Internet Explorer Security Vulnerabilities and Issues — Page 12 of Internet Explorer CVE List

Lucene search

MicrosoftInternet Explorer

1635 matches found

CVE•added 2014/10/15 10:55 a.m.•67 views

CVE-2014-4134

Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3CVSS7.8AI score0.1631EPSS

CVE•added 2015/06/10 1:59 a.m.•67 views

CVE-2015-1737

Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1731, CVE-2015-1736, and CVE-2015-1755.

9.3CVSS7.6AI score0.29545EPSS

CVE•added 2015/09/09 12:59 a.m.•67 views

CVE-2015-2485

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2491 and CVE-2015-2541.

9.3CVSS7.5AI score0.20844EPSS

CVE•added 2015/09/09 12:59 a.m.•67 views

CVE-2015-2498

Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2486, CVE-2015-2487, CVE-2015-2490, CVE-2015-2492, CVE-2...

9.3CVSS7.5AI score0.20844EPSS

CVE•added 2016/05/11 11:0 a.m.•67 views

CVE-2016-1101

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.

7.6CVSS8.2AI score0.53066EPSS

Web

CVE•added 2016/05/11 11:0 a.m.•67 views

CVE-2016-1106

7.6CVSS8.2AI score0.60045EPSS

CVE•added 2016/08/09 9:59 p.m.•67 views

CVE-2016-3327

Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to obtain sensitive information via a crafted web page, aka "Microsoft Browser Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3326.

5.3CVSS5.1AI score0.32707EPSS

CVE•added 2016/12/20 6:59 a.m.•67 views

CVE-2016-7278

Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Windows Hyperlink Object Library Information Disclosure Vulnerability."

5.3CVSS5.8AI score0.30327EPSS

CVE•added 2017/04/12 2:59 p.m.•67 views

CVE-2017-0202

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user, a.k.a. "Internet Explorer Memory Corruption Vulnerability...

7.6CVSS7.9AI score0.61873EPSS

CVE•added 2017/07/11 9:29 p.m.•67 views

CVE-2017-8608

Microsoft browsers in Microsoft Windows Server 2008 and R2, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engines fail to r...

7.6CVSS7.5AI score0.78054EPSS

CVE•added 2018/02/15 2:29 a.m.•67 views

CVE-2018-0847

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allow information disclosure, due to how Internet Explorer handles objects in memory, aka "Inter...

4.3CVSS5.1AI score0.12044EPSS

CVE•added 2018/04/12 1:29 a.m.•67 views

CVE-2018-0991

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-0870, CVE-2018-0997, CVE-2018-1018, CVE-20...

7.6CVSS7.1AI score0.23853EPSS

CVE•added 2005/02/13 5:0 a.m.•66 views

CVE-2004-0866

Internet Explorer 6.0 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.

7.5CVSS6.9AI score0.03541EPSS

CVE•added 2014/02/12 4:50 a.m.•66 views

CVE-2014-0274

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0270, CVE-2014-0273, and CVE-2014-0288...

9.3CVSS7.6AI score0.32615EPSS

CVE•added 2014/03/12 5:15 a.m.•66 views

CVE-2014-0307

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a certain sequence of manipulations of a TextRange element, aka "Internet Explorer Memory Corruption Vulnerability."

9.3CVSS7.6AI score0.86385EPSS

CVE•added 2014/03/12 5:15 a.m.•66 views

CVE-2014-0311

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0299 and CVE-2014-0305.

9.3CVSS7.6AI score0.22762EPSS

CVE•added 2014/06/11 4:56 a.m.•66 views

CVE-2014-1771

SChannel in Microsoft Internet Explorer 6 through 11 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which allows man-in-the-middle attackers to obtain sensitive information or modify TLS session data via a "triple handshake attack,...

6.8CVSS5.8AI score0.1504EPSS

CVE•added 2015/06/10 1:59 a.m.•66 views

CVE-2015-1750

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1732, CVE-2015-1742, CVE-2015-1747, and CVE-2015...

9.3CVSS7.6AI score0.29545EPSS

CVE•added 2015/10/14 1:59 a.m.•66 views

CVE-2015-6059

The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability."

4.3CVSS7.2AI score0.25225EPSS

CVE•added 2016/05/11 11:1 a.m.•66 views

CVE-2016-4108

7.6CVSS8.2AI score0.65591EPSS

CVE•added 2016/05/11 11:1 a.m.•66 views

CVE-2016-4115

7.6CVSS8.2AI score0.06491EPSS

CVE•added 2018/04/12 1:29 a.m.•66 views

CVE-2018-0996

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018...

7.6CVSS6.9AI score0.23853EPSS

CVE•added 2018/06/14 12:29 p.m.•66 views

CVE-2018-8267

7.6CVSS7.7AI score0.28725EPSS

CVE•added 2009/01/29 7:30 p.m.•65 views

CVE-2009-0341

The shell32 module in Microsoft Internet Explorer 7.0 on Windows XP SP3 might allow remote attackers to execute arbitrary code via a long VALUE attribute in an INPUT element, possibly related to a stack consumption vulnerability.

