Total
1740 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-8457 | 1 Microsoft | 9 Edge, Internet Explorer, Windows 10 and 6 more | 2023-12-10 | 7.6 HIGH | 7.5 HIGH |
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-8354, CVE-2018-8391, CVE-2018-8456, CVE-2018-8459. | |||||
CVE-2018-8452 | 1 Microsoft | 10 Chakracore, Edge, Internet Explorer and 7 more | 2023-12-10 | 4.3 MEDIUM | 4.3 MEDIUM |
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers, aka "Scripting Engine Information Disclosure Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. | |||||
CVE-2018-8351 | 1 Microsoft | 9 Edge, Internet Explorer, Windows 10 and 6 more | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
An information disclosure vulnerability exists when affected Microsoft browsers improperly allow cross-frame interaction, aka "Microsoft Browser Information Disclosure Vulnerability." This affects Internet Explorer 11, Microsoft Edge, Internet Explorer 10. | |||||
CVE-2018-17039 | 2 1234n, Microsoft | 2 Minicms, Internet Explorer | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
MiniCMS 1.10, when Internet Explorer is used, allows XSS via a crafted URI because $_SERVER['REQUEST_URI'] is mishandled. | |||||
CVE-2018-8631 | 1 Microsoft | 9 Internet Explorer, Windows 10, Windows 7 and 6 more | 2023-12-10 | 7.6 HIGH | 7.5 HIGH |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. | |||||
CVE-2018-8447 | 1 Microsoft | 8 Internet Explorer, Windows 10, Windows 7 and 5 more | 2023-12-10 | 7.6 HIGH | 7.5 HIGH |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8461. | |||||
CVE-2018-8372 | 1 Microsoft | 10 Chakracore, Edge, Internet Explorer and 7 more | 2023-12-10 | 7.6 HIGH | 7.5 HIGH |
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390. | |||||
CVE-2018-8470 | 1 Microsoft | 5 Internet Explorer, Windows 10, Windows 7 and 2 more | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
A security feature bypass vulnerability exists in Internet Explorer due to how scripts are handled that allows a universal cross-site scripting (UXSS) condition, aka "Internet Explorer Security Feature Bypass Vulnerability." This affects Internet Explorer 11. | |||||
CVE-2019-0541 | 1 Microsoft | 13 Excel Viewer, Internet Explorer, Office and 10 more | 2023-12-10 | 9.3 HIGH | 8.8 HIGH |
A remote code execution vulnerability exists in the way that the MSHTML engine inproperly validates input, aka "MSHTML Engine Remote Code Execution Vulnerability." This affects Microsoft Office, Microsoft Office Word Viewer, Internet Explorer 9, Internet Explorer 11, Microsoft Excel Viewer, Internet Explorer 10, Office 365 ProPlus. | |||||
CVE-2018-8371 | 1 Microsoft | 8 Internet Explorer, Windows 10, Windows 7 and 5 more | 2023-12-10 | 7.6 HIGH | 7.5 HIGH |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390. | |||||
CVE-2018-8643 | 1 Microsoft | 9 Internet Explorer, Windows 10, Windows 7 and 6 more | 2023-12-10 | 7.6 HIGH | 7.5 HIGH |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. | |||||
CVE-2018-8357 | 1 Microsoft | 4 Edge, Internet Explorer, Windows 10 and 1 more | 2023-12-10 | 5.1 MEDIUM | 8.3 HIGH |
An elevation of privilege vulnerability exists in Microsoft browsers allowing sandbox escape, aka "Microsoft Browser Elevation of Privilege Vulnerability." This affects Internet Explorer 11, Microsoft Edge. | |||||
CVE-2018-8403 | 1 Microsoft | 9 Edge, Internet Explorer, Windows 10 and 6 more | 2023-12-10 | 7.6 HIGH | 7.5 HIGH |
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability." This affects Internet Explorer 11, Microsoft Edge, Internet Explorer 10. | |||||
CVE-2018-8625 | 1 Microsoft | 9 Internet Explorer, Windows 10, Windows 7 and 6 more | 2023-12-10 | 7.6 HIGH | 7.5 HIGH |
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. | |||||
CVE-2018-8385 | 1 Microsoft | 10 Chakracore, Edge, Internet Explorer and 7 more | 2023-12-10 | 7.6 HIGH | 7.5 HIGH |
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8389, CVE-2018-8390. | |||||
CVE-2018-8619 | 1 Microsoft | 9 Internet Explorer, Windows 10, Windows 7 and 6 more | 2023-12-10 | 7.6 HIGH | 7.5 HIGH |
A remote code execution vulnerability exists when the Internet Explorer VBScript execution policy does not properly restrict VBScript under specific conditions, aka "Internet Explorer Remote Code Execution Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. | |||||
CVE-2018-0927 | 1 Microsoft | 9 Edge, Internet Explorer, Windows 10 and 6 more | 2023-12-10 | 4.3 MEDIUM | 4.3 MEDIUM |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows information disclosure, due to how Microsoft browsers handle objects in memory, aka "Microsoft Browser Information Disclosure Vulnerability". | |||||
CVE-2018-0981 | 1 Microsoft | 8 Internet Explorer, Windows 10, Windows 7 and 5 more | 2023-12-10 | 2.6 LOW | 5.3 MEDIUM |
An information disclosure vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Information Disclosure Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-0987, CVE-2018-0989, CVE-2018-1000. | |||||
CVE-2018-8145 | 1 Microsoft | 10 Chakracore, Edge, Internet Explorer and 7 more | 2023-12-10 | 7.6 HIGH | 7.5 HIGH |
An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user's computer or data, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-0943, CVE-2018-8130, CVE-2018-8133, CVE-2018-8177. | |||||
CVE-2018-0942 | 1 Microsoft | 8 Internet Explorer, Windows 10, Windows 7 and 5 more | 2023-12-10 | 2.1 LOW | 2.6 LOW |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allow elevation of privilege, due to how Internet Explorer handles zone and integrity settings, aka "Internet Explorer Elevation of Privilege Vulnerability". |