Vulnerabilities > Microsoft > Edge > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-05-12 CVE-2017-0231 Improper Input Validation vulnerability in Microsoft Edge and Internet Explorer
A spoofing vulnerability exists when Microsoft browsers render SmartScreen Filter, aka "Microsoft Browser Spoofing Vulnerability."
network
microsoft CWE-20
4.3
4.3
2017-04-12 CVE-2017-0208 Information Exposure vulnerability in Microsoft Edge
An information disclosure vulnerability exists in Microsoft Edge when the Chakra scripting engine does not properly handle objects in memory.
network
microsoft CWE-200
4.3
4.3
2017-04-12 CVE-2017-0203 Security Bypass vulnerability in Microsoft Edge
A vulnerability exists in Microsoft Edge when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents.
network
microsoft
4.3
4.3
2017-03-17 CVE-2017-0140 Security Bypass vulnerability in Microsoft Edge
Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0066 and CVE-2017-0135.
network
high complexity
microsoft
4.0
4.0
2017-03-17 CVE-2017-0135 Unspecified vulnerability in Microsoft Edge
Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0066 and CVE-2017-0140.
network
high complexity
microsoft
4.0
4.0
2017-03-17 CVE-2017-0069 Improper Input Validation vulnerability in Microsoft Edge
Microsoft Edge allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0012 and CVE-2017-0033.
network
microsoft CWE-20
4.3
4.3
2017-03-17 CVE-2017-0068 Information Exposure vulnerability in Microsoft Edge
Browsers in Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0017, and CVE-2017-0065.
network
microsoft CWE-200
4.3
4.3
2017-03-17 CVE-2017-0066 Security Bypass vulnerability in Microsoft Edge
Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0135 and CVE-2017-0140.
network
high complexity
microsoft
4.0
4.0
2017-03-17 CVE-2017-0065 Information Exposure vulnerability in Microsoft Edge
Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0017, and CVE-2017-0068.
network
microsoft CWE-200
4.3
4.3
2017-03-17 CVE-2017-0033 Improper Input Validation vulnerability in Microsoft Edge and Internet Explorer
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0012 and CVE-2017-0069.
network
microsoft CWE-20
4.3
4.3