Descripción
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service, execute arbitrary code, bypass security restrictions.
Below is a complete list of vulnerabilities:
- Incorrect security UI vulnerability in Omnibox can be exploited to spoof user interface.
- Race condition vulnerability in Storage can be exploited to cause denial of service.
- Inappropriate implementation vulnerability in V8 can be exploited remotely to execute arbitrary code
- Policy bypass vulnerability in Extensions can be exploited to bypass security restrictions.
- Race condition vulnerability in V8 can be exploited to cause denial of service.
- Inappropriate implementation vulnerability in V8 can be exploited to cause denial of service.
- Inappropriate implementation vulnerability in App-Bound Encryption can be exploited to cause denial of service.
- Inappropriate implementation vulnerability in Extensions can be exploited to cause denial of service.
- Use after free vulnerability in PageInfo can be exploited to cause denial of service or execute arbitrary code.
- Incorrect security UI vulnerability in Fullscreen UI can be exploited to spoof user interface.
- Type Confusion vulnerability in V8 can be exploited to cause denial of service.
- Inappropriate implementation vulnerability in Autofill can be exploited to cause denial of service.
- Use after free vulnerability in Ozone can be exploited to cause denial of service or execute arbitrary code.
- Out of bounds read vulnerability in V8 can be exploited to cause denial of service.
- Incorrect security UI vulnerability in SplitView can be exploited to spoof user interface.
- Out of bounds read vulnerability in WebXR can be exploited to cause denial of service.
- Object lifecycle vulnerability in Media can be exploited to cause denial of service or spoof user interface.
- A remote code execution vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to execute arbitrary code.
Notas informativas originales
- CVE-2025-12434
- CVE-2025-12036
- CVE-2025-12436
- CVE-2025-12432
- CVE-2025-12429
- CVE-2025-12439
- CVE-2025-12431
- CVE-2025-12437
- CVE-2025-12444
- CVE-2025-12428
- CVE-2025-12440
- CVE-2025-12433
- CVE-2025-12447
- CVE-2025-12438
- CVE-2025-12441
- CVE-2025-12445
- CVE-2025-12446
- CVE-2025-12443
- CVE-2025-12430
- CVE-2025-60711
Explotación
Public exploits exist for this vulnerability.
Productos relacionados
Lista CVE
- CVE-2025-12036 critical
- CVE-2025-12428 critical
- CVE-2025-12429 critical
- CVE-2025-12430 critical
- CVE-2025-12431 high
- CVE-2025-12432 critical
- CVE-2025-12433 warning
- CVE-2025-12434 warning
- CVE-2025-12435 high
- CVE-2025-12436 high
- CVE-2025-12437 critical
- CVE-2025-12438 critical
- CVE-2025-12439 high
- CVE-2025-12440 high
- CVE-2025-12441 warning
- CVE-2025-12443 warning
- CVE-2025-12444 warning
- CVE-2025-12445 high
- CVE-2025-12446 warning
- CVE-2025-12447 warning
- CVE-2025-60711 high
Lista KB
Leer más
Conozca las estadísticas de las vulnerabilidades que se propagan en su región statistics.securelist.com
¿Has encontrado algún error en la descripción de esta vulnerabilidad? ¡Háznoslo saber!