Total
728 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-0015 | 1 Microsoft | 2 Edge, Windows 10 | 2017-07-11 | 7.6 HIGH | 7.5 HIGH |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151. | |||||
CVE-2017-0012 | 1 Microsoft | 2 Edge, Internet Explorer | 2017-07-11 | 4.3 MEDIUM | 4.3 MEDIUM |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0033 and CVE-2017-0069. | |||||
CVE-2017-0011 | 1 Microsoft | 1 Edge | 2017-07-11 | 4.3 MEDIUM | 4.3 MEDIUM |
Microsoft Edge allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0017, CVE-2017-0065, and CVE-2017-0068. | |||||
CVE-2017-0205 | 1 Microsoft | 1 Edge | 2017-07-10 | 7.6 HIGH | 7.5 HIGH |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user, aka "Microsoft Edge Memory Corruption Vulnerability." | |||||
CVE-2017-0200 | 1 Microsoft | 1 Edge | 2017-07-10 | 7.6 HIGH | 7.5 HIGH |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user, aka "Microsoft Edge Memory Corruption Vulnerability." | |||||
CVE-2017-0093 | 1 Microsoft | 1 Edge | 2017-07-10 | 7.6 HIGH | 7.5 HIGH |
A remote code execution vulnerability in Microsoft Edge exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0201. | |||||
CVE-2017-0208 | 1 Microsoft | 1 Edge | 2017-07-10 | 4.3 MEDIUM | 4.3 MEDIUM |
An information disclosure vulnerability exists in Microsoft Edge when the Chakra scripting engine does not properly handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system, a.k.a. "Scripting Engine Information Disclosure Vulnerability." | |||||
CVE-2017-0228 | 1 Microsoft | 2 Edge, Internet Explorer | 2017-07-07 | 7.6 HIGH | 7.5 HIGH |
A remote code execution vulnerability exists in Microsoft browsers in the way JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238. | |||||
CVE-2017-0234 | 1 Microsoft | 1 Edge | 2017-07-07 | 7.6 HIGH | 7.5 HIGH |
A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238. | |||||
CVE-2017-0240 | 1 Microsoft | 1 Edge | 2017-07-07 | 7.6 HIGH | 7.5 HIGH |
A remote code execution vulnerability exists in Microsoft Edge in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0221 and CVE-2017-0227. | |||||
CVE-2017-0231 | 1 Microsoft | 2 Edge, Internet Explorer | 2017-07-07 | 4.3 MEDIUM | 4.3 MEDIUM |
A spoofing vulnerability exists when Microsoft browsers render SmartScreen Filter, aka "Microsoft Browser Spoofing Vulnerability." | |||||
CVE-2017-0236 | 1 Microsoft | 1 Edge | 2017-07-07 | 7.6 HIGH | 7.5 HIGH |
A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, and CVE-2017-0238. | |||||
CVE-2017-0227 | 1 Microsoft | 1 Edge | 2017-07-07 | 7.6 HIGH | 7.5 HIGH |
A remote code execution vulnerability exists in Microsoft Edge in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0221 and CVE-2017-0240. | |||||
CVE-2017-0223 | 1 Microsoft | 1 Edge | 2017-07-07 | 7.5 HIGH | 9.8 CRITICAL |
A remote code execution vulnerability exists in Microsoft Chakra Core in the way JavaScript engines render when handling objects in memory. aka "Scripting Engine Memory Corruption Vulnerability". This vulnerability is unique from CVE-2017-0252. | |||||
CVE-2017-8555 | 1 Microsoft | 2 Edge, Windows 10 | 2017-06-21 | 4.3 MEDIUM | 4.3 MEDIUM |
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to trick a user into loading a page with malicious content when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents, aka "Microsoft Edge Security Feature Bypass Vulnerability". This CVE ID is unique from CVE-2017-8523 and CVE-2017-8530. | |||||
CVE-2017-8521 | 1 Microsoft | 2 Edge, Windows 10 | 2017-06-21 | 7.6 HIGH | 7.5 HIGH |
Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the Edge JavaScript scripting engine fails to handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8499, CVE-2017-8520, CVE-2017-8548, and CVE-2017-8549. | |||||
CVE-2017-8504 | 1 Microsoft | 3 Edge, Windows 10, Windows Server 2016 | 2017-06-21 | 4.3 MEDIUM | 4.3 MEDIUM |
Microsoft Edge in Windows 10 1607 and 1703, and Windows Server 2016 allows an attacker to read the URL of a cross-origin request when the Microsoft Edge Fetch API incorrectly handles a filtered response type, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8498. | |||||
CVE-2017-8498 | 1 Microsoft | 3 Edge, Windows 10, Windows Server 2016 | 2017-06-21 | 4.3 MEDIUM | 4.3 MEDIUM |
Microsoft Edge in Windows 10 1607 and 1703, and Windows Server 2016 allows an attacker to read data not intended to be disclosed when Edge allows JavaScript XML DOM objects to detect installed browser extensions, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8504. | |||||
CVE-2017-0252 | 1 Microsoft | 1 Edge | 2017-05-24 | 7.5 HIGH | 9.8 CRITICAL |
A remote code execution vulnerability exists in Microsoft Chakra Core in the way JavaScript engines render when handling objects in memory. aka "Scripting Engine Memory Corruption Vulnerability". This vulnerability is unique from CVE-2017-0223. | |||||
CVE-2017-0221 | 1 Microsoft | 1 Edge | 2017-05-23 | 7.6 HIGH | 7.5 HIGH |
A vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0227 and CVE-2017-0240. |