Summary
Detail | |||
---|---|---|---|
Vendor | Microsoft | First view | 2015-08-14 |
Product | Edge | Last view | 2024-03-22 |
Version | Type | ||
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
4.3 | 2024-03-22 | CVE-2024-29057 | Microsoft Edge (Chromium-based) Spoofing Vulnerability |
4.7 | 2024-03-22 | CVE-2024-26247 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability |
3.9 | 2024-03-14 | CVE-2024-26246 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability |
4.3 | 2023-11-03 | CVE-2023-36029 | Microsoft Edge (Chromium-based) Spoofing Vulnerability |
8.8 | 2023-09-12 | CVE-2023-4863 | Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) |
4.3 | 2023-07-14 | CVE-2023-36883 | Microsoft Edge for iOS Spoofing Vulnerability |
3.7 | 2023-04-11 | CVE-2023-28301 | Microsoft Edge (Chromium-based) Tampering Vulnerability |
4.3 | 2023-04-11 | CVE-2023-28284 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability |
8.3 | 2022-12-13 | CVE-2022-44708 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
9.6 | 2022-11-25 | CVE-2022-4135 | Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) |
4.3 | 2022-01-25 | CVE-2022-23258 | Microsoft Edge for Android Spoofing Vulnerability |
4.3 | 2021-11-10 | CVE-2021-41351 | Microsoft Edge (Chrome based) Spoofing on IE Mode |
6.4 | 2021-09-15 | CVE-2021-38669 | Microsoft Edge (Chromium-based) Tampering Vulnerability |
8.8 | 2021-09-03 | CVE-2021-30624 | Chromium: CVE-2021-30624 Use after free in Autofill |
8.8 | 2021-09-03 | CVE-2021-30623 | Chromium: CVE-2021-30623 Use after free in Bookmarks |
8.8 | 2021-09-03 | CVE-2021-30622 | Chromium: CVE-2021-30622 Use after free in WebApp Installs |
6.5 | 2021-09-03 | CVE-2021-30621 | Chromium: CVE-2021-30621 UI Spoofing in Autofill |
8.8 | 2021-09-03 | CVE-2021-30620 | Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink |
6.5 | 2021-09-03 | CVE-2021-30619 | Chromium: CVE-2021-30619 UI Spoofing in Autofill |
8.8 | 2021-09-03 | CVE-2021-30618 | Chromium: CVE-2021-30618 Inappropriate implementation in DevTools |
6.5 | 2021-09-03 | CVE-2021-30617 | Chromium: CVE-2021-30617 Policy bypass in Blink |
8.8 | 2021-09-03 | CVE-2021-30616 | Chromium: CVE-2021-30616 Use after free in Media |
6.5 | 2021-09-03 | CVE-2021-30615 | Chromium: CVE-2021-30615 Cross-origin data leak in Navigation |
8.8 | 2021-09-03 | CVE-2021-30614 | Chromium: CVE-2021-30614 Heap buffer overflow in TabStrip |
8.8 | 2021-09-03 | CVE-2021-30613 | Chromium: CVE-2021-30613 Use after free in Base internals |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
43% (237) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
30% (167) | CWE-787 | Out-of-bounds Write |
12% (67) | CWE-200 | Information Exposure |
2% (16) | CWE-416 | Use After Free |
2% (16) | CWE-20 | Improper Input Validation |
1% (8) | CWE-290 | Authentication Bypass by Spoofing |
1% (8) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
1% (6) | CWE-346 | Origin Validation Error |
0% (4) | CWE-284 | Access Control (Authorization) Issues |
0% (4) | CWE-264 | Permissions, Privileges, and Access Controls |
0% (4) | CWE-254 | Security Features |
0% (3) | CWE-125 | Out-of-bounds Read |
0% (2) | CWE-601 | URL Redirection to Untrusted Site ('Open Redirect') |
0% (1) | CWE-755 | Improper Handling of Exceptional Conditions |
0% (1) | CWE-704 | Incorrect Type Conversion or Cast |
0% (1) | CWE-665 | Improper Initialization |
0% (1) | CWE-425 | Direct Request ('Forced Browsing') |
0% (1) | CWE-401 | Failure to Release Memory Before Removing Last Reference ('Memory L... |
