Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Internet_explorer
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 1640 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2015-10-14 | CVE-2015-6042 | Use-after-free vulnerability in the CWindow object implementation in Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | Internet_explorer | N/A | ||
| 2015-10-14 | CVE-2015-6048 | Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6049. | Internet_explorer | N/A | ||
| 2015-10-14 | CVE-2015-6051 | Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Internet Explorer Elevation of Privilege Vulnerability." | Internet_explorer | N/A | ||
| 2019-06-12 | CVE-2019-0988 | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0920, CVE-2019-1005, CVE-2019-1055, CVE-2019-1080. | Internet_explorer | 7.5 | ||
| 2011-09-06 | CVE-2011-3389 | The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the... | Ubuntu_linux, Debian_linux, Chrome, Curl, Internet_explorer, Windows, Firefox, Opera_browser, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_workstation, Simatic_rf615r_firmware, Simatic_rf68xr_firmware | N/A | ||
| 2017-06-15 | CVE-2017-8529 | Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, and Windows Server 2012 and R2 allow an attacker to detect specific files on the user's computer when affected Microsoft scripting engines do not properly handle objects in memory, aka "Microsoft Browser Information Disclosure Vulnerability". | Edge, Internet_explorer | 6.5 | ||
| 1997-04-01 | CVE-1999-0280 | Remote command execution in Microsoft Internet Explorer using .lnk and .url files. | Internet_explorer | N/A | ||
| 1997-11-01 | CVE-1999-0967 | Buffer overflow in the HTML library used by Internet Explorer, Outlook Express, and Windows Explorer via the res: local resource protocol. | Internet_explorer, Outlook_express, Windows_explorer | N/A | ||
| 1998-01-01 | CVE-1999-0331 | Buffer overflow in Internet Explorer 4.0(1). | Internet_explorer | N/A | ||
| 1998-04-01 | CVE-1999-0537 | A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc. | Internet_explorer, Communicator | N/A |