CVSS: 7.6EPSS: 2%CPEs: 30EXPL: 0CVE-2019-0884
https://notcve.org/view.php?id=CVE-2019-0884
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0911, CVE-2019-0918. Existe una vulnerabilidad de ejecución de código remota en la manera en que el motor de scripting maneja los objetos en la memoria de los navegadores de Microsoft, también se conoce como 'Scripting Engine Memory Corruption Vulnerability'. Este ID de CVE es diferente de CVE-2019-0911, CVE-2019-0918 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0884 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 7%CPEs: 7EXPL: 0CVE-2019-0937 – Microsoft Chakra Exception Handling Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-0937
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933. Existe una vulnerabilidad de ejecución de código remota en la manera en que el motor de scripting Chakra maneja los objetos en memoria en Microsoft Edge, también se conoce como 'Chakra Scripting Engine Memory Corruption Vulnerability'. Este CVE ID es diferente de CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE- 2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Chakra. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0937 • CWE-787: Out-of-bounds Write •
CVSS: 7.6EPSS: 16%CPEs: 28EXPL: 0CVE-2019-0940 – Microsoft Edge CDXImageRenderTarget Double Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-0940
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'. Existe una vulnerabilidad de ejecución de código remota en la manera en que los navegadores de Microsoft acceden a los objetos en la memoria, también se conoce como 'Microsoft Browser Memory Corruption Vulnerability'. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the rendering of pattern images within HTML canvas elements. By manipulating a document's elements, an attacker can cause a pointer to be reused after it has been freed. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0940 • CWE-787: Out-of-bounds Write •
CVSS: 9.0EPSS: 0%CPEs: 10EXPL: 0CVE-2019-0938 – Microsoft Edge DownloadOperation Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2019-0938
An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka 'Microsoft Edge Elevation of Privilege Vulnerability'. Hay una vulnerabilidad de elevación de privilegios en Microsoft Edge que podría permitir a un atacante escapar de AppContainer sandbox en el navegador, también conocida como "vulnerabilidad de elevación de privilegios de Microsoft Edge". This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of messages passed from the renderer process to the broker process of Microsoft Edge. A crafted message can trigger execution of a privileged operation. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0938 •
CVSS: 7.6EPSS: 1%CPEs: 12EXPL: 0CVE-2019-0861
https://notcve.org/view.php?id=CVE-2019-0861
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860. Existe una vulnerabilidad de ejecución remota de código que se manifiesta en la forma en la que el motor de scripting de Chakra gestiona los objetos en la memoria en Microsoft Edge. Esto también se conoce como "Chakra Scripting Engine Memory Corruption Vulnerability". El ID de este CVE es diferente de CVE-2019-0806, CVE-2019-0810, CVE-2019-0812, CVE-2019-0829 y CVE-2019-0860. • http://www.securityfocus.com/bid/107724 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0861 • CWE-787: Out-of-bounds Write •