0% (1) | CWE-269 | Improper Privilege Management |
0% (1) | CWE-88 | Argument Injection or Modification |
0% (1) | CWE-74 | Failure to Sanitize Data into a Different Plane ('Injection') |
0% (1) | CWE-19 | Data Handling |
SAINT Exploits
Description | Link |
---|---|
Internet Explorer mshtml.dll Memory Corruption Vulnerability | More info here |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2015-A-0210 | Cumulative Security Update for Microsoft Internet Explorer (MS15-094) Severity: Category II - VMSKEY: V0061381 |
2015-A-0211 | Cumulative Security Update for Microsoft Edge (MS15-095) Severity: Category II - VMSKEY: V0061383 |
2015-A-0188 | Cumulative Security Update for Microsoft Internet Explorer (MS15-079) Severity: Category I - VMSKEY: V0061297 |
2015-A-0189 | Cumulative Security Update for Microsoft Edge (MS15-091) Severity: Category II - VMSKEY: V0061317 |
Snort® IPS/IDS
Date | Description |
---|---|
2020-12-10 | Microsoft Edge memory corruption attempt RuleID : 56287 - Type : BROWSER-IE - Revision : 1 |
2020-12-10 | Microsoft Edge memory corruption attempt RuleID : 56286 - Type : BROWSER-IE - Revision : 1 |
2020-07-09 | Microsoft Edge memory corruption attempt RuleID : 54237 - Type : BROWSER-IE - Revision : 1 |
2020-07-09 | Microsoft Edge memory corruption attempt RuleID : 54236 - Type : BROWSER-IE - Revision : 1 |
2020-03-19 | Microsoft Edge scripting engine memory corruption attempt RuleID : 53111 - Type : BROWSER-IE - Revision : 1 |
2020-03-19 | Microsoft Edge scripting engine memory corruption attempt RuleID : 53110 - Type : BROWSER-IE - Revision : 1 |
2020-03-03 | Microsoft Edge scripting engine memory corruption attempt RuleID : 52989 - Type : BROWSER-IE - Revision : 1 |
2020-03-03 | Microsoft Edge scripting engine memory corruption attempt RuleID : 52988 - Type : BROWSER-IE - Revision : 1 |
2020-03-03 | Microsoft Edge scripting engine memory corruption attempt RuleID : 52987 - Type : BROWSER-IE - Revision : 1 |
2020-03-03 | Microsoft Edge scripting engine memory corruption attempt RuleID : 52986 - Type : BROWSER-IE - Revision : 1 |
2020-02-18 | Microsoft Edge scripting engine memory corruption attempt RuleID : 52611 - Type : BROWSER-IE - Revision : 1 |
2020-02-18 | Microsoft Edge scripting engine memory corruption attempt RuleID : 52610 - Type : BROWSER-IE - Revision : 1 |
2020-02-14 | Microsoft Edge out of bounds write attempt RuleID : 52607 - Type : BROWSER-IE - Revision : 1 |
2020-02-14 | Microsoft Edge out of bounds write attempt RuleID : 52606 - Type : BROWSER-IE - Revision : 1 |
2020-02-13 | Microsoft Edge scripting engine memory corruption attempt RuleID : 52600 - Type : BROWSER-IE - Revision : 1 |
2020-02-13 | Microsoft Edge scripting engine memory corruption attempt RuleID : 52599 - Type : BROWSER-IE - Revision : 1 |
2020-02-04 | Microsoft Edge Chakra ProcessLinkFailedAsmJsModule type confusion attempt RuleID : 52523 - Type : BROWSER-IE - Revision : 1 |
2020-02-04 | Microsoft Edge Chakra ProcessLinkFailedAsmJsModule type confusion attempt RuleID : 52522 - Type : BROWSER-IE - Revision : 1 |
2020-02-04 | Microsoft Edge Chakra ProcessLinkFailedAsmJsModule type confusion attempt RuleID : 52521 - Type : BROWSER-IE - Revision : 1 |
2020-02-04 | Microsoft Edge Chakra ProcessLinkFailedAsmJsModule type confusion attempt RuleID : 52520 - Type : BROWSER-IE - Revision : 1 |
2020-01-23 | Microsoft Edge Chakra EmitCall memory corruption attempt RuleID : 52511 - Type : BROWSER-IE - Revision : 1 |
2020-01-23 | Microsoft Edge Chakra EmitCall memory corruption attempt RuleID : 52510 - Type : BROWSER-IE - Revision : 1 |
2020-01-23 | Microsoft Edge Chakra EmitCall memory corruption attempt RuleID : 52509 - Type : BROWSER-IE - Revision : 1 |
2020-01-23 | Microsoft Edge Chakra EmitCall memory corruption attempt RuleID : 52508 - Type : BROWSER-IE - Revision : 1 |
2020-01-23 | Microsoft Edge memory corruption attempt RuleID : 52507 - Type : BROWSER-IE - Revision : 1 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2018-08-28 | Name: The version of Microsoft Edge web browser installed on the remote host is no ... File: microsoft_edge_web_browser_win_unsupported.nasl - Type: ACT_GATHER_INFO |
2017-12-12 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_dec_4053578.nasl - Type: ACT_GATHER_INFO |
2017-12-12 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_dec_4053579.nasl - Type: ACT_GATHER_INFO |
2017-12-12 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_dec_4053580.nasl - Type: ACT_GATHER_INFO |
2017-12-12 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_dec_4053581.nasl - Type: ACT_GATHER_INFO |
2017-12-12 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_dec_4054517.nasl - Type: ACT_GATHER_INFO |
2017-12-12 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_dec_4054518.nasl - Type: ACT_GATHER_INFO |
2017-12-12 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_dec_4054519.nasl - Type: ACT_GATHER_INFO |
2017-12-12 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_dec_4054520.nasl - Type: ACT_GATHER_INFO |
2017-12-12 | Name: The Internet Explorer installation on the remote host is affected by multiple... File: smb_nt_ms17_dec_internet_explorer.nasl - Type: ACT_GATHER_INFO |
2017-11-30 | Name: The Internet Explorer installation on the remote host is affected by multiple... File: smb_nt_ms17_aug_internet_explorer.nasl - Type: ACT_GATHER_INFO |
2017-11-30 | Name: The Internet Explorer installation on the remote host is affected by multiple... File: smb_nt_ms17_jul_internet_explorer.nasl - Type: ACT_GATHER_INFO |
2017-11-30 | Name: The Internet Explorer installation on the remote host is affected by multiple... File: smb_nt_ms17_jun_internet_explorer.nasl - Type: ACT_GATHER_INFO |
2017-11-30 | Name: The Internet Explorer installation on the remote host is affected by multiple... File: smb_nt_ms17_may_internet_explorer.nasl - Type: ACT_GATHER_INFO |
2017-11-30 | Name: The Internet Explorer installation on the remote host is affected by multiple... File: smb_nt_ms17_nov_internet_explorer.nasl - Type: ACT_GATHER_INFO |
2017-11-30 | Name: The Internet Explorer installation on the remote host is affected by multiple... File: smb_nt_ms17_sep_internet_explorer.nasl - Type: ACT_GATHER_INFO |
2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048952.nasl - Type: ACT_GATHER_INFO |
2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048953.nasl - Type: ACT_GATHER_INFO |
2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048954.nasl - Type: ACT_GATHER_INFO |
2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048955.nasl - Type: ACT_GATHER_INFO |
2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048956.nasl - Type: ACT_GATHER_INFO |
2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048957.nasl - Type: ACT_GATHER_INFO |
2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048958.nasl - Type: ACT_GATHER_INFO |
2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048959.nasl - Type: ACT_GATHER_INFO |
2017-11-03 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_aug_4034668.nasl - Type: ACT_GATHER_INFO |