Vulnerabilities > Microsoft > Edge > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-09 | CVE-2021-21140 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Uninitialized use in USB in Google Chrome prior to 88.0.4324.96 allowed a local attacker to potentially perform out of bounds memory access via via a USB device. | 6.8 |
| 2020-07-14 | CVE-2020-1462 | Unspecified vulnerability in Microsoft Edge An information disclosure vulnerability exists when Skype for Business is accessed via Microsoft Edge (EdgeHTML-based), aka 'Skype for Business via Microsoft Edge (EdgeHTML-based) Information Disclosure Vulnerability'. | 4.3 |
| 2020-07-14 | CVE-2020-1433 | Unspecified vulnerability in Microsoft Edge An information disclosure vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka 'Microsoft Edge PDF Information Disclosure Vulnerability'. | 6.5 |
| 2020-06-09 | CVE-2020-1242 | Unspecified vulnerability in Microsoft Edge An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests, aka 'Microsoft Edge Information Disclosure Vulnerability'. | 5.3 |
| 2020-06-09 | CVE-2020-1220 | Open Redirect vulnerability in Microsoft Edge A spoofing vulnerability exists when theMicrosoft Edge (Chromium-based) in IE Mode improperly handles specific redirects, aka 'Microsoft Edge (Chromium-based) in IE Mode Spoofing Vulnerability'. | 6.1 |
| 2020-05-21 | CVE-2020-1195 | Improper Input Validation vulnerability in Microsoft Edge An elevation of privilege vulnerability exists in Microsoft Edge (Chromium-based) when the Feedback extension improperly validates input, aka 'Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability'. | 5.9 |
| 2020-05-21 | CVE-2020-1059 | Open Redirect vulnerability in Microsoft Edge A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka 'Microsoft Edge Spoofing Vulnerability'. | 4.3 |
| 2020-02-11 | CVE-2020-0706 | Unspecified vulnerability in Microsoft Edge and Internet Explorer An information disclosure vulnerability exists in the way that affected Microsoft browsers handle cross-origin requests, aka 'Microsoft Browser Information Disclosure Vulnerability'. | 4.3 |
| 2020-02-11 | CVE-2020-0663 | Unspecified vulnerability in Microsoft Edge An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability, aka 'Microsoft Edge Elevation of Privilege Vulnerability'. | 4.2 |
| 2019-11-12 | CVE-2019-1413 | Origin Validation Error vulnerability in Microsoft Edge A security feature bypass vulnerability exists when Microsoft Edge improperly handles extension requests and fails to request host permission for all_urls, aka 'Microsoft Edge Security Feature Bypass Vulnerability'. | 4.3 |