Lucene search

K
MicrosoftInternet Explorer

1635 matches found

CVE
CVE
added 2014/07/08 10:55 p.m.51 views

CVE-2014-2801

Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3CVSS7.7AI score0.16987EPSS
CVE
CVE
added 2014/09/10 1:55 a.m.51 views

CVE-2014-4111

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2799, CVE-2014-4059, CVE-2014-4065, CV...

9.3CVSS7.6AI score0.21715EPSS
CVE
CVE
added 2018/02/08 11:29 p.m.51 views

CVE-2014-4112

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0304.

7.6CVSS7.7AI score0.18091EPSS
CVE
CVE
added 2014/10/15 10:55 a.m.51 views

CVE-2014-4126

Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3CVSS7.8AI score0.16268EPSS
CVE
CVE
added 2014/12/11 12:59 a.m.51 views

CVE-2014-6330

Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3CVSS7.8AI score0.31497EPSS
CVE
CVE
added 2014/12/11 12:59 a.m.51 views

CVE-2014-6368

Microsoft Internet Explorer 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."

4.3CVSS6.5AI score0.11023EPSS
CVE
CVE
added 2015/02/11 3:0 a.m.51 views

CVE-2015-0017

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0020, CVE-2015-0022, CVE-2015-0026, CV...

9.3CVSS7.5AI score0.24067EPSS
CVE
CVE
added 2015/02/11 3:0 a.m.51 views

CVE-2015-0025

Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0023.

9.3CVSS7.6AI score0.24067EPSS
CVE
CVE
added 2015/02/11 3:0 a.m.51 views

CVE-2015-0029

Microsoft Internet Explorer 6 and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3CVSS7.7AI score0.24067EPSS
CVE
CVE
added 2015/07/14 9:59 p.m.51 views

CVE-2015-2401

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1767 and CVE-2015-2408.

9.3CVSS7.6AI score0.28139EPSS
CVE
CVE
added 2015/08/14 10:59 a.m.51 views

CVE-2015-2448

Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability."

9.3CVSS7.7AI score0.22819EPSS
CVE
CVE
added 2015/08/14 10:59 a.m.51 views

CVE-2015-2450

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2451.

9.3CVSS7.6AI score0.22819EPSS
CVE
CVE
added 2015/12/09 11:59 a.m.51 views

CVE-2015-6149

Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6147.

9.3CVSS7.6AI score0.18139EPSS
CVE
CVE
added 2015/12/09 11:59 a.m.51 views

CVE-2015-6150

Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6154.

9.3CVSS7.6AI score0.2665EPSS
CVE
CVE
added 2016/01/13 5:59 a.m.51 views

CVE-2016-0005

Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability."

4.3CVSS5.7AI score0.40525EPSS
CVE
CVE
added 2016/02/10 11:59 a.m.51 views

CVE-2016-0063

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0060, CVE-2016-0061, CVE-2016-0067, an...

9.3CVSS8.7AI score0.47176EPSS
CVE
CVE
added 2016/07/13 1:59 a.m.51 views

CVE-2016-3245

Microsoft Internet Explorer 9 through 11 allows remote attackers to trick users into making TCP connections to a restricted port via a crafted web site, aka "Internet Explorer Security Feature Bypass Vulnerability."

6.5CVSS7AI score0.11962EPSS
CVE
CVE
added 2016/07/13 1:59 a.m.51 views

CVE-2016-3261

Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."

5.3CVSS5.8AI score0.20202EPSS
CVE
CVE
added 2016/09/06 10:59 a.m.51 views

CVE-2016-7153

The HTTP/2 protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack.

5.3CVSS4.9AI score0.03915EPSS
CVE
CVE
added 2017/08/08 9:29 p.m.51 views

CVE-2017-8651

Internet Explorer in Microsoft Windows Server 2008 SP2 and Windows Server 2012 allows an attacker to execute arbitrary code in the context of the current user due to Internet Explorer improperly accessing objects in memory, aka "Internet Explorer Memory Corruption Vulnerability".

7.6CVSS8.1AI score0.17251EPSS
CVE
CVE
added 2018/06/14 12:29 p.m.51 views

CVE-2018-8113

A security feature bypass vulnerability exists in Internet Explorer that allows for bypassing Mark of the Web Tagging (MOTW), aka "Internet Explorer Security Feature Bypass Vulnerability." This affects Internet Explorer 11.

6.5CVSS7.2AI score0.27839EPSS
CVE
CVE
added 2018/05/09 7:29 p.m.51 views

CVE-2018-8126

A security feature bypass vulnerability exists when Internet Explorer fails to validate User Mode Code Integrity (UMCI) policies, aka "Internet Explorer Security Feature Bypass Vulnerability." This affects Internet Explorer 11.

8.8CVSS8.5AI score0.09901EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.50 views

CVE-1999-0669

The Eyedog ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy.

4CVSS7.9AI score0.12573EPSS
CVE
CVE
added 2000/03/22 5:0 a.m.50 views

CVE-2000-0162

The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability.

5.1CVSS6.8AI score0.01479EPSS
CVE
CVE
added 2002/06/25 4:0 a.m.50 views

CVE-2002-0022

Buffer overflow in the implementation of an HTML directive in mshtml.dll in Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code via a web page that specifies embedded ActiveX controls in a way that causes 2 Unicode strings to be concatenated.

7.5CVSS8AI score0.3525EPSS
CVE
CVE
added 2011/12/07 7:55 p.m.50 views

CVE-2002-2435

The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264.

4.3CVSS5.6AI score0.22206EPSS
CVE
CVE
added 2005/12/14 11:3 a.m.50 views

CVE-2005-2831

Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, aka a variant of t...

7.5CVSS7.7AI score0.65282EPSS
CVE
CVE
added 2006/04/11 11:2 p.m.50 views

CVE-2006-1185

Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption.

7.5CVSS7.3AI score0.63986EPSS
CVE
CVE
added 2006/04/29 10:2 a.m.50 views

CVE-2006-2094

Microsoft Internet Explorer before Windows XP Service Pack 2 and Windows Server 2003 Service Pack 1, when Prompt is configured in Security Settings, uses modal dialogs to verify that a user wishes to run an ActiveX control or perform other risky actions, which allows user-assisted remote attackers ...

5.1CVSS6.6AI score0.34906EPSS
CVE
CVE
added 2007/06/21 11:30 p.m.50 views

CVE-2007-3341

Unspecified vulnerability in the FTP implementation in Microsoft Internet Explorer allows remote attackers to "see a valid memory address" via unspecified vectors, a different issue than CVE-2007-0217.

10CVSS6.3AI score0.76216EPSS
CVE
CVE
added 2007/10/09 10:17 p.m.50 views

CVE-2007-3893

Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code via unspecified vectors involving memory corruption from an unhandled error.

6.8CVSS7.5AI score0.40696EPSS
CVE
CVE
added 2007/12/12 12:46 a.m.50 views

CVE-2007-5347

Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code via "unexpected method calls to HTML objects," aka "DHTML Object Memory Corruption Vulnerability."

6.8CVSS7.3AI score0.46102EPSS
CVE
CVE
added 2008/12/10 2:0 p.m.50 views

CVE-2008-4261

Stack-based buffer overflow in Microsoft Internet Explorer 5.01 SP4, 6 SP1 on Windows 2000, and 6 on Windows XP and Server 2003 does not properly handle extraneous data associated with an object embedded in a web page, which allows remote attackers to execute arbitrary code via crafted HTML tags th...

9.3CVSS7.5AI score0.56169EPSS
CVE
CVE
added 2009/01/20 4:30 p.m.50 views

CVE-2008-5912

An unspecified function in the JavaScript implementation in Microsoft Internet Explorer creates and exposes a "temporary footprint" when there is a current login to a web site, which makes it easier for remote attackers to trick a user into acting upon a spoofed pop-up message, aka an "in-session p...

2.1CVSS6.7AI score0.17145EPSS
CVE
CVE
added 2009/06/10 6:30 p.m.50 views

CVE-2009-1528

Microsoft Internet Explorer 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 does not properly synchronize AJAX requests, which allows allows remote attackers to execute arbitrary code via a large number of concurrent, asynch...

9.3CVSS7.6AI score0.68151EPSS
CVE
CVE
added 2009/06/15 7:30 p.m.50 views

CVE-2009-2069

Microsoft Internet Explorer before 8 displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT response page returned by a proxy server, which allows man-in-the-middle attackers to spoof an arbitrary https site by letting a browser obtain a valid certificate from this site during one request, ...

5.8CVSS6.5AI score0.02947EPSS
CVE
CVE
added 2009/08/28 3:30 p.m.50 views

CVE-2009-3003

Microsoft Internet Explorer 6 through 8 allows remote attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary URL on the web site visited by the victim, as demonstrated by a visit to an attacker-controlled web page, which triggers a spoofed login form for the s...

4.3CVSS6.8AI score0.2266EPSS
CVE
CVE
added 2009/11/25 6:30 p.m.50 views

CVE-2009-4074

The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to leverage the "response-changing mechanism" to conduct cross-site scripting (XSS) attacks against web sites that have no inherent XSS vulnerabilities, related to the details of output encoding and improper modification of an ...

4.3CVSS7.8AI score0.19684EPSS
CVE
CVE
added 2011/06/16 8:55 p.m.50 views

CVE-2011-1256

Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "DOM Modification Memory Corruption Vulnerability."

9.3CVSS7.5AI score0.4546EPSS
CVE
CVE
added 2011/10/12 2:52 a.m.50 views

CVE-2011-1997

Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnLoad Event Remote Code Execution Vulnerability."

9.3CVSS8AI score0.39116EPSS
CVE
CVE
added 2011/06/03 5:55 p.m.50 views

CVE-2011-2383

Microsoft Internet Explorer 9 and earlier does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing an http: URL that redirects to a file: URL, as demonstrated...

4.3CVSS6.1AI score0.35888EPSS
CVE
CVE
added 2013/02/13 12:4 p.m.50 views

CVE-2013-0024

Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer pasteHTML Use After Free Vulnerability."

9.3CVSS7.5AI score0.4569EPSS
CVE
CVE
added 2013/02/13 12:4 p.m.50 views

CVE-2013-0028

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CObjectElement Use After Free Vulnerability."

9.3CVSS7.4AI score0.4569EPSS
CVE
CVE
added 2013/07/10 3:46 a.m.50 views

CVE-2013-3166

Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to inject arbitrary web script or HTML via vectors involving incorrect auto-selection of the Shift JIS encoding, leading to cross-domain scrolling events, aka "Shift JIS Character Encoding V...

4.3CVSS5.4AI score0.31955EPSS
CVE
CVE
added 2014/02/12 4:50 a.m.50 views

CVE-2014-0286

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0275 and CVE-2014-0285.

9.3CVSS7.6AI score0.32615EPSS
CVE
CVE
added 2014/04/08 11:55 p.m.50 views

CVE-2014-1760

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3CVSS7.7AI score0.22762EPSS
CVE
CVE
added 2014/06/11 4:56 a.m.50 views

CVE-2014-2761

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1769, CVE-2014-1782, CVE-2014-1785, CVE-2014-275...

9.3CVSS7.5AI score0.48087EPSS
CVE
CVE
added 2014/09/10 1:55 a.m.50 views

CVE-2014-4092

Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4098.

9.3CVSS7.6AI score0.15762EPSS
CVE
CVE
added 2014/12/11 12:59 a.m.50 views

CVE-2014-6365

Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the XSS filter via a crafted attribute of an element in an HTML document, aka "Internet Explorer XSS Filter Bypass Vulnerability," a different vulnerability than CVE-2014-6328.

4.3CVSS5.5AI score0.33173EPSS
CVE
CVE
added 2015/02/11 3:0 a.m.50 views

CVE-2015-0041

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0017, CVE-2015-0020, CVE-2015-0022, CV...

9.3CVSS7.5AI score0.24067EPSS
Total number of security vulnerabilities1635