Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MicrosoftInternet Explorer

1635 matches found

CVE
CVEadded 2016/11/10 6:59 a.m.81 views

CVE-2016-7241

Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."

7.6CVSS7.6AI score0.73384EPSS
CVE
CVEadded 2017/06/15 1:29 a.m.81 views

CVE-2017-8547

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, and Windows Server 2012 and R2 allow an attacker to execute arbitrary code in the context of the current user when Internet Explorer improperly accesses objects in memory, aka "Internet Explore...

7.6CVSS6.2AI score0.13466EPSS
CVE
CVEadded 2017/08/08 9:29 p.m.81 views

CVE-2017-8636

Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to the way that Micros...

7.6CVSS7.9AI score0.82712EPSS
CVE
CVEadded 2017/09/13 1:29 a.m.81 views

CVE-2017-8748

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the ...

7.6CVSS7.2AI score0.76981EPSS
CVE
CVEadded 2020/05/21 11:15 p.m.81 views

CVE-2020-1092

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1062.

7.6CVSS8.6AI score0.41208EPSS
CVE
CVEadded 2004/07/27 4:0 a.m.80 views

CVE-2004-0727

Microsoft Internet Explorer 6.0.2800.1106 on Microsoft Windows XP SP2, and other versions including 5.01 and 5.5, allows remote web servers to bypass zone restrictions and execute arbitrary code in the local computer zone by redirecting a function to another function with the same name, as demonstr...

7.5CVSS7.8AI score0.64045EPSS
CVE
CVEadded 2005/05/02 4:0 a.m.80 views

CVE-2005-0553

Race condition in the memory management routines in the DHTML object processor in Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail, aka "DHTML Object Memory Corruption Vulnerability".

5.1CVSS7.6AI score0.73949EPSS
CVE
CVEadded 2012/06/12 10:55 p.m.80 views

CVE-2012-1875

Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Same ID Property Remote Code Execution Vulnerability."

9.3CVSS8.1AI score0.84452EPSS
CVE
CVEadded 2016/05/11 1:59 a.m.80 views

CVE-2016-0192

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."

7.6CVSS7.7AI score0.27071EPSS
CVE
CVEadded 2016/05/11 11:0 a.m.80 views

CVE-2016-1098

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.

7.6CVSS8.3AI score0.15468EPSS
CVE
CVEadded 2016/07/13 1:59 a.m.80 views

CVE-2016-3204

The Microsoft (1) JScript 5.8 and 9 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption V...

9.3CVSS8.7AI score0.25422EPSS
CVE
CVEadded 2016/11/10 6:59 a.m.80 views

CVE-2016-7239

The RegEx class in the XSS filter in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allows remote attackers to conduct cross-site scripting (XSS) attacks and obtain sensitive information via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability."

3.1CVSS4.7AI score0.1353EPSS
CVE
CVEadded 2017/11/15 3:29 a.m.80 views

CVE-2017-11834

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to obtain information to further comprom...

5.3CVSS4.8AI score0.17613EPSS
CVE
CVEadded 2019/05/16 7:29 p.m.80 views

CVE-2019-0921

An spoofing vulnerability exists when Internet Explorer improperly handles URLs, aka 'Internet Explorer Spoofing Vulnerability'.

6.5CVSS6.5AI score0.12763EPSS
CVE
CVEadded 2019/08/14 9:15 p.m.80 views

CVE-2019-1133

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully explo...

7.6CVSS8.6AI score0.03992EPSS
CVE
CVEadded 2019/10/10 2:15 p.m.80 views

CVE-2019-1371

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'.

7.6CVSS8.6AI score0.04581EPSS
CVE
CVEadded 2010/06/08 8:30 p.m.79 views

CVE-2010-1257

Cross-site scripting (XSS) vulnerability in the toStaticHTML API, as used in Microsoft Office InfoPath 2003 SP3, 2007 SP1, and 2007 SP2; Office SharePoint Server 2007 SP1 and SP2; SharePoint Services 3.0 SP1 and SP2; and Internet Explorer 8 allows remote attackers to inject arbitrary web script or ...

4.3CVSS5.4AI score0.44933EPSS
CVE
CVEadded 2014/06/11 4:56 a.m.79 views

CVE-2014-1805

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1773, CVE-2014-1783, CVE-2014-1784, CV...

9.3CVSS7.5AI score0.68887EPSS
CVE
CVEadded 2014/09/10 1:55 a.m.79 views

CVE-2014-4081

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2799, CVE-2014-4059, CVE-2014-4065, CV...

9.3CVSS7.6AI score0.18139EPSS
CVE
CVEadded 2014/10/15 10:55 a.m.79 views

CVE-2014-4133

Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4137.

9.3CVSS7.7AI score0.16326EPSS
CVE
CVEadded 2014/11/11 10:55 p.m.79 views

CVE-2014-6345

Microsoft Internet Explorer 9 and 10 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."

4.3CVSS6.3AI score0.27597EPSS
CVE
CVEadded 2015/06/10 1:59 a.m.79 views

CVE-2015-1748

Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1743.

6.8CVSS6.7AI score0.09834EPSS
CVE
CVEadded 2016/03/09 11:59 a.m.79 views

CVE-2016-0109

Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0102, CVE-2016-0103, CVE-2016-...

7.6CVSS7.6AI score0.38033EPSS
CVE
CVEadded 2016/06/16 1:59 a.m.79 views

CVE-2016-0199

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0200 and CVE-2016-3211.

9.3CVSS8.7AI score0.72539EPSS
CVE
CVEadded 2016/05/11 11:0 a.m.79 views

CVE-2016-1102

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.

7.6CVSS8.3AI score0.39664EPSS
CVE
CVEadded 2016/11/10 6:59 a.m.79 views

CVE-2016-7198

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7195.

7.6CVSS7.8AI score0.30629EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.79 views

CVE-2017-0130

The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." This vulnerability is different from that described in ...

7.6CVSS6.7AI score0.18742EPSS
CVE
CVEadded 2017/11/15 3:29 a.m.79 views

CVE-2017-11838

ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attack...

7.6CVSS7.5AI score
CVE
CVEadded 2017/07/11 9:29 p.m.79 views

CVE-2017-8592

Microsoft browsers on when Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows RT 8.1, and Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow a security feature bypass vulnerability when they improperly handle redirect requests, ak...

6.5CVSS6.5AI score0.29443EPSS
CVE
CVEadded 2018/05/09 7:29 p.m.79 views

CVE-2018-8178

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge.

7.6CVSS8.1AI score0.15604EPSS
CVE
CVEadded 2020/05/21 11:15 p.m.79 views

CVE-2020-1093

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1035, CVE-2020-1058, CVE-2020-1060.

7.6CVSS7.9AI score0.03363EPSS
CVE
CVEadded 2010/02/04 8:15 p.m.78 views

CVE-2010-0555

Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not prevent rendering of non-HTML local files as HTML documents, which allows remote attackers to bypass intended access restrictions and read arbitrary files via vectors involving the product's use of text/html as the default content ty...

9.3CVSS6.2AI score0.49676EPSS
CVE
CVEadded 2010/09/17 6:0 p.m.78 views

CVE-2010-3324

The toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, Office SharePoint Server 2007 SP2, Groove Server 2010, and Office Web Apps, allows remote attackers to bypass the cross-site scripting ...

4.3CVSS7.4AI score0.44933EPSS
CVE
CVEadded 2014/10/15 10:55 a.m.78 views

CVE-2014-4140

Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."

4.3CVSS6.5AI score0.15101EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.78 views

CVE-2017-0154

Microsoft Internet Explorer 11 on Windows 10, 1511, and 1606 and Windows Server 2016 does not enforce cross-domain policies, allowing attackers to access information from one domain and inject it into another via a crafted application, aka, "Internet Explorer Elevation of Privilege Vulnerability."

5.8CVSS5.5AI score0.01348EPSS
CVE
CVEadded 2017/07/11 9:29 p.m.78 views

CVE-2017-8606

Microsoft browsers in Microsoft Windows 7, Windows Server 2008 and R2, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine...

7.6CVSS7.5AI score0.78054EPSS
CVE
CVEadded 2017/08/08 9:29 p.m.78 views

CVE-2017-8641

Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to the way that Micros...

7.6CVSS7.9AI score0.82712EPSS
CVE
CVEadded 2019/05/16 7:29 p.m.78 views

CVE-2019-0930

An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory, aka 'Internet Explorer Information Disclosure Vulnerability'.

6.5CVSS6.2AI score0.20668EPSS
CVE
CVEadded 2019/06/12 2:29 p.m.78 views

CVE-2019-1038

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerabili...

7.6CVSS7AI score0.03992EPSS
CVE
CVEadded 2020/09/11 5:15 p.m.78 views

CVE-2020-1506

An elevation of privilege vulnerability exists in the way that the Wininit.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.There are multiple ways an attacker could exploit the vulnerability:In a web-based attack s...

8.8CVSS7.3AI score0.03529EPSS
CVE
CVEadded 2014/08/12 9:55 p.m.77 views

CVE-2014-2824

Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3CVSS7.8AI score0.18901EPSS
CVE
CVEadded 2014/10/15 10:55 a.m.77 views

CVE-2014-4124

Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-4123.

6.8CVSS6.7AI score0.28207EPSS
In wild
CVE
CVEadded 2014/10/15 10:55 a.m.77 views

CVE-2014-4141

Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3CVSS7.7AI score0.28787EPSS
CVE
CVEadded 2014/11/11 10:55 p.m.77 views

CVE-2014-6342

Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-6348.

9.3CVSS7.6AI score0.24067EPSS
CVE
CVEadded 2017/10/13 1:29 p.m.77 views

CVE-2017-11810

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the sc...

7.6CVSS7.8AI score0.78672EPSS
CVE
CVEadded 2017/11/15 3:29 a.m.77 views

CVE-2017-11848

Internet Explorer in Microsoft Microsoft Windows 7 SP1, Windows Server 2008 SP2, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to detect the navigation of the user leaving ...

4.3CVSS5.2AI score0.08911EPSS
CVE
CVEadded 2017/08/08 9:29 p.m.77 views

CVE-2017-8635

Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to the way that JavaSc...

7.6CVSS7.9AI score0.82712EPSS
CVE
CVEadded 2018/05/09 7:29 p.m.77 views

CVE-2018-8114

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-20...

7.6CVSS7.8AI score0.77559EPSS
CVE
CVEadded 2007/06/06 9:30 p.m.76 views

CVE-2007-3091

Race condition in Microsoft Internet Explorer 6 SP1; 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code or perform other actions upon a page transition, with the permissions of ...

7.1CVSS7.2AI score0.18448EPSS
CVE
CVEadded 2008/01/25 1:0 a.m.76 views

CVE-2008-0454

Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.6.0.244, and earlier 3.5.x and 3.6.x versions, on Windows allows user-assisted remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via the Title field of a (1) Dailymotion and possibly (...

9.3CVSS6.2AI score0.41318EPSS
Total number of security vulnerabilities1635