Total
749 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-1065 | 1 Microsoft | 4 Chakracore, Edge, Windows 10 and 1 more | 2024-02-28 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. | |||||
| CVE-2020-1195 | 1 Microsoft | 1 Edge | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
| An elevation of privilege vulnerability exists in Microsoft Edge (Chromium-based) when the Feedback extension improperly validates input, aka 'Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability'. | |||||
| CVE-2020-0816 | 1 Microsoft | 4 Edge, Windows 10, Windows Server 2016 and 1 more | 2024-02-28 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'. | |||||
| CVE-2020-1172 | 1 Microsoft | 5 Chakracore, Edge, Windows 10 and 2 more | 2024-02-28 | 7.6 HIGH | 4.2 MEDIUM |
| <p>A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.</p> <p>If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p> <p>The security update addresses the vulnerability by modifying how the ChakraCore scripting engine handles objects in memory.</p> | |||||
| CVE-2020-0825 | 1 Microsoft | 4 Chakracore, Edge, Windows 10 and 1 more | 2024-02-28 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848. | |||||
| CVE-2019-1356 | 1 Microsoft | 4 Edge, Windows 10, Windows Server 2016 and 1 more | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory, aka 'Microsoft Edge based on Edge HTML Information Disclosure Vulnerability'. | |||||
| CVE-2020-0663 | 1 Microsoft | 3 Edge, Windows 10, Windows Server 2019 | 2024-02-28 | 4.0 MEDIUM | 4.2 MEDIUM |
| An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability, aka 'Microsoft Edge Elevation of Privilege Vulnerability'. | |||||
| CVE-2019-1357 | 1 Microsoft | 9 Edge, Internet Explorer, Windows 10 and 6 more | 2024-02-28 | 4.3 MEDIUM | 4.3 MEDIUM |
| A spoofing vulnerability exists when Microsoft Browsers improperly handle browser cookies, aka 'Microsoft Browser Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-0608. | |||||
| CVE-2020-0711 | 1 Microsoft | 4 Chakracore, Edge, Windows 10 and 1 more | 2024-02-28 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767. | |||||
| CVE-2019-1428 | 1 Microsoft | 5 Chakracore, Edge, Windows 10 and 2 more | 2024-02-28 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1427, CVE-2019-1429. | |||||
| CVE-2019-1335 | 1 Microsoft | 5 Chakracore, Edge, Windows 10 and 2 more | 2024-02-28 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1307, CVE-2019-1308, CVE-2019-1366. | |||||
| CVE-2020-0710 | 1 Microsoft | 5 Chakracore, Edge, Windows 10 and 2 more | 2024-02-28 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767. | |||||
| CVE-2019-1308 | 1 Microsoft | 5 Chakracore, Edge, Windows 10 and 2 more | 2024-02-28 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1307, CVE-2019-1335, CVE-2019-1366. | |||||
| CVE-2019-1427 | 1 Microsoft | 4 Chakracore, Edge, Windows 10 and 1 more | 2024-02-28 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1428, CVE-2019-1429. | |||||
| CVE-2020-0767 | 1 Microsoft | 5 Chakracore, Edge, Windows 10 and 2 more | 2024-02-28 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713. | |||||
| CVE-2019-1426 | 1 Microsoft | 5 Chakracore, Edge, Windows 10 and 2 more | 2024-02-28 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1427, CVE-2019-1428, CVE-2019-1429. | |||||
| CVE-2020-0713 | 1 Microsoft | 5 Chakracore, Edge, Windows 10 and 2 more | 2024-02-28 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0767. | |||||
| CVE-2019-1413 | 1 Microsoft | 4 Edge, Windows 10, Windows Server 2016 and 1 more | 2024-02-28 | 4.3 MEDIUM | 4.3 MEDIUM |
| A security feature bypass vulnerability exists when Microsoft Edge improperly handles extension requests and fails to request host permission for all_urls, aka 'Microsoft Edge Security Feature Bypass Vulnerability'. | |||||
| CVE-2019-0608 | 1 Microsoft | 10 Edge, Internet Explorer, Windows 10 and 7 more | 2024-02-28 | 4.3 MEDIUM | 4.3 MEDIUM |
| A spoofing vulnerability exists when Microsoft Browsers does not properly parse HTTP content, aka 'Microsoft Browser Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-1357. | |||||
| CVE-2019-1307 | 1 Microsoft | 5 Chakracore, Edge, Windows 10 and 2 more | 2024-02-28 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1308, CVE-2019-1335, CVE-2019-1366. | |||||