Search Results (Refine Search)
- CPE Product Version: cpe:/a:microsoft:internet_explorer:10
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2017-0040 |
The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." This vulnerability is different from that described in CVE-2017-0130. Published: March 16, 2017; 8:59:01 PM -0400 |
V3.0: 7.5 HIGH V2.0: 7.6 HIGH |
CVE-2017-0018 |
Microsoft Internet Explorer 10 and 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0037 and CVE-2017-0149. Published: March 16, 2017; 8:59:00 PM -0400 |
V3.0: 7.5 HIGH V2.0: 7.6 HIGH |
CVE-2017-0009 |
Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0011, CVE-2017-0017, CVE-2017-0065, and CVE-2017-0068. Published: March 16, 2017; 8:59:00 PM -0400 |
V3.0: 4.3 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-0008 |
Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009 and CVE-2017-0059. Published: March 16, 2017; 8:59:00 PM -0400 |
V3.0: 4.3 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-7284 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability." Published: December 20, 2016; 1:59:01 AM -0500 |
V3.0: 4.3 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-7283 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." Published: December 20, 2016; 1:59:01 AM -0500 |
V3.0: 8.8 HIGH V2.0: 9.3 HIGH |
CVE-2016-7282 |
Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability." Published: December 20, 2016; 1:59:01 AM -0500 |
V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-7281 |
The Web Workers implementation in Microsoft Internet Explorer 10 and 11 and Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Browser Security Feature Bypass Vulnerability." Published: December 20, 2016; 1:59:01 AM -0500 |
V3.0: 5.3 MEDIUM V2.0: 2.6 LOW |
CVE-2016-7279 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." Published: December 20, 2016; 1:59:00 AM -0500 |
V3.0: 7.5 HIGH V2.0: 7.6 HIGH |
CVE-2016-7278 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Windows Hyperlink Object Library Information Disclosure Vulnerability." Published: December 20, 2016; 1:59:00 AM -0500 |
V3.0: 5.3 MEDIUM V2.0: 2.6 LOW |
CVE-2016-7239 |
The RegEx class in the XSS filter in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allows remote attackers to conduct cross-site scripting (XSS) attacks and obtain sensitive information via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability." Published: November 10, 2016; 1:59:52 AM -0500 |
V3.0: 3.1 LOW V2.0: 2.6 LOW |
CVE-2016-7227 |
The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the existence of local files via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability." Published: November 10, 2016; 1:59:40 AM -0500 |
V3.0: 3.1 LOW V2.0: 2.6 LOW |
CVE-2016-7199 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to bypass the Same Origin Policy and obtain sensitive window-state information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." Published: November 10, 2016; 1:59:14 AM -0500 |
V3.0: 3.1 LOW V2.0: 2.6 LOW |
CVE-2016-7198 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7195. Published: November 10, 2016; 1:59:13 AM -0500 |
V3.0: 7.5 HIGH V2.0: 7.6 HIGH |
CVE-2016-7196 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." Published: November 10, 2016; 1:59:12 AM -0500 |
V3.0: 7.5 HIGH V2.0: 7.6 HIGH |
CVE-2016-7195 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7198. Published: November 10, 2016; 1:59:11 AM -0500 |
V3.0: 7.5 HIGH V2.0: 7.6 HIGH |
CVE-2016-3391 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow context-dependent attackers to discover credentials by leveraging access to a memory dump, aka "Microsoft Browser Information Disclosure Vulnerability." Published: October 13, 2016; 10:59:28 PM -0400 |
V3.0: 5.3 MEDIUM V2.0: 2.6 LOW |
CVE-2016-3388 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsoft Browser Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3387. Published: October 13, 2016; 10:59:24 PM -0400 |
V3.0: 5.3 MEDIUM V2.0: 2.6 LOW |
CVE-2016-3387 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsoft Browser Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3388. Published: October 13, 2016; 10:59:23 PM -0400 |
V3.0: 7.5 HIGH V2.0: 6.8 MEDIUM |
CVE-2016-3385 |
The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." Published: October 13, 2016; 10:59:21 PM -0400 |
V3.0: 7.5 HIGH V2.0: 9.3 HIGH |