Vulnerabilities > Microsoft > Edge > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-15 | CVE-2017-11833 | Information Exposure vulnerability in Microsoft Edge Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to determine the origin of all webpages in the affected browser, due to how Microsoft Edge handles cross-origin requests, aka "Microsoft Edge Information Disclosure Vulnerability". | 2.6 |
| 2017-11-15 | CVE-2017-11874 | Unspecified vulnerability in Microsoft Chakracore and Edge Microsoft Edge in Microsoft Windows 10 1703, 1709, Windows Server, version 1709, and ChakraCore allows an attacker to bypass Control Flow Guard (CFG) to run arbitrary code on a target system, due to how Microsoft Edge handles accessing memory in code compiled by the Edge Just-In-Time (JIT) compiler, aka "Microsoft Edge Security Feature Bypass Vulnerability". | 2.6 |
| 2017-08-08 | CVE-2017-8637 | Unspecified vulnerability in Microsoft Edge Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to bypass Arbitrary Code Guard (ACG) due to how Microsoft Edge accesses memory in code compiled by the Edge Just-In-Time (JIT) compiler, aka "Scripting Engine Security Feature Bypass Vulnerability". | 2.6 |
| 2016-12-20 | CVE-2016-7281 | 7PK - Security Features vulnerability in Microsoft Edge and Internet Explorer The Web Workers implementation in Microsoft Internet Explorer 10 and 11 and Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Browser Security Feature Bypass Vulnerability." | 2.6 |
| 2016-11-10 | CVE-2016-7199 | Information Exposure vulnerability in Microsoft Edge and Internet Explorer Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to bypass the Same Origin Policy and obtain sensitive window-state information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." | 2.6 |
| 2016-11-10 | CVE-2016-7204 | Information Exposure vulnerability in Microsoft Edge Microsoft Edge allows remote attackers to access arbitrary "My Documents" files via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." | 2.6 |
| 2016-11-10 | CVE-2016-7209 | Improper Input Validation vulnerability in Microsoft Edge Microsoft Edge allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability." | 2.6 |
| 2016-11-10 | CVE-2016-7227 | Information Exposure vulnerability in Microsoft Edge and Internet Explorer The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the existence of local files via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability." | 2.6 |
| 2016-11-10 | CVE-2016-7239 | Information Exposure vulnerability in Microsoft Edge and Internet Explorer The RegEx class in the XSS filter in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allows remote attackers to conduct cross-site scripting (XSS) attacks and obtain sensitive information via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability." | 2.6 |
| 2016-10-14 | CVE-2016-3388 | Permissions, Privileges, and Access Controls vulnerability in Microsoft Edge and Internet Explorer Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsoft Browser Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3387. | 2.6 |