Filtered by vendor Microsoft
Subscriptions
Filtered by product Internet Explorer
Subscriptions
Total
1744 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-3329 | 1 Microsoft | 7 Internet Explorer, Windows 2003 Server, Windows 7 and 4 more | 2025-04-11 | N/A |
| mshtmled.dll in Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code via a crafted Microsoft Office document that causes the HtmlDlgHelper class destructor to access uninitialized memory, aka "Uninitialized Memory Corruption Vulnerability." | ||||
| CVE-2010-3340 | 1 Microsoft | 6 Internet Explorer, Windows 2003 Server, Windows Server 2003 and 3 more | 2025-04-11 | N/A |
| Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability." | ||||
| CVE-2010-3342 | 1 Microsoft | 4 Internet Explorer, Windows 7, Windows Vista and 1 more | 2025-04-11 | N/A |
| Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of cached content as HTML, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Cross-Domain Information Disclosure Vulnerability," a different vulnerability than CVE-2010-3348. | ||||
| CVE-2010-3348 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2025-04-11 | N/A |
| Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of cached content as HTML, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Cross-Domain Information Disclosure Vulnerability," a different vulnerability than CVE-2010-3342. | ||||
| CVE-2011-0036 | 1 Microsoft | 7 Internet Explorer, Windows 2003 Server, Windows 7 and 4 more | 2025-04-11 | N/A |
| Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, related to a "dangling pointer," aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2010-2556 and CVE-2011-0035. | ||||
| CVE-2011-1250 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2025-04-11 | N/A |
| Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Link Properties Handling Memory Corruption Vulnerability." | ||||
| CVE-2011-1255 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2025-04-11 | N/A |
| The Timed Interactive Multimedia Extensions (aka HTML+TIME) implementation in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Time Element Memory Corruption Vulnerability." | ||||
| CVE-2011-1266 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2025-04-11 | N/A |
| The Vector Markup Language (VML) implementation in vgx.dll in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "VML Memory Corruption Vulnerability." | ||||
| CVE-2011-1962 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2025-04-11 | N/A |
| Microsoft Internet Explorer 6 through 9 does not properly handle unspecified character sequences, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site that triggers "inactive filtering," aka "Shift JIS Character Encoding Vulnerability." | ||||
| CVE-2011-1963 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2025-04-11 | N/A |
| Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "XSLT Memory Corruption Vulnerability." | ||||
| CVE-2011-1964 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2025-04-11 | N/A |
| Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Style Object Memory Corruption Vulnerability." | ||||
| CVE-2011-2001 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2025-04-11 | N/A |
| Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an attempted access to a virtual function table after corruption of this table has occurred, aka "Virtual Function Table Corruption Remote Code Execution Vulnerability." | ||||
| CVE-2012-1858 | 1 Microsoft | 9 Internet Explorer, Lync, Office Communicator and 6 more | 2025-04-11 | N/A |
| The toStaticHTML API (aka the SafeHTML component) in Microsoft Internet Explorer 8 and 9, Communicator 2007 R2, and Lync 2010 and 2010 Attendee does not properly handle event attributes and script, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted HTML document, aka "HTML Sanitization Vulnerability." | ||||
| CVE-2012-1873 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2025-04-11 | N/A |
| Microsoft Internet Explorer 7 through 9 does not properly create and initialize string data, which allows remote attackers to obtain sensitive information from process memory via a crafted HTML document, aka "Null Byte Information Disclosure Vulnerability." | ||||
| CVE-2012-1880 | 1 Microsoft | 7 Internet Explorer, Windows 2003 Server, Windows 7 and 4 more | 2025-04-11 | N/A |
| Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "insertRow Remote Code Execution Vulnerability." | ||||
| CVE-2013-0088 | 1 Microsoft | 9 Internet Explorer, Windows 7, Windows 8 and 6 more | 2025-04-11 | N/A |
| Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer saveHistory Use After Free Vulnerability." | ||||
| CVE-2013-0090 | 1 Microsoft | 9 Internet Explorer, Windows 7, Windows 8 and 6 more | 2025-04-11 | 8.8 High |
| Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CCaret Use After Free Vulnerability." | ||||
| CVE-2014-0270 | 1 Microsoft | 1 Internet Explorer | 2025-04-11 | N/A |
| Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0273, CVE-2014-0274, and CVE-2014-0288. | ||||
| CVE-2014-0274 | 1 Microsoft | 1 Internet Explorer | 2025-04-11 | N/A |
| Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0270, CVE-2014-0273, and CVE-2014-0288. | ||||
| CVE-2014-0280 | 1 Microsoft | 1 Internet Explorer | 2025-04-11 | N/A |
| Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | ||||