Vulnerabilities (CVE)

Filtered by vendor Microsoft Subscribe
Filtered by product Internet Explorer
Total 1737 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-3023 2 Fswiki, Microsoft 2 Freestyle Wiki, Internet Explorer 2022-05-14 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in FreeStyle Wiki 3.6.2 and earlier, and 3.6.3 dev3 and earlier development versions, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2005-1799.
CVE-2015-4000 12 Apple, Canonical, Debian and 9 more 25 Iphone Os, Mac Os X, Safari and 22 more 2022-05-13 4.3 MEDIUM 3.7 LOW
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
CVE-2021-26419 1 Microsoft 9 Internet Explorer, Windows 10, Windows 7 and 6 more 2022-05-03 7.6 HIGH 7.5 HIGH
Scripting Engine Memory Corruption Vulnerability
CVE-2021-26411 1 Microsoft 10 Edge, Internet Explorer, Windows 10 and 7 more 2022-05-03 5.1 MEDIUM 7.5 HIGH
Internet Explorer Memory Corruption Vulnerability
CVE-2020-1380 1 Microsoft 9 Internet Explorer, Windows 10, Windows 7 and 6 more 2022-04-28 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1555, CVE-2020-1570.
CVE-2011-2001 1 Microsoft 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more 2022-03-01 9.3 HIGH N/A
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an attempted access to a virtual function table after corruption of this table has occurred, aka "Virtual Function Table Corruption Remote Code Execution Vulnerability."
CVE-2012-0171 1 Microsoft 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more 2022-03-01 9.3 HIGH N/A
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "SelectAll Remote Code Execution Vulnerability."
CVE-2012-0169 1 Microsoft 4 Internet Explorer, Windows 7, Windows Server 2008 and 1 more 2022-03-01 9.3 HIGH N/A
Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "JScript9 Remote Code Execution Vulnerability."
CVE-2012-0168 1 Microsoft 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more 2022-03-01 7.6 HIGH N/A
Microsoft Internet Explorer 6 through 9 allows user-assisted remote attackers to execute arbitrary code via a crafted HTML document that is not properly handled during a "Print table of links" print operation, aka "Print Feature Remote Code Execution Vulnerability."
CVE-2012-0155 1 Microsoft 4 Internet Explorer, Windows 7, Windows Server 2008 and 1 more 2022-03-01 9.3 HIGH N/A
Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "VML Remote Code Execution Vulnerability."
CVE-2012-0012 1 Microsoft 4 Internet Explorer, Windows 7, Windows Server 2008 and 1 more 2022-03-01 4.3 MEDIUM N/A
Microsoft Internet Explorer 9 does not properly handle the creation and initialization of string objects, which allows remote attackers to read data from arbitrary process-memory locations via a crafted web site, aka "Null Byte Information Disclosure Vulnerability."
CVE-2012-0011 1 Microsoft 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more 2022-03-01 9.3 HIGH N/A
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "HTML Layout Remote Code Execution Vulnerability."
CVE-2012-0010 1 Microsoft 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more 2022-03-01 4.3 MEDIUM N/A
Microsoft Internet Explorer 6 through 9 does not properly perform copy-and-paste operations, which allows user-assisted remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Copy and Paste Information Disclosure Vulnerability."
CVE-2011-3404 1 Microsoft 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more 2022-03-01 4.3 MEDIUM N/A
Microsoft Internet Explorer 6 through 9 does not properly use the Content-Disposition HTTP header to control rendering of the HTTP response body, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Content-Disposition Information Disclosure Vulnerability."
CVE-2011-2019 1 Microsoft 3 Internet Explorer, Windows 7, Windows Server 2008 2022-03-01 9.3 HIGH N/A
Untrusted search path vulnerability in Microsoft Internet Explorer 9 on Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains an HTML file, aka "Internet Explorer Insecure Library Loading Vulnerability."
CVE-2011-1992 1 Microsoft 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more 2022-03-01 4.3 MEDIUM N/A
The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to read content from a different (1) domain or (2) zone via a "trial and error" attack, aka "XSS Filter Information Disclosure Vulnerability."
CVE-2011-2000 1 Microsoft 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more 2022-02-28 9.3 HIGH N/A
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Body Element Remote Code Execution Vulnerability."
CVE-2011-1999 1 Microsoft 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more 2022-02-28 9.3 HIGH N/A
Microsoft Internet Explorer 8 does not properly allocate and access memory, which allows remote attackers to execute arbitrary code via vectors involving a "dereferenced memory address," aka "Select Element Remote Code Execution Vulnerability."
CVE-2011-1998 1 Microsoft 4 Internet Explorer, Windows 7, Windows Server 2008 and 1 more 2022-02-28 9.3 HIGH N/A
Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "Jscript9.dll Remote Code Execution Vulnerability."
CVE-2011-1996 1 Microsoft 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more 2022-02-28 9.3 HIGH N/A
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Option Element Remote Code Execution Vulnerability."