9.3CVSS7.8AI score0.49357EPSS

CVE•added 2010/03/31 7:30 p.m.•65 views

CVE-2010-0267

Microsoft Internet Explorer 6, 6 SP1, and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerab...

9.3CVSS7.6AI score0.63927EPSS

CVE•added 2014/03/12 5:15 a.m.•65 views

CVE-2014-0303

9.3CVSS7.6AI score0.22762EPSS

CVE•added 2014/09/10 1:55 a.m.•65 views

CVE-2014-4109

9.3CVSS7.6AI score0.18139EPSS

CVE•added 2014/10/15 10:55 a.m.•65 views

CVE-2014-4128

9.3CVSS7.8AI score0.14058EPSS

CVE•added 2014/11/11 10:55 p.m.•65 views

CVE-2014-6343

9.3CVSS7.7AI score0.24067EPSS

CVE•added 2014/12/11 12:59 a.m.•65 views

CVE-2014-6374

9.3CVSS7.6AI score0.28139EPSS

CVE•added 2014/12/11 12:59 a.m.•65 views

CVE-2014-6376

9.3CVSS7.6AI score0.29545EPSS

CVE•added 2015/06/10 1:59 a.m.•65 views

CVE-2015-1735

9.3CVSS7.6AI score0.24067EPSS

CVE•added 2015/07/14 9:59 p.m.•65 views

CVE-2015-2390

9.3CVSS7.5AI score0.28139EPSS

CVE•added 2015/07/14 9:59 p.m.•65 views

CVE-2015-2413

Microsoft Internet Explorer 6 through 11 allows remote attackers to determine the existence of local files via a crafted module-resource request, aka "Internet Explorer Information Disclosure Vulnerability."

4.3CVSS6.1AI score0.30694EPSS

CVE•added 2015/07/14 9:59 p.m.•65 views

CVE-2015-2422

9.3CVSS7.5AI score0.28139EPSS

CVE•added 2015/09/09 12:59 a.m.•65 views

CVE-2015-2499

9.3CVSS7.5AI score0.20844EPSS

CVE•added 2016/05/11 11:0 a.m.•65 views

CVE-2016-1103

7.6CVSS8.2AI score0.53066EPSS

Web

CVE•added 2016/05/11 11:1 a.m.•65 views

CVE-2016-4112

7.6CVSS8.2AI score0.06491EPSS

CVE•added 2017/07/11 9:29 p.m.•65 views

CVE-2017-8594

Internet Explorer on Microsoft Windows 8.1 and Windows RT 8.1, and Windows Server 2012 R2 allows an attacker to execute arbitrary code in the context of the current user when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability".

7.6CVSS7.2AI score0.51066EPSS

Web

CVE•added 2002/06/25 4:0 a.m.•64 views

CVE-2002-0052

Internet Explorer 6.0 and earlier does not properly handle VBScript in certain domain security checks, which allows remote attackers to read arbitrary files.

5CVSS6.7AI score0.34376EPSS

CVE•added 2004/02/03 5:0 a.m.•64 views

CVE-2003-0816

Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions by (1) using the NavigateAndFind method to load a file: URL containing Javascript, as demonstrated by NAFfileJPU, (2) using the window.open method to load a file: URL containing Javascript, as demonstrated using...

7.5CVSS7.6AI score0.66761EPSS

CVE•added 2004/09/01 4:0 a.m.•64 views

CVE-2003-1326

Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model to run malicious script or arbitrary programs via dialog boxes, aka "Improper Cross Domain Security Validation with dialog box."

7.5CVSS7.6AI score0.1111EPSS

CVE•added 2005/06/01 4:0 a.m.•64 views

CVE-2005-1790

Microsoft Internet Explorer 6 SP2 6.0.2900.2180 and 6.0.2800.1106, and earlier versions, allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a Javascript BODY onload event that calls the window function, aka "Mismatched Document Object Model Objects Memory Co...

2.6CVSS7.3AI score0.8475EPSS

CVE•added 2009/12/09 6:30 p.m.•64 views

CVE-2009-3671

Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a diff...

9.3CVSS7.2AI score0.61042EPSS

CVE•added 2013/01/29 12:27 p.m.•64 views

CVE-2013-1450

Microsoft Internet Explorer 8 and 9, when the Proxy Settings configuration has the same Proxy address and Port values in the HTTP and Secure rows, does not properly reuse TCP sessions to the proxy server, which allows remote attackers to obtain sensitive information intended for a specific host via...

4CVSS5.8AI score0.16551EPSS

CVE•added 2014/08/12 9:55 p.m.•64 views

CVE-2014-2796

9.3CVSS7.7AI score0.18901EPSS

CVE•added 2014/09/10 1:55 a.m.•64 views

CVE-2014-4100

9.3CVSS7.6AI score0.18139EPSS

CVE•added 2014/11/11 10:55 p.m.•64 views

CVE-2014-6337

9.3CVSS7.8AI score0.24067EPSS

CVE•added 2015/04/14 8:59 p.m.•64 views

CVE-2015-1668

9.3CVSS7.7AI score0.19558EPSS

CVE•added 2015/05/13 10:59 a.m.•64 views

CVE-2015-1688

Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."

6.8CVSS6.9AI score0.10956EPSS

Total number of security vulnerabilities1635