Vulnerabilities > Microsoft > Edge > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-17 | CVE-2017-0140 | Unspecified vulnerability in Microsoft Edge Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0066 and CVE-2017-0135. | 4.2 |
| 2017-03-17 | CVE-2017-0135 | Unspecified vulnerability in Microsoft Edge Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0066 and CVE-2017-0140. | 4.2 |
| 2017-03-17 | CVE-2017-0069 | Improper Input Validation vulnerability in Microsoft Edge Microsoft Edge allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0012 and CVE-2017-0033. | 4.3 |
| 2017-03-17 | CVE-2017-0068 | Information Exposure vulnerability in Microsoft Edge Browsers in Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0017, and CVE-2017-0065. | 4.3 |
| 2017-03-17 | CVE-2017-0066 | Unspecified vulnerability in Microsoft Edge Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0135 and CVE-2017-0140. | 4.2 |
| 2017-03-17 | CVE-2017-0065 | Information Exposure vulnerability in Microsoft Edge Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0017, and CVE-2017-0068. | 4.3 |
| 2017-03-17 | CVE-2017-0033 | Improper Input Validation vulnerability in Microsoft Edge and Internet Explorer Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0012 and CVE-2017-0069. | 4.3 |
| 2017-03-17 | CVE-2017-0017 | Cross-site Scripting vulnerability in Microsoft Edge The RegEx class in the XSS filter in Microsoft Edge allows remote attackers to conduct cross-site scripting (XSS) attacks and obtain sensitive information via unspecified vectors, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0065, and CVE-2017-0068. | 6.1 |
| 2017-03-17 | CVE-2017-0012 | Improper Input Validation vulnerability in Microsoft Edge and Internet Explorer Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0033 and CVE-2017-0069. | 4.3 |
| 2017-03-17 | CVE-2017-0011 | Information Exposure vulnerability in Microsoft Edge Microsoft Edge allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0017, CVE-2017-0065, and CVE-2017-0068. | 4.3 |