Vulnerabilities > Microsoft > Edge > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-17 | CVE-2017-0034 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. | 7.5 |
| 2017-03-17 | CVE-2017-0032 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. | 7.5 |
| 2017-03-17 | CVE-2017-0023 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products The PDF library in Microsoft Edge; Windows 8.1; Windows Server 2012 and R2; Windows RT 8.1; and Windows 10, 1511, and 1607 allows remote attackers to execute arbitrary code via a crafted PDF file, aka "Microsoft PDF Remote Code Execution Vulnerability." | 7.5 |
| 2017-03-17 | CVE-2017-0015 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. | 7.5 |
| 2017-03-17 | CVE-2017-0010 | Unspecified vulnerability in Microsoft Edge A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. | 7.5 |
| 2017-02-26 | CVE-2017-0037 | Type Confusion vulnerability in Microsoft Edge and Internet Explorer Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote attackers to execute arbitrary code via vectors involving a crafted Cascading Style Sheets (CSS) token sequence and crafted JavaScript code that operates on a TH element. | 8.1 |
| 2017-01-10 | CVE-2017-0002 | Unspecified vulnerability in Microsoft Edge Microsoft Edge allows remote attackers to bypass the Same Origin Policy via vectors involving the about:blank URL and data: URLs, aka "Microsoft Edge Elevation of Privilege Vulnerability." | 8.8 |
| 2016-12-20 | CVE-2016-7297 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7286, CVE-2016-7288, and CVE-2016-7296. | 7.5 |
| 2016-12-20 | CVE-2016-7296 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7286, CVE-2016-7288, and CVE-2016-7297. | 7.5 |
| 2016-12-20 | CVE-2016-7288 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7286, CVE-2016-7296, and CVE-2016-7297. | 7.5 |