This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2015-08-14
Product Edge Last view 2020-07-14
Version Type Application
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:* 383
cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:* 215

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
4.3 2020-07-14 CVE-2020-1462

An information disclosure vulnerability exists when Skype for Business is accessed via Microsoft Edge (EdgeHTML-based), aka 'Skype for Business via Microsoft Edge (EdgeHTML-based) Information Disclosure Vulnerability'.

6.5 2020-07-14 CVE-2020-1433

An information disclosure vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka 'Microsoft Edge PDF Information Disclosure Vulnerability'.

5.3 2020-06-09 CVE-2020-1242

An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests, aka 'Microsoft Edge Information Disclosure Vulnerability'.

6.1 2020-06-09 CVE-2020-1220

A spoofing vulnerability exists when theMicrosoft Edge (Chromium-based) in IE Mode improperly handles specific redirects, aka 'Microsoft Edge (Chromium-based) in IE Mode Spoofing Vulnerability'.

7.5 2020-06-09 CVE-2020-1219

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'.

8.1 2020-06-09 CVE-2020-1073

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'.

5.9 2020-05-21 CVE-2020-1195

An elevation of privilege vulnerability exists in Microsoft Edge (Chromium-based) when the Feedback extension improperly validates input, aka 'Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability'.

7.5 2020-05-21 CVE-2020-1096

A remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka 'Microsoft Edge PDF Remote Code Execution Vulnerability'.

4.3 2020-05-21 CVE-2020-1059

A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka 'Microsoft Edge Spoofing Vulnerability'.

8.1 2020-05-21 CVE-2020-1056

An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability, aka 'Microsoft Edge Elevation of Privilege Vulnerability'.

7.5 2020-05-21 CVE-2020-1037

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Chakra Scripting Engine Memory Corruption Vulnerability'.

7.5 2020-04-15 CVE-2020-0969

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Chakra Scripting Engine Memory Corruption Vulnerability'.

7.5 2020-03-12 CVE-2020-0830

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848.

7.5 2020-03-12 CVE-2020-0828

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848.

7.5 2020-03-12 CVE-2020-0827

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848.

7.5 2020-03-12 CVE-2020-0826

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848.

7.5 2020-03-12 CVE-2020-0825

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848.

7.5 2020-03-12 CVE-2020-0823

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848.

8.8 2020-03-12 CVE-2020-0816

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'.

7.5 2020-02-11 CVE-2020-0767

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713.

7.5 2020-02-11 CVE-2020-0713

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0767.

7.5 2020-02-11 CVE-2020-0712

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0713, CVE-2020-0767.

7.5 2020-02-11 CVE-2020-0711

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767.

7.5 2020-02-11 CVE-2020-0710

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767.

4.3 2020-02-11 CVE-2020-0706

An information disclosure vulnerability exists in the way that affected Microsoft browsers handle cross-origin requests, aka 'Microsoft Browser Information Disclosure Vulnerability'.

CWE : Common Weakness Enumeration

%idName
71% (394) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
16% (89) CWE-200 Information Exposure
4% (23) CWE-20 Improper Input Validation
1% (9) CWE-254 Security Features
1% (8) CWE-264 Permissions, Privileges, and Access Controls
1% (8) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
0% (4) CWE-284 Access Control (Authorization) Issues
0% (3) CWE-346 Origin Validation Error
0% (2) CWE-732 Incorrect Permission Assignment for Critical Resource
0% (2) CWE-601 URL Redirection to Untrusted Site ('Open Redirect')
0% (2) CWE-290 Authentication Bypass by Spoofing
0% (2) CWE-269 Improper Privilege Management
0% (1) CWE-704 Incorrect Type Conversion or Cast
0% (1) CWE-416 Use After Free
0% (1) CWE-74 Failure to Sanitize Data into a Different Plane ('Injection')
0% (1) CWE-19 Data Handling

SAINT Exploits

Description Link
Internet Explorer mshtml.dll Memory Corruption Vulnerability More info here

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0210 Cumulative Security Update for Microsoft Internet Explorer (MS15-094)
Severity: Category II - VMSKEY: V0061381
2015-A-0211 Cumulative Security Update for Microsoft Edge (MS15-095)
Severity: Category II - VMSKEY: V0061383
2015-A-0188 Cumulative Security Update for Microsoft Internet Explorer (MS15-079)
Severity: Category I - VMSKEY: V0061297
2015-A-0189 Cumulative Security Update for Microsoft Edge (MS15-091)
Severity: Category II - VMSKEY: V0061317

