Skip to main content

Internet Explorer

997 CVEs product

Monthly

CVE-2013-3141 CRITICAL Emergency

Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
31.1%
CVE-2013-3139 CRITICAL Emergency

Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
31.1%
CVE-2013-3126 CRITICAL Act Now

Microsoft Internet Explorer 9 and 10, when script debugging is enabled, does not properly handle objects in memory during the processing of script, which allows remote attackers to execute arbitrary. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 10.8% and no vendor patch available.

Buffer Overflow Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
10.8%
CVE-2013-3125 CRITICAL Emergency

Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
31.1%
CVE-2013-3124 CRITICAL Emergency

Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
31.1%
CVE-2013-3123 CRITICAL Emergency

Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
31.1%
CVE-2013-3122 CRITICAL Emergency

Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
31.1%
CVE-2013-3121 CRITICAL Emergency

Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
31.1%
CVE-2013-3120 CRITICAL POC THREAT Emergency

Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 23.2%.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
23.2%
Threat
4.1
CVE-2013-3119 CRITICAL Emergency

Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
31.1%
CVE-2013-3118 CRITICAL Emergency

Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
31.1%
CVE-2013-3117 CRITICAL Act Now

Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 27.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
27.2%
CVE-2013-3116 CRITICAL Act Now

Microsoft Internet Explorer 7 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 27.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
27.2%
CVE-2013-3114 CRITICAL Emergency

Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
31.1%
CVE-2013-3113 CRITICAL Emergency

Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
31.1%
CVE-2013-3112 CRITICAL Emergency

Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
31.1%
CVE-2013-3111 CRITICAL POC THREAT Emergency

Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 41.5%.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
41.5%
Threat
4.6
CVE-2013-3110 CRITICAL Emergency

Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
31.1%
CVE-2013-1312 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 41.0% and no vendor patch available.

Use After Free Denial Of Service Memory Corruption Microsoft RCE +1
NVD
CVSS 2.0
9.3
EPSS
41.0%
CVE-2013-1311 CRITICAL POC THREAT Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 46.1%.

Use After Free Denial Of Service Memory Corruption Microsoft RCE +1
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
46.1%
Threat
4.7
CVE-2013-1310 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 41.0% and no vendor patch available.

Use After Free Denial Of Service Memory Corruption Microsoft RCE +1
NVD
CVSS 2.0
9.3
EPSS
41.0%
CVE-2013-1309 CRITICAL POC THREAT Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 38.0%.

Use After Free Denial Of Service Memory Corruption Microsoft RCE +1
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
38.0%
Threat
4.5
CVE-2013-1308 CRITICAL Act Now

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 24.8% and no vendor patch available.

Use After Free Denial Of Service Memory Corruption Microsoft RCE +1
NVD
CVSS 2.0
9.3
EPSS
24.8%
CVE-2013-1307 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 41.0% and no vendor patch available.

Use After Free Denial Of Service Memory Corruption Microsoft RCE +1
NVD
CVSS 2.0
9.3
EPSS
41.0%
CVE-2013-1306 CRITICAL POC THREAT Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 16.9%.

Use After Free Denial Of Service Memory Corruption Microsoft RCE +1
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
16.9%
CVE-2013-1297 MEDIUM This Month

Microsoft Internet Explorer 6 through 8 does not properly restrict data access by VBScript, which allows remote attackers to perform cross-domain reading of JSON files via a crafted web site, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 14.5% and no vendor patch available.

Information Disclosure Microsoft Internet Explorer
NVD
CVSS 2.0
4.3
EPSS
14.5%
CVE-2013-0811 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 41.0% and no vendor patch available.

Use After Free Denial Of Service Memory Corruption Microsoft RCE +1
NVD
CVSS 2.0
9.3
EPSS
41.0%
CVE-2013-1338 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 33.5% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
33.5%
CVE-2013-1304 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 36.8% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
36.8%
CVE-2013-1303 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 33.5% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
33.5%
CVE-2013-1288 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 59.1% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
59.1%
CVE-2013-0094 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 59.1% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
59.1%
CVE-2013-0093 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 59.1% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
59.1%
CVE-2013-0092 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 42.3% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
42.3%
CVE-2013-0091 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 39.5% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
39.5%
CVE-2013-0090 HIGH POC THREAT Act Now

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 18.8%.

Denial Of Service Microsoft RCE Internet Explorer
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
18.8%
CVE-2013-0089 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 59.1% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
59.1%
CVE-2013-0088 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 39.5% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
39.5%
CVE-2013-0087 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 59.1% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
59.1%
CVE-2013-2557 HIGH Act Now

The sandbox protection mechanism in Microsoft Internet Explorer 9 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.2% and no vendor patch available.

Buffer Overflow