Vulnerabilities > Microsoft > Edge

DATE CVE VULNERABILITY TITLE RISK
2016-09-14 CVE-2016-3351 Unspecified vulnerability in Microsoft Edge and Internet Explorer
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."
network
low complexity
microsoft
6.5
2016-09-14 CVE-2016-3350 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3377.
network
high complexity
microsoft CWE-119
7.5
2016-09-14 CVE-2016-3330 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3294.
network
high complexity
microsoft CWE-119
7.5
2016-09-14 CVE-2016-3325 Information Exposure vulnerability in Microsoft Edge and Internet Explorer
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."
network
high complexity
microsoft CWE-200
3.1
2016-09-14 CVE-2016-3297 Unspecified vulnerability in Microsoft Edge and Internet Explorer
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
network
low complexity
microsoft
8.8
2016-09-14 CVE-2016-3295 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge and Internet Explorer
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
network
high complexity
microsoft CWE-119
7.5
2016-09-14 CVE-2016-3294 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3330.
network
high complexity
microsoft CWE-119
7.5
2016-09-14 CVE-2016-3291 Information Exposure vulnerability in Microsoft Edge and Internet Explorer
Microsoft Internet Explorer 11 and Microsoft Edge mishandle cross-origin requests, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."
network
low complexity
microsoft CWE-200
2.4
2016-09-14 CVE-2016-3247 Unspecified vulnerability in Microsoft Edge and Internet Explorer
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
network
high complexity
microsoft
7.5
2016-09-06 CVE-2016-7153 Information Exposure vulnerability in multiple products
The HTTP/2 protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack.
network
low complexity
microsoft google apple opera mozilla CWE-200
5.3