Snort® IPS/IDS

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2020-07-09 Microsoft Edge memory corruption attempt
RuleID : 54237 - Type : BROWSER-IE - Revision : 1
2020-07-09 Microsoft Edge memory corruption attempt
RuleID : 54236 - Type : BROWSER-IE - Revision : 1
2020-03-19 Microsoft Edge scripting engine memory corruption attempt
RuleID : 53111 - Type : BROWSER-IE - Revision : 1
2020-03-19 Microsoft Edge scripting engine memory corruption attempt
RuleID : 53110 - Type : BROWSER-IE - Revision : 1
2020-03-03 Microsoft Edge scripting engine memory corruption attempt
RuleID : 52989 - Type : BROWSER-IE - Revision : 1
2020-03-03 Microsoft Edge scripting engine memory corruption attempt
RuleID : 52988 - Type : BROWSER-IE - Revision : 1
2020-03-03 Microsoft Edge scripting engine memory corruption attempt
RuleID : 52987 - Type : BROWSER-IE - Revision : 1
2020-03-03 Microsoft Edge scripting engine memory corruption attempt
RuleID : 52986 - Type : BROWSER-IE - Revision : 1
2020-02-18 Microsoft Edge scripting engine memory corruption attempt
RuleID : 52611 - Type : BROWSER-IE - Revision : 1
2020-02-18 Microsoft Edge scripting engine memory corruption attempt
RuleID : 52610 - Type : BROWSER-IE - Revision : 1
2020-02-14 Microsoft Edge out of bounds write attempt
RuleID : 52607 - Type : BROWSER-IE - Revision : 1
2020-02-14 Microsoft Edge out of bounds write attempt
RuleID : 52606 - Type : BROWSER-IE - Revision : 1
2020-02-13 Microsoft Edge scripting engine memory corruption attempt
RuleID : 52600 - Type : BROWSER-IE - Revision : 1
2020-02-13 Microsoft Edge scripting engine memory corruption attempt
RuleID : 52599 - Type : BROWSER-IE - Revision : 1
2020-02-04 Microsoft Edge Chakra ProcessLinkFailedAsmJsModule type confusion attempt
RuleID : 52523 - Type : BROWSER-IE - Revision : 1
2020-02-04 Microsoft Edge Chakra ProcessLinkFailedAsmJsModule type confusion attempt
RuleID : 52522 - Type : BROWSER-IE - Revision : 1
2020-02-04 Microsoft Edge Chakra ProcessLinkFailedAsmJsModule type confusion attempt
RuleID : 52521 - Type : BROWSER-IE - Revision : 1
2020-02-04 Microsoft Edge Chakra ProcessLinkFailedAsmJsModule type confusion attempt
RuleID : 52520 - Type : BROWSER-IE - Revision : 1
2020-01-23 Microsoft Edge Chakra EmitCall memory corruption attempt
RuleID : 52511 - Type : BROWSER-IE - Revision : 1
2020-01-23 Microsoft Edge Chakra EmitCall memory corruption attempt
RuleID : 52510 - Type : BROWSER-IE - Revision : 1
2020-01-23 Microsoft Edge Chakra EmitCall memory corruption attempt
RuleID : 52509 - Type : BROWSER-IE - Revision : 1
2020-01-23 Microsoft Edge Chakra EmitCall memory corruption attempt
RuleID : 52508 - Type : BROWSER-IE - Revision : 1
2020-01-23 Microsoft Edge memory corruption attempt
RuleID : 52507 - Type : BROWSER-IE - Revision : 1
2020-01-23 Microsoft Edge memory corruption attempt
RuleID : 52506 - Type : BROWSER-IE - Revision : 1
2020-01-16 Microsoft Edge out of bounds write attempt
RuleID : 52475 - Type : BROWSER-IE - Revision : 1

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2018-08-28 Name: The version of Microsoft Edge web browser installed on the remote host is no ...
File: microsoft_edge_web_browser_win_unsupported.nasl - Type: ACT_GATHER_INFO
2017-12-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_dec_4053578.nasl - Type: ACT_GATHER_INFO
2017-12-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_dec_4053579.nasl - Type: ACT_GATHER_INFO
2017-12-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_dec_4053580.nasl - Type: ACT_GATHER_INFO
2017-12-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_dec_4053581.nasl - Type: ACT_GATHER_INFO
2017-12-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_dec_4054517.nasl - Type: ACT_GATHER_INFO
2017-12-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_dec_4054518.nasl - Type: ACT_GATHER_INFO
2017-12-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_dec_4054519.nasl - Type: ACT_GATHER_INFO
2017-12-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_dec_4054520.nasl - Type: ACT_GATHER_INFO
2017-12-12 Name: The Internet Explorer installation on the remote host is affected by multiple...
File: smb_nt_ms17_dec_internet_explorer.nasl - Type: ACT_GATHER_INFO
2017-11-30 Name: The Internet Explorer installation on the remote host is affected by multiple...
File: smb_nt_ms17_aug_internet_explorer.nasl - Type: ACT_GATHER_INFO
2017-11-30 Name: The Internet Explorer installation on the remote host is affected by multiple...
File: smb_nt_ms17_jul_internet_explorer.nasl - Type: ACT_GATHER_INFO
2017-11-30 Name: The Internet Explorer installation on the remote host is affected by multiple...
File: smb_nt_ms17_jun_internet_explorer.nasl - Type: ACT_GATHER_INFO
2017-11-30 Name: The Internet Explorer installation on the remote host is affected by multiple...
File: smb_nt_ms17_may_internet_explorer.nasl - Type: ACT_GATHER_INFO
2017-11-30 Name: The Internet Explorer installation on the remote host is affected by multiple...
File: smb_nt_ms17_nov_internet_explorer.nasl - Type: ACT_GATHER_INFO
2017-11-30 Name: The Internet Explorer installation on the remote host is affected by multiple...
File: smb_nt_ms17_sep_internet_explorer.nasl - Type: ACT_GATHER_INFO
2017-11-14 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_nov_4048952.nasl - Type: ACT_GATHER_INFO
2017-11-14 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_nov_4048953.nasl - Type: ACT_GATHER_INFO
2017-11-14 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_nov_4048954.nasl - Type: ACT_GATHER_INFO
2017-11-14 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_nov_4048955.nasl - Type: ACT_GATHER_INFO
2017-11-14 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_nov_4048956.nasl - Type: ACT_GATHER_INFO
2017-11-14 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_nov_4048957.nasl - Type: ACT_GATHER_INFO
2017-11-14 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_nov_4048958.nasl - Type: ACT_GATHER_INFO
2017-11-14 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_nov_4048959.nasl - Type: ACT_GATHER_INFO
2017-11-03 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_aug_4034668.nasl - Type: ACT_GATHER_INFO