The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Microsoft Edge

vulnerability bulletin CVE-2017-5754

Intel Processors: memory reading via Meltdown

Synthesis of the vulnerability

When the system uses an Intel processor, a local attacker can access to the kernel memory, in order to read sensitive information.
Impacted products: SNS, iOS by Apple, iPhone, Mac OS X, Blue Coat CAS, Cisco ASR, Cisco Catalyst, Nexus by Cisco, NX-OS, Cisco Router, Cisco UCS, XenServer, Debian, Avamar, ExtremeXOS, Summit, BIG-IP Hardware, TMOS, FortiAnalyzer, FortiGate, FortiManager, FortiOS, FreeBSD, Android OS, AIX, IBM i, QRadar SIEM, Juniper J-Series, Junos OS, Junos Space, NSMXpress, Linux, McAfee Email Gateway, McAfee NSM, McAfee NTBA, McAfee Web Gateway, Meinberg NTP Server, Edge, IE, SQL Server, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 7, Windows 8, Windows (platform) ~ not comprehensive, Windows RT, OpenBSD, openSUSE Leap, Oracle Communications, pfSense, RealPresence Collaboration Server, RealPresence Distributed Media Application, RealPresence Resource Manager, RHEL, SIMATIC, Slackware, Sonus SBC, SUSE Linux Enterprise Desktop, SLES, Symantec Content Analysis, Synology DSM, Synology DS***, Synology RS***, Ubuntu, Unix (platform) ~ not comprehensive, vCenter Server, Xen.
Severity: 2/4.
Consequences: data reading.
Provenance: user shell.
Creation date: 03/01/2018.
Revision date: 05/01/2018.
Identifiers: 2016636, 519675, ADV180002, CERTFR-2018-ALE-001, CERTFR-2018-AVI-004, CERTFR-2018-AVI-005, CERTFR-2018-AVI-009, CERTFR-2018-AVI-012, CERTFR-2018-AVI-014, CERTFR-2018-AVI-017, CERTFR-2018-AVI-018, CERTFR-2018-AVI-029, CERTFR-2018-AVI-048, CERTFR-2018-AVI-049, CERTFR-2018-AVI-077, CERTFR-2018-AVI-079, CERTFR-2018-AVI-114, CERTFR-2018-AVI-124, CERTFR-2018-AVI-134, CERTFR-2018-AVI-208, CERTFR-2018-AVI-225, cisco-sa-20180104-cpusidechannel, cpuapr2019, CTX231390, CTX231399, CTX234679, CVE-2017-5754, DLA-1232-1, DLA-1349-1, DSA-2018-049, DSA-4078-1, DSA-4082-1, DSA-4120-1, DSA-4120-2, DSA-4179-1, FG-IR-18-002, FreeBSD-SA-18:03.speculative_execution, HT208331, HT208334, HT208394, HT208465, JSA10842, JSA10873, K91229003, MBGSA-1801, Meltdown, N1022433, nas8N1022433, openSUSE-SU-2018:0022-1, openSUSE-SU-2018:0023-1, openSUSE-SU-2018:0326-1, openSUSE-SU-2018:0459-1, openSUSE-SU-2018:1623-1, RHSA-2018:0007-01, RHSA-2018:0008-01, RHSA-2018:0009-01, RHSA-2018:0010-01, RHSA-2018:0011-01, RHSA-2018:0012-01, RHSA-2018:0013-01, RHSA-2018:0014-01, RHSA-2018:0015-01, RHSA-2018:0016-01, RHSA-2018:0017-01, RHSA-2018:0018-01, RHSA-2018:0020-01, RHSA-2018:0021-01, RHSA-2018:0022-01, RHSA-2018:0023-01, RHSA-2018:0024-01, RHSA-2018:0025-01, RHSA-2018:0026-01, RHSA-2018:0027-01, RHSA-2018:0028-01, RHSA-2018:0029-01, RHSA-2018:0030-01, RHSA-2018:0031-01, RHSA-2018:0032-01, RHSA-2018:0034-01, RHSA-2018:0035-01, RHSA-2018:0036-01, RHSA-2018:0037-01, RHSA-2018:0038-01, RHSA-2018:0039-01, RHSA-2018:0040-01, RHSA-2018:0053-01, RHSA-2018:0093-01, RHSA-2018:0094-01, RHSA-2018:0103-01, RHSA-2018:0104-01, RHSA-2018:0105-01, RHSA-2018:0106-01, RHSA-2018:0107-01, RHSA-2018:0108-01, RHSA-2018:0109-01, RHSA-2018:0110-01, RHSA-2018:0111-01, RHSA-2018:0112-01, RHSA-2018:0182-01, RHSA-2018:0292-01, RHSA-2018:0464-01, RHSA-2018:0496-01, RHSA-2018:0512-01, RHSA-2018:1129-01, RHSA-2018:1196-01, SA161, SB10226, spectre_meltdown_advisory, SSA-168644, SSA:2018-016-01, SSA:2018-037-01, STORM-2018-001, SUSE-SU-2018:0010-1, SUSE-SU-2018:0011-1, SUSE-SU-2018:0012-1, SUSE-SU-2018:0031-1, SUSE-SU-2018:0040-1, SUSE-SU-2018:0069-1, SUSE-SU-2018:0115-1, SUSE-SU-2018:0131-1, SUSE-SU-2018:0171-1, SUSE-SU-2018:0219-1, SUSE-SU-2018:0438-1, SUSE-SU-2018:0472-1, SUSE-SU-2018:0601-1, SUSE-SU-2018:0609-1, SUSE-SU-2018:0638-1, SUSE-SU-2018:0678-1, SUSE-SU-2018:0909-1, SUSE-SU-2018:1603-1, SUSE-SU-2018:1658-1, SUSE-SU-2018:1699-1, SUSE-SU-2018:2528-1, Synology-SA-18:01, USN-3516-1, USN-3522-1, USN-3522-2, USN-3522-3, USN-3522-4, USN-3523-1, USN-3523-2, USN-3523-3, USN-3524-1, USN-3524-2, USN-3525-1, USN-3540-1, USN-3540-2, USN-3541-1, USN-3541-2, USN-3583-1, USN-3583-2, USN-3597-1, USN-3597-2, VIGILANCE-VUL-24933, VMSA-2018-0007, VN-2018-001, VN-2018-002, VU#584653, XSA-254.

Description of the vulnerability

When the system uses an Intel processor, a local attacker can access to the kernel memory, in order to read sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability 24830

Keeper Browser Extension: information disclosure

Synthesis of the vulnerability

An attacker can bypass access restrictions to data of Keeper Browser Extension, in order to obtain sensitive information.
Impacted products: Edge, Windows 10.
Severity: 2/4.
Consequences: data reading.
Provenance: internet server.
Creation date: 20/12/2017.
Identifiers: 1481, VIGILANCE-VUL-24830.

Description of the vulnerability

An attacker can bypass access restrictions to data of Keeper Browser Extension, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2017-11791 CVE-2017-11803 CVE-2017-11827

Edge: vulnerabilities of november 2017

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.
Impacted products: Edge.
Severity: 4/4.
Consequences: user access/rights, data reading, data creation/edition, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 24.
Creation date: 15/11/2017.
Identifiers: CERTFR-2017-AVI-407, CVE-2017-11791, CVE-2017-11803, CVE-2017-11827, CVE-2017-11833, CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11844, CVE-2017-11845, CVE-2017-11846, CVE-2017-11858, CVE-2017-11861, CVE-2017-11862, CVE-2017-11863, CVE-2017-11866, CVE-2017-11870, CVE-2017-11871, CVE-2017-11872, CVE-2017-11873, CVE-2017-11874, VIGILANCE-VUL-24435, ZDI-17-1015.

Description of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.

The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2017-11792 CVE-2017-11794 CVE-2017-11796

Edge: vulnerabilities of October 2017

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.
Impacted products: Edge.
Severity: 4/4.
Consequences: user access/rights, data reading, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 17.
Creation date: 11/10/2017.
Identifiers: 1333, 1334, 1338, CERTFR-2017-AVI-343, CVE-2017-11792, CVE-2017-11794, CVE-2017-11796, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11811, CVE-2017-11812, CVE-2017-11821, CVE-2017-8726, VIGILANCE-VUL-24089, ZDI-17-842.

Description of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.

The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2017-11764 CVE-2017-11766 CVE-2017-8597

Microsoft Edge: vulnerabilities of September 2017

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.
Impacted products: Edge.
Severity: 4/4.
Consequences: user access/rights, data reading, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 29.
Creation date: 13/09/2017.
Identifiers: 1299, 1301, 1309, 1339, 1343, 1357, CERTFR-2017-AVI-298, CVE-2017-11764, CVE-2017-11766, CVE-2017-8597, CVE-2017-8643, CVE-2017-8648, CVE-2017-8649, CVE-2017-8660, CVE-2017-8723, CVE-2017-8724, CVE-2017-8728, CVE-2017-8729, CVE-2017-8731, CVE-2017-8734, CVE-2017-8735, CVE-2017-8736, CVE-2017-8737, CVE-2017-8738, CVE-2017-8739, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8750, CVE-2017-8751, CVE-2017-8752, CVE-2017-8753, CVE-2017-8754, CVE-2017-8755, CVE-2017-8756, CVE-2017-8757, VIGILANCE-VUL-23823, ZDI-17-725, ZDI-17-736.

Description of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.

The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2017-8503 CVE-2017-8518 CVE-2017-8634

Microsoft Edge: vulnerabilities of August 2017

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.
Impacted products: Edge.
Severity: 4/4.
Consequences: user access/rights, data reading, data creation/edition, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 29.
Creation date: 09/08/2017.
Identifiers: 1255, 1264, 1284, 1287, CERTFR-2017-AVI-258, CVE-2017-8503, CVE-2017-8518, CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8637, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8642, CVE-2017-8644, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8650, CVE-2017-8652, CVE-2017-8653, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8659, CVE-2017-8661, CVE-2017-8662, CVE-2017-8669, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, CVE-2017-8674, VIGILANCE-VUL-23473, ZDI-17-637, ZDI-17-640, ZDI-17-641.

Description of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.

The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2017-8592 CVE-2017-8595 CVE-2017-8596

Microsoft Edge: vulnerabilities of July 2017

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft Edge.
Impacted products: Edge.
Severity: 4/4.
Consequences: user access/rights, data reading, data creation/edition, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 18.
Creation date: 12/07/2017.
Identifiers: CERTFR-2017-AVI-206, CVE-2017-8592, CVE-2017-8595, CVE-2017-8596, CVE-2017-8598, CVE-2017-8599, CVE-2017-8601, CVE-2017-8602, CVE-2017-8603, CVE-2017-8604, CVE-2017-8605, CVE-2017-8606, CVE-2017-8607, CVE-2017-8608, CVE-2017-8609, CVE-2017-8610, CVE-2017-8611, CVE-2017-8617, CVE-2017-8619, VIGILANCE-VUL-23202.

Description of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.

The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2017-8496 CVE-2017-8497 CVE-2017-8498

Microsoft Edge: vulnerabilities of June 2017

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Edge.
Impacted products: Edge.
Severity: 4/4.
Consequences: client access/rights, data reading, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 17.
Creation date: 14/06/2017.
Revision date: 29/06/2017.
Identifiers: 1254, CERTFR-2017-AVI-179, CVE-2017-8496, CVE-2017-8497, CVE-2017-8498, CVE-2017-8499, CVE-2017-8504, CVE-2017-8517, CVE-2017-8518, CVE-2017-8520, CVE-2017-8521, CVE-2017-8522, CVE-2017-8523, CVE-2017-8524, CVE-2017-8529, CVE-2017-8530, CVE-2017-8548, CVE-2017-8549, CVE-2017-8555, VIGILANCE-VUL-22964, ZDI-17-696.

Description of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.

The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2017-0221 CVE-2017-0223 CVE-2017-0224

Edge: vulnerabilities of May 2017

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Edge.
Impacted products: Edge.
Severity: 4/4.
Consequences: user access/rights, data reading, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 14.
Creation date: 10/05/2017.
Revision date: 11/05/2017.
Identifiers: CERTFR-2017-AVI-150, CVE-2017-0221, CVE-2017-0223, CVE-2017-0224, CVE-2017-0227, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0233, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, CVE-2017-0240, CVE-2017-0241, CVE-2017-0266, VIGILANCE-VUL-22684, ZDI-17-324, ZDI-17-325, ZDI-17-328, ZDI-17-329, ZDI-17-371, ZDI-17-464, ZDI-18-239.

Description of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.

The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2017-0009 CVE-2017-0010 CVE-2017-0011

Microsoft Edge: vulnerabilities of March 2017

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.
Impacted products: Edge.
Severity: 4/4.
Consequences: administrator access/rights, user access/rights, data reading, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 31.
Creation date: 14/03/2017.
Revisions dates: 22/03/2017, 05/05/2017.
Identifiers: 1043, 1045, 4013071, CERTFR-2017-AVI-080, CVE-2017-0009, CVE-2017-0010, CVE-2017-0011, CVE-2017-0012, CVE-2017-0015, CVE-2017-0017, CVE-2017-0023, CVE-2017-0032, CVE-2017-0033, CVE-2017-0034, CVE-2017-0035, CVE-2017-0065, CVE-2017-0066, CVE-2017-0067, CVE-2017-0068, CVE-2017-0069, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0135, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0140, CVE-2017-0141, CVE-2017-0150, CVE-2017-0151, MS17-007, VIGILANCE-VUL-22125, ZDI-17-167, ZDI-17-170, ZDI-17-171, ZDI-17-172, ZDI-17-173.

Description of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.

The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Microsoft Edge: