Total
1742 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-1539 | 1 Microsoft | 4 Internet Explorer, Windows 7, Windows Server 2008 and 1 more | 2025-04-11 | 9.3 HIGH | 8.1 HIGH |
| Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreePos Use After Free Vulnerability." | |||||
| CVE-2014-0278 | 1 Microsoft | 1 Internet Explorer | 2025-04-11 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0277 and CVE-2014-0279. | |||||
| CVE-2013-3206 | 1 Microsoft | 1 Internet Explorer | 2025-04-11 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3201, CVE-2013-3203, CVE-2013-3207, and CVE-2013-3209. | |||||
| CVE-2011-1995 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2025-04-11 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "OLEAuto32.dll Remote Code Execution Vulnerability." | |||||
| CVE-2013-3117 | 1 Microsoft | 1 Internet Explorer | 2025-04-11 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3122 and CVE-2013-3124. | |||||
| CVE-2010-1127 | 1 Microsoft | 1 Internet Explorer | 2025-04-11 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer 6 and 7 does not initialize certain data structures during execution of the createElement method, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code, as demonstrated by setting the (1) outerHTML or (2) value property of an object returned by createElement. | |||||
| CVE-2010-1118 | 1 Microsoft | 2 Internet Explorer, Windows 7 | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Internet Explorer 8 on Microsoft Windows 7 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a use-after-free issue, as demonstrated by Peter Vreugdenhil during a Pwn2Own competition at CanSecWest 2010. | |||||
| CVE-2014-0293 | 1 Microsoft | 1 Internet Explorer | 2025-04-11 | 4.3 MEDIUM | N/A |
| Microsoft Internet Explorer 9 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability." | |||||
| CVE-2011-4345 | 2 Microsoft, Namazu | 2 Internet Explorer, Namazu | 2025-04-11 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in Namazu before 2.0.21, when Internet Explorer 6 or 7 is used, allows remote attackers to inject arbitrary web script or HTML via a cookie. | |||||
| CVE-2011-1245 | 1 Microsoft | 6 Internet Explorer, Windows 2003 Server, Windows Server 2003 and 3 more | 2025-04-11 | 4.3 MEDIUM | N/A |
| Microsoft Internet Explorer 6 and 7 does not properly restrict script access to content from a (1) different domain or (2) different zone, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Javascript Information Disclosure Vulnerability." | |||||
| CVE-2013-3150 | 1 Microsoft | 1 Internet Explorer | 2025-04-11 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3145. | |||||
| CVE-2014-0276 | 1 Microsoft | 1 Internet Explorer | 2025-04-11 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | |||||
| CVE-2010-0808 | 1 Microsoft | 3 Internet Explorer, Windows Vista, Windows Xp | 2025-04-11 | 2.6 LOW | N/A |
| Microsoft Internet Explorer 6 and 7 on Windows XP and Vista does not prevent script from simulating user interaction with the AutoComplete feature, which allows remote attackers to obtain sensitive form information via a crafted web site, aka "AutoComplete Information Disclosure Vulnerability." | |||||
| CVE-2013-0030 | 1 Microsoft | 9 Internet Explorer, Windows 7, Windows 8 and 6 more | 2025-04-11 | 9.3 HIGH | N/A |
| The Vector Markup Language (VML) implementation in Microsoft Internet Explorer 6 through 10 does not properly allocate buffers, which allows remote attackers to execute arbitrary code via a crafted web site, aka "VML Memory Corruption Vulnerability." | |||||
| CVE-2010-2119 | 1 Microsoft | 1 Internet Explorer | 2025-04-11 | 4.3 MEDIUM | N/A |
| Microsoft Internet Explorer 6.0.2900.2180 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid nntp:// URIs. | |||||
| CVE-2011-1260 | 1 Microsoft | 7 Internet Explorer, Windows 2003 Server, Windows 7 and 4 more | 2025-04-11 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Layout Memory Corruption Vulnerability." | |||||
| CVE-2010-1175 | 1 Microsoft | 3 Internet Explorer, Windows 2003 Server, Windows Xp | 2025-04-11 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 7.0 on Windows XP and Windows Server 2003 allows remote attackers to have an unspecified impact via a certain XML document that references a crafted web site in the SRC attribute of an image element, related to a "0day Vulnerability." | |||||
| CVE-2011-1993 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2025-04-11 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Scroll Event Remote Code Execution Vulnerability." | |||||
| CVE-2010-0488 | 1 Microsoft | 7 Internet Explorer, Windows 2000, Windows 2003 Server and 4 more | 2025-04-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 does not properly handle unspecified "encoding strings," which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site, aka "Post Encoding Information Disclosure Vulnerability." | |||||
| CVE-2011-1992 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2025-04-11 | 4.3 MEDIUM | N/A |
| The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to read content from a different (1) domain or (2) zone via a "trial and error" attack, aka "XSS Filter Information Disclosure Vulnerability." | |||||