Total
728 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-0810 | 1 Microsoft | 10 Chakracore, Edge, Windows 10 and 7 more | 2023-03-20 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861. | |||||
| CVE-2016-3201 | 1 Microsoft | 4 Edge, Windows 10, Windows 8.1 and 1 more | 2023-02-23 | 4.3 MEDIUM | 6.5 MEDIUM |
| Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted PDF document, aka "Windows PDF Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3215. | |||||
| CVE-2022-44708 | 1 Microsoft | 2 Edge, Edge Chromium | 2022-12-16 | N/A | 8.3 HIGH |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. | |||||
| CVE-2022-4135 | 2 Google, Microsoft | 3 Chrome, Edge, Edge Chromium | 2022-11-29 | N/A | 9.6 CRITICAL |
| Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2017-8529 | 1 Microsoft | 9 Edge, Internet Explorer, Windows 10 and 6 more | 2022-10-18 | 4.3 MEDIUM | 6.5 MEDIUM |
| Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, and Windows Server 2012 and R2 allow an attacker to detect specific files on the user's computer when affected Microsoft scripting engines do not properly handle objects in memory, aka "Microsoft Browser Information Disclosure Vulnerability". | |||||
| CVE-2021-30615 | 2 Fedoraproject, Microsoft | 3 Fedora, Edge, Edge Chromium | 2022-07-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| Chromium: CVE-2021-30615 Cross-origin data leak in Navigation | |||||
| CVE-2021-21141 | 2 Google, Microsoft | 2 Chrome, Edge | 2022-07-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass file extension policy via a crafted HTML page. | |||||
| CVE-2017-11862 | 1 Microsoft | 4 Chakracore, Edge, Windows 10 and 1 more | 2022-05-23 | 7.6 HIGH | 7.5 HIGH |
| ChakraCore and Microsoft Edge in Windows 10 1709 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873. | |||||
| CVE-2017-11844 | 1 Microsoft | 3 Edge, Windows 10, Windows Server | 2022-05-23 | 4.3 MEDIUM | 4.3 MEDIUM |
| Microsoft Edge in Microsoft Windows 10 1703, 1709 and Windows Server, version 1709 allows an attacker to obtain information to further compromise the user's system, due to how Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-11803 and CVE-2017-11833. | |||||
| CVE-2017-11861 | 1 Microsoft | 5 Chakracore, Edge, Windows 10 and 2 more | 2022-05-23 | 7.6 HIGH | 7.5 HIGH |
| Microsoft Edge in Windows 10 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873. | |||||
| CVE-2017-11874 | 1 Microsoft | 4 Chakracore, Edge, Windows 10 and 1 more | 2022-05-23 | 2.6 LOW | 3.1 LOW |
| Microsoft Edge in Microsoft Windows 10 1703, 1709, Windows Server, version 1709, and ChakraCore allows an attacker to bypass Control Flow Guard (CFG) to run arbitrary code on a target system, due to how Microsoft Edge handles accessing memory in code compiled by the Edge Just-In-Time (JIT) compiler, aka "Microsoft Edge Security Feature Bypass Vulnerability". This CVE ID is unique from CVE-2017-11863 and CVE-2017-11872. | |||||
| CVE-2017-11873 | 1 Microsoft | 5 Chakracore, Edge, Windows 10 and 2 more | 2022-05-23 | 7.6 HIGH | 7.5 HIGH |
| ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, and CVE-2017-11871. | |||||
| CVE-2017-11871 | 1 Microsoft | 4 Chakracore, Edge, Windows 10 and 1 more | 2022-05-23 | 7.6 HIGH | 7.5 HIGH |
| ChakraCore and Microsoft Edge in Windows 10 1703, 1709, and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, and CVE-2017-11873. | |||||
| CVE-2017-11870 | 1 Microsoft | 4 Chakracore, Edge, Windows 10 and 1 more | 2022-05-23 | 7.6 HIGH | 7.5 HIGH |
| ChakraCore and Microsoft Edge in Windows 10 1703, 1709, and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11871, and CVE-2017-11873. | |||||
| CVE-2017-11827 | 1 Microsoft | 10 Edge, Internet Explorer, Windows 10 and 7 more | 2022-05-23 | 9.3 HIGH | 7.5 HIGH |
| Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how Microsoft browsers handle objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability". | |||||
| CVE-2021-26436 | 1 Microsoft | 1 Edge | 2022-05-03 | 6.8 MEDIUM | 8.1 HIGH |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36930. | |||||
| CVE-2021-26411 | 1 Microsoft | 10 Edge, Internet Explorer, Windows 10 and 7 more | 2022-05-03 | 5.1 MEDIUM | 7.5 HIGH |
| Internet Explorer Memory Corruption Vulnerability | |||||
| CVE-2022-23258 | 2 Google, Microsoft | 2 Android, Edge | 2022-02-01 | 4.3 MEDIUM | 4.3 MEDIUM |
| Microsoft Edge for Android Spoofing Vulnerability. | |||||
| CVE-2021-21157 | 4 Fedoraproject, Google, Linux and 1 more | 5 Fedora, Chrome, Linux Kernel and 2 more | 2021-12-10 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-30622 | 2 Fedoraproject, Microsoft | 3 Fedora, Edge, Edge Chromium | 2021-11-18 | 6.8 MEDIUM | 8.8 HIGH |
| Chromium: CVE-2021-30622 Use after free in WebApp Installs | |||||