounds Write vulnerability in Microsoft Edge
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243.
network
low complexity
microsoft CWE-787
8.8