Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Edge
(Microsoft)| Repositories | https://github.com/Microsoft/ChakraCore |
| #Vulnerabilities | 749 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2016-09-14 | CVE-2016-3295 | Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." | Edge, Internet_explorer | 7.5 | ||
| 2016-09-14 | CVE-2016-3294 | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3330. | Edge | 7.5 | ||
| 2016-08-09 | CVE-2016-3293 | Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability." | Edge, Internet_explorer | 7.5 | ||
| 2016-09-14 | CVE-2016-3291 | Microsoft Internet Explorer 11 and Microsoft Edge mishandle cross-origin requests, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." | Edge, Internet_explorer | 2.4 | ||
| 2016-08-09 | CVE-2016-3289 | Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3322. | Edge, Internet_explorer | 7.5 | ||
| 2016-07-12 | CVE-2016-3277 | Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." | Edge, Internet_explorer | 5.3 | ||
| 2016-07-12 | CVE-2016-3274 | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to conduct content-spoofing attacks via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability." | Edge, Internet_explorer | 3.1 | ||
| 2016-07-12 | CVE-2016-3273 | The XSS Filter in Microsoft Internet Explorer 9 through 11 and Microsoft Edge does not properly restrict JavaScript code, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." | Edge, Internet_explorer | 5.3 | ||
| 2016-07-12 | CVE-2016-3271 | The VBScript engine in Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability." | Edge | 6.5 | ||
| 2016-07-12 | CVE-2016-3269 | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3265. | Edge | 8.8 |