) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2016-7195 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7198. Published: November 10, 2016; 1:59:11 AM -0500 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 7.6 HIGH |
| CVE-2016-3391 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow context-dependent attackers to discover credentials by leveraging access to a memory dump, aka "Microsoft Browser Information Disclosure Vulnerability." Published: October 13, 2016; 10:59:28 PM -0400 |
V4.0:(not available) V3.0: 5.3 MEDIUM V2.0: 2.6 LOW |
| CVE-2016-3388 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsoft Browser Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3387. Published: October 13, 2016; 10:59:24 PM -0400 |
V4.0:(not available) V3.0: 5.3 MEDIUM V2.0: 2.6 LOW |
| CVE-2016-3387 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsoft Browser Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3388. Published: October 13, 2016; 10:59:23 PM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 6.8 MEDIUM |
| CVE-2016-3385 |
The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." Published: October 13, 2016; 10:59:21 PM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 9.3 HIGH |
| CVE-2016-3384 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." Published: October 13, 2016; 10:59:20 PM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 9.3 HIGH |
| CVE-2016-3383 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." Published: October 13, 2016; 10:59:19 PM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 9.3 HIGH |
| CVE-2016-3382 |
The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as demonstrated by the Chakra JavaScript engine, aka "Scripting Engine Memory Corruption Vulnerability." Published: October 13, 2016; 10:59:18 PM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 9.3 HIGH |
| CVE-2016-3298 |
Microsoft Internet Explorer 9 through 11 and the Internet Messaging API in Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow remote attackers to determine the existence of arbitrary files via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability." Published: October 13, 2016; 10:59:13 PM -0400 |
V4.0:(not available) V3.0: 5.3 MEDIUM V2.0: 2.6 LOW |
| CVE-2016-3267 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the existence of unspecified files via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." Published: October 13, 2016; 10:59:11 PM -0400 |
V4.0:(not available) V3.0: 5.3 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2016-3375 |
The OLE Automation mechanism and VBScript scripting engine in Microsoft Internet Explorer 9 through 11, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." Published: September 14, 2016; 6:59:50 AM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 7.6 HIGH |
| CVE-2016-3353 |
Microsoft Internet Explorer 9 through 11 mishandles .url files from the Internet zone, which allows remote attackers to bypass intended access restrictions via a crafted file, aka "Internet Explorer Security Feature Bypass." Published: September 14, 2016; 6:59:26 AM -0400 |
V4.0:(not available) V3.0: 8.3 HIGH V2.0: 5.1 MEDIUM |
| CVE-2016-3351 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." Published: September 14, 2016; 6:59:24 AM -0400 |
V4.0:(not available) V3.0: 3.1 LOW V2.0: 2.6 LOW |
| CVE-2016-3324 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." Published: September 14, 2016; 6:59:14 AM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2016-3297 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." Published: September 14, 2016; 6:59:10 AM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2016-3295 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." Published: September 14, 2016; 6:59:09 AM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.1 MEDIUM |
| CVE-2016-3292 |
Microsoft Internet Explorer 10 and 11 mishandles integrity settings and zone settings, which allows remote attackers to bypass a sandbox protection mechanism via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability." Published: September 14, 2016; 6:59:06 AM -0400 |
V4.0:(not available) V3.0: 5.0 MEDIUM V2.0: 5.1 MEDIUM |
| CVE-2016-3329 |
Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to determine the existence of files via a crafted webpage, aka "Internet Explorer Information Disclosure Vulnerability." Published: August 09, 2016; 5:59:33 PM -0400 |
V4.0:(not available) V3.0: 5.3 MEDIUM V2.0: 2.6 LOW |
| CVE-2016-3327 |
Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to obtain sensitive information via a crafted web page, aka "Microsoft Browser Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3326. Published: August 09, 2016; 5:59:32 PM -0400 |
V4.0:(not available) V3.0: 5.3 MEDIUM V2.0: 2.6 LOW |
| CVE-2016-3326 |
Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to obtain sensitive information via a crafted web page, aka "Microsoft Browser Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3327. Published: August 09, 2016; 5:59:30 PM -0400 |
V4.0:(not available) V3.0: 5.3 MEDIUM V2.0: 2.6 LOW |