U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): Microsoft Internet Explorer
  • Search Type: Search All
  • Match: Exact
  • CPE Name Search: false
There are 1,235 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2021-43551

A remote attacker with write access to PI Vision could inject code into a display. Unauthorized information disclosure, modification, or deletion is possible if a victim views or interacts with the infected display using Microsoft Internet Explorer. The impact affects PI System data and other data accessible with victim's user permissions.

Published: November 17, 2021; 2:15:09 PM -0500
V4.0:(not available)
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2019-18652

A DOM based XSS vulnerability has been identified on the WatchGuard XMT515 through 12.1.3, allowing a remote attacker to execute JavaScript in the victim's browser by tricking the victim into clicking on a crafted link. The payload was tested in Microsoft Internet Explorer 11.418.18362.0 and Microsoft Edge 44.18362.387.0 (Microsoft EdgeHTML 18.18362).

Published: January 07, 2020; 5:15:12 PM -0500
V4.0:(not available)
V3.1: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2018-0949

A security feature bypass vulnerability exists when Microsoft Internet Explorer improperly handles requests involving UNC resources, aka "Internet Explorer Security Feature Bypass Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10.

Published: July 10, 2018; 8:29:00 PM -0400
V4.0:(not available)
V3.0: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2014-8985

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2810, CVE-2014-2811, CVE-2014-2822, CVE-2014-2823, CVE-2014-4057, and CVE-2014-4145.

Published: February 08, 2018; 6:29:00 PM -0500
V4.0:(not available)
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2014-4145

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2810, CVE-2014-2811, CVE-2014-2822, CVE-2014-2823, CVE-2014-4057, and CVE-2014-8985.

Published: February 08, 2018; 6:29:00 PM -0500
V4.0:(not available)
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2014-4112

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0304.

Published: February 08, 2018; 6:29:00 PM -0500
V4.0:(not available)
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2014-4066

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2787, CVE-2014-2790, CVE-2014-2802, and CVE-2014-2806.

Published: February 08, 2018; 6:29:00 PM -0500
V4.0:(not available)
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2017-8609

Microsoft Internet Explorer in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8596, CVE-2017-8610, CVE-2017-8618, CVE-2017-8619, CVE-2017-8595, CVE-2017-8601, CVE-2017-8603, CVE-2017-8604, CVE-2017-8605, CVE-2017-8606, CVE-2017-8607, CVE-2017-8608, and CVE-2017-8609.

Published: July 11, 2017; 5:29:02 PM -0400
V4.0:(not available)
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2017-0154

Microsoft Internet Explorer 11 on Windows 10, 1511, and 1606 and Windows Server 2016 does not enforce cross-domain policies, allowing attackers to access information from one domain and inject it into another via a crafted application, aka, "Internet Explorer Elevation of Privilege Vulnerability."

Published: March 16, 2017; 8:59:04 PM -0400
V4.0:(not available)
V3.0: 4.4 MEDIUM
V2.0: 5.8 MEDIUM
CVE-2017-0149

Microsoft Internet Explorer 9 through 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0018 and CVE-2017-0037.

Published: March 16, 2017; 8:59:04 PM -0400
V4.0:(not available)
V3.1: 8.8 HIGH
V2.0: 7.6 HIGH
CVE-2017-0130

The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." This vulnerability is different from that described in CVE-2017-0040.

Published: March 16, 2017; 8:59:03 PM -0400
V4.0:(not available)
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2017-0059

Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0008 and CVE-2017-0009.

Published: March 16, 2017; 8:59:01 PM -0400
V4.0:(not available)
V3.1: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-0049

The VBScript engine in Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0018, and CVE-2017-0037.

Published: March 16, 2017; 8:59:01 PM -0400
V4.0:(not available)
V3.0: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-0040

The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." This vulnerability is different from that described in CVE-2017-0130.

Published: March 16, 2017; 8:59:01 PM -0400
V4.0:(not available)
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2017-0033

Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0012 and CVE-2017-0069.

Published: March 16, 2017; 8:59:01 PM -0400
V4.0:(not available)
V3.0: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-0018

Microsoft Internet Explorer 10 and 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0037 and CVE-2017-0149.

Published: March 16, 2017; 8:59:00 PM -0400
V4.0:(not available)
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2017-0012

Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0033 and CVE-2017-0069.

Published: March 16, 2017; 8:59:00 PM -0400
V4.0:(not available)
V3.0: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-0009

Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0011, CVE-2017-0017, CVE-2017-0065, and CVE-2017-0068.

Published: March 16, 2017; 8:59:00 PM -0400
V4.0:(not available)
V3.0: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-0008

Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009 and CVE-2017-0059.

Published: March 16, 2017; 8:59:00 PM -0400
V4.0:(not available)
V3.0: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-0037

Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote attackers to execute arbitrary code via vectors involving a crafted Cascading Style Sheets (CSS) token sequence and crafted JavaScript code that operates on a TH element.

Published: February 26, 2017; 6:59:00 PM -0500
V4.0:(not available)
V3.1: 8.1 HIGH
V2.0: 7.6 HIGH