Vulnerabilities > Microsoft > Edge > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-12 | CVE-2017-0241 | Unspecified vulnerability in Microsoft Edge An elevation of privilege vulnerability exists when Microsoft Edge renders a domain-less page in the URL, which could allow Microsoft Edge to perform actions in the context of the Intranet Zone and access functionality that is not typically available to the browser when browsing in the context of the Internet Zone, aka "Microsoft Edge Elevation of Privilege Vulnerability." This CVE ID is unique from CVE-2017-0233. | 5.3 |
| 2017-05-12 | CVE-2017-0231 | Improper Input Validation vulnerability in Microsoft Edge and Internet Explorer A spoofing vulnerability exists when Microsoft browsers render SmartScreen Filter, aka "Microsoft Browser Spoofing Vulnerability." | 4.3 |
| 2017-04-12 | CVE-2017-0208 | Information Exposure vulnerability in Microsoft Edge An information disclosure vulnerability exists in Microsoft Edge when the Chakra scripting engine does not properly handle objects in memory. | 4.3 |
| 2017-04-12 | CVE-2017-0203 | Unspecified vulnerability in Microsoft Edge A vulnerability exists in Microsoft Edge when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents. | 4.3 |
| 2017-03-17 | CVE-2017-0140 | Unspecified vulnerability in Microsoft Edge Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0066 and CVE-2017-0135. | 4.2 |
| 2017-03-17 | CVE-2017-0135 | Unspecified vulnerability in Microsoft Edge Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0066 and CVE-2017-0140. | 4.2 |
| 2017-03-17 | CVE-2017-0069 | Improper Input Validation vulnerability in Microsoft Edge Microsoft Edge allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0012 and CVE-2017-0033. | 4.3 |
| 2017-03-17 | CVE-2017-0068 | Information Exposure vulnerability in Microsoft Edge Browsers in Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0017, and CVE-2017-0065. | 4.3 |
| 2017-03-17 | CVE-2017-0066 | Unspecified vulnerability in Microsoft Edge Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0135 and CVE-2017-0140. | 4.2 |
| 2017-03-17 | CVE-2017-0065 | Information Exposure vulnerability in Microsoft Edge Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0017, and CVE-2017-0068. | 4.3 |