Vulnerabilities (CVE)

Filtered by vendor Microsoft Subscribe
Filtered by product Internet Explorer
Total 1155 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-1380 1 Microsoft 9 Internet Explorer, Windows 10, Windows 7 and 6 more 2021-06-09 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1555, CVE-2020-1570.
CVE-2021-26419 1 Microsoft 9 Internet Explorer, Windows 10, Windows 7 and 6 more 2021-05-17 7.6 HIGH 7.5 HIGH
Scripting Engine Memory Corruption Vulnerability
CVE-2013-3893 1 Microsoft 1 Internet Explorer 2021-05-17 9.3 HIGH N/A
Use-after-free vulnerability in the SetMouseCapture implementation in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript strings, as demonstrated by use of an ms-help: URL that triggers loading of hxds.dll.
CVE-2020-0674 1 Microsoft 8 Internet Explorer, Windows 10, Windows 7 and 5 more 2021-05-13 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767.
CVE-2008-5529 1 Microsoft 1 Internet Explorer 2021-04-09 9.3 HIGH N/A
CA eTrust Antivirus 31.6.6086, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit.
CVE-2021-27085 1 Microsoft 3 Internet Explorer, Windows 10, Windows Server 2019 2021-03-19 7.6 HIGH 7.5 HIGH
Internet Explorer Remote Code Execution Vulnerability
CVE-2021-26411 1 Microsoft 10 Edge, Internet Explorer, Windows 10 and 7 more 2021-03-18 5.1 MEDIUM 7.5 HIGH
Internet Explorer Memory Corruption Vulnerability
CVE-2004-0978 1 Microsoft 7 Internet Explorer, Windows 2000, Windows 98se and 4 more 2020-12-09 10.0 HIGH N/A
Heap-based buffer overflow in the Hrtbeat.ocx (Heartbeat) ActiveX control for Internet Explorer 5.01 through 6, when users who visit online gaming sites that are associated with MSN, allows remote attackers to execute arbitrary code via the SetupData parameter.
CVE-2020-17052 1 Microsoft 10 Edge, Internet Explorer, Windows 10 and 7 more 2020-11-23 6.8 MEDIUM 8.1 HIGH
Scripting Engine Memory Corruption Vulnerability
CVE-2020-17053 1 Microsoft 3 Internet Explorer, Windows 10, Windows Server 2019 2020-11-18 7.6 HIGH 7.5 HIGH
Internet Explorer Memory Corruption Vulnerability
CVE-2020-17058 1 Microsoft 5 Edge, Internet Explorer, Windows 10 and 2 more 2020-11-18 7.6 HIGH 7.5 HIGH
Microsoft Browser Memory Corruption Vulnerability
CVE-2015-0312 4 Adobe, Apple, Linux and 1 more 8 Flash Player, Flash Player Desktop Runtime, Mac Os and 5 more 2020-09-29 9.3 HIGH N/A
Double free vulnerability in Adobe Flash Player before 13.0.0.264 and 14.x through 16.x before 16.0.0.296 on Windows and OS X and before 11.2.202.440 on Linux allows attackers to execute arbitrary code via unspecified vectors.
CVE-2013-0094 1 Microsoft 9 Internet Explorer, Windows 7, Windows 8 and 6 more 2020-09-28 9.3 HIGH N/A
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer removeChild Use After Free Vulnerability."
CVE-2013-0093 1 Microsoft 9 Internet Explorer, Windows 7, Windows 8 and 6 more 2020-09-28 9.3 HIGH N/A
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer onBeforeCopy Use After Free Vulnerability."
CVE-2013-0023 1 Microsoft 7 Internet Explorer, Windows 7, Windows 8 and 4 more 2020-09-28 9.3 HIGH N/A
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CDispNode Use After Free Vulnerability."
CVE-2012-4792 1 Microsoft 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more 2020-09-28 9.3 HIGH N/A
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly allocated or (2) is deleted, as demonstrated by a CDwnBindInfo object, and exploited in the wild in December 2012.
CVE-2012-4782 1 Microsoft 7 Internet Explorer, Windows 7, Windows 8 and 4 more 2020-09-28 9.3 HIGH N/A
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "CMarkup Use After Free Vulnerability."
CVE-2013-0026 1 Microsoft 4 Internet Explorer, Windows 7, Windows Server 2008 and 1 more 2020-09-28 9.3 HIGH N/A
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer InsertElement Use After Free Vulnerability."
CVE-2013-0024 1 Microsoft 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more 2020-09-28 9.3 HIGH N/A
Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer pasteHTML Use After Free Vulnerability."
CVE-2012-1539 1 Microsoft 4 Internet Explorer, Windows 7, Windows Server 2008 and 1 more 2020-09-28 9.3 HIGH N/A
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreePos Use After Free Vulnerability."