CVSS: 4.3EPSS: 20%CPEs: 1EXPL: 0CVE-2016-3244
https://notcve.org/view.php?id=CVE-2016-3244
13 Jul 2016 — Microsoft Edge allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Edge Security Feature Bypass." Microsoft Edge permite a atacantes remotos eludir el mecanismo de protección ASLR a través de un sitio web manipulada, también conocido como "Microsoft Edge Security Feature Bypass". • http://www.securityfocus.com/bid/91599 • CWE-284: Improper Access Control •
CVSS: 5.3EPSS: 17%CPEs: 3EXPL: 0CVE-2016-3277
https://notcve.org/view.php?id=CVE-2016-3277
13 Jul 2016 — Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." Microsoft Internet Explorer 10 y 11 y Microsoft Edge permiten a atacantes remotos obtener información sensible a través de un sitio web manipulado, también conocida como "Microsoft Browser Information Disclosure Vulnerability". • http://www.securityfocus.com/bid/91596 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 22%CPEs: 4EXPL: 0CVE-2016-3273
https://notcve.org/view.php?id=CVE-2016-3273
13 Jul 2016 — The XSS Filter in Microsoft Internet Explorer 9 through 11 and Microsoft Edge does not properly restrict JavaScript code, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." El XSS Filter en Microsoft Internet Explorer 9 hasta la versión 11 y Microsoft Edge no restringe correctamente código JavaScript, lo que permite a atacantes remotos obtener información sensible a través de un sitio web manipulado, también con... • http://www.securityfocus.com/bid/91576 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 27%CPEs: 4EXPL: 0CVE-2016-3259
https://notcve.org/view.php?id=CVE-2016-3259
13 Jul 2016 — The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3248. Los motores de Microsoft (1) JScript 9, (2) VBScript y (3) Chakra JavaScript, como se utilizan en Microsoft Internet Expl... • http://www.securityfocus.com/bid/91581 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 3.1EPSS: 7%CPEs: 4EXPL: 0CVE-2016-3274
https://notcve.org/view.php?id=CVE-2016-3274
13 Jul 2016 — Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to conduct content-spoofing attacks via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability." Microsoft Internet Explorer 9 hasta la versión 11 y Microsoft Edge permiten a atacantes remotos llevar a cabo de suplantación de contenido a través de una URL manipulada, también conocida como "Microsoft Browser Spoofing Vulnerability". • http://www.securityfocus.com/bid/91591 • CWE-284: Improper Access Control •
CVSS: 9.3EPSS: 22%CPEs: 1EXPL: 0CVE-2016-3269
https://notcve.org/view.php?id=CVE-2016-3269
13 Jul 2016 — The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3265. El motor Chakra de JavaScript en Microsoft Edge permite a atacantes ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocida como "Scripting Engine Memory... • http://www.securityfocus.com/bid/91595 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 20%CPEs: 4EXPL: 0CVE-2016-3264 – Microsoft Edge CGeolocationManager Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-3264
12 Jul 2016 — Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." Microsoft Internet Explorer 9 hasta la versión 11 y Microsoft Edge permiten a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocida como "Microsoft Browser Memory Cor... • http://www.securityfocus.com/bid/91598 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 18%CPEs: 1EXPL: 0CVE-2016-3246 – Microsoft Edge InjectHtmlStream Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-3246
12 Jul 2016 — Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability." Microsoft Edge permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocida como "Microsoft Edge Memory Corruption Vulnerability". This vulnerability allows remote attackers to corrupt memory on vulnerable inst... • http://www.securityfocus.com/bid/91602 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 28%CPEs: 1EXPL: 0CVE-2016-3271 – Microsoft Chakra ArrayBuffer.transfer Uninitialized Buffer Information Leak Vulnerability
https://notcve.org/view.php?id=CVE-2016-3271
12 Jul 2016 — The VBScript engine in Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability." El motor VBScript en Microsoft Edge permite a atacantes remotos obtener información sensible de la memoria de proceso a través de un sitio web manipulado, también conocida como "Scripting Engine Information Disclosure Vulnerability". This vulnerability allows remote attackers to leak sensitive information on vul... • http://www.securityfocus.com/bid/91586 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 49%CPEs: 6EXPL: 0CVE-2016-3203 – Microsoft Windows PDF Library AES Encryption Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2016-3203
16 Jun 2016 — Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allow remote attackers to execute arbitrary code via a crafted PDF document, aka "Windows PDF Remote Code Execution Vulnerability." Microsoft Windows 8.1, Windows Server 2012 Gold y R2, Windows 10 Gold y 1511 y Microsoft Edge permiten a atacantes remotos ejecutar código arbitrario a través de un documento PDF manipulado, también conocida como "Windows PDF Remote Code Execution Vulnerability". This vulnerabil... • http://www.securityfocus.com/bid/91086 • CWE-20: Improper Input Validation •