VYPR

Internet Explorer

by Microsoft

CVEs (1,725)

  • CVE-2018-0949MedJul 11, 2018
    risk 0.43cvss 6.5epss 0.11

    A security feature bypass vulnerability exists when Microsoft Internet Explorer improperly handles requests involving UNC resources, aka "Internet Explorer Security Feature Bypass Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10.

  • CVE-2018-8113MedJun 14, 2018
    risk 0.43cvss 6.5epss 0.05

    A security feature bypass vulnerability exists in Internet Explorer that allows for bypassing Mark of the Web Tagging (MOTW), aka "Internet Explorer Security Feature Bypass Vulnerability." This affects Internet Explorer 11.

  • CVE-2018-1022HigMay 9, 2018
    risk 0.43cvss 7.5epss 0.14

    A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from…

  • CVE-2018-0954HigMay 9, 2018
    risk 0.43cvss 7.5epss 0.14

    A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, ChakraCore, Internet Explorer 11, Microsoft Edge, Internet…

  • CVE-2017-8602MedJul 11, 2017
    risk 0.43cvss 6.5epss 0.05

    Microsoft browsers on Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow a spoofing vulnerability in the way they parse HTTP content, aka "Microsoft…

  • CVE-2017-8592MedJul 11, 2017
    risk 0.43cvss 6.5epss 0.08

    Microsoft browsers on when Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows RT 8.1, and Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow a security feature bypass vulnerability when they improperly handle…

  • CVE-2017-8529MedJun 15, 2017
    risk 0.43cvss 6.5epss 0.14

    Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, and Windows Server 2012 and R2 allow an attacker to detect specific files on the user's computer when affected Microsoft scripting engines do not properly handle objects in…

  • CVE-2017-0064MedMay 12, 2017
    risk 0.43cvss 6.5epss 0.05

    A security feature bypass vulnerability exists in Internet Explorer that allows for bypassing Mixed Content warnings, aka "Internet Explorer Security Feature Bypass Vulnerability."

  • CVE-2016-3390HigOct 14, 2016
    risk 0.43cvss 7.5epss 0.17

    The scripting engines in Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as demonstrated by the Chakra JavaScript engine, aka "Scripting Engine Memory…

  • CVE-2016-3382HigOct 14, 2016
    risk 0.43cvss 7.5epss 0.17

    The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as demonstrated by the Chakra JavaScript engine, aka "Scripting Engine…

  • CVE-2016-3245MedJul 13, 2016
    risk 0.43cvss 6.5epss 0.15

    Microsoft Internet Explorer 9 through 11 allows remote attackers to trick users into making TCP connections to a restricted port via a crafted web site, aka "Internet Explorer Security Feature Bypass Vulnerability."

  • CVE-2016-0162MedKEVApr 12, 2016
    risk 0.42cvss 4.3epss 0.22

    Microsoft Internet Explorer 9 through 11 allows remote attackers to determine the existence of files via crafted JavaScript code, aka "Internet Explorer Information Disclosure Vulnerability."

  • CVE-2011-1252MedJun 16, 2011
    risk 0.41cvss 6.1epss 0.14

    Cross-site scripting (XSS) vulnerability in the SafeHTML function in the toStaticHTML API in Microsoft Internet Explorer 7 and 8, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Groove Server 2010 Gold and SP1, Windows SharePoint Services 3.0 SP2,…

  • CVE-2018-8470MedSep 13, 2018
    risk 0.40cvss 6.1epss 0.03

    A security feature bypass vulnerability exists in Internet Explorer due to how scripts are handled that allows a universal cross-site scripting (UXSS) condition, aka "Internet Explorer Security Feature Bypass Vulnerability." This affects Internet Explorer 11.

  • CVE-2016-7282MedDec 20, 2016
    risk 0.40cvss 6.1epss 0.09

    Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability."

  • CVE-2016-3388MedOct 14, 2016
    risk 0.40cvss 5.3epss 0.28

    Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsoft Browser Elevation of Privilege Vulnerability," a different vulnerability than…

  • CVE-2016-3212MedJun 16, 2016
    risk 0.40cvss 6.1epss 0.10

    The XSS Filter in Microsoft Internet Explorer 9 through 11 does not properly identify JavaScript, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site, aka "Internet Explorer XSS Filter Vulnerability."

  • CVE-2012-1872MedJun 12, 2012
    risk 0.40cvss 6.1epss 0.06

    Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to inject arbitrary web script or HTML via crafted character sequences with EUC-JP encoding, aka "EUC-JP Character Encoding Vulnerability."

  • CVE-2017-11906MedDec 12, 2017
    risk 0.39cvss 5.3epss 0.25

    Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the…

  • CVE-2016-3277MedJul 13, 2016
    risk 0.37cvss 5.3epss 0.32

    Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."

Page 14 of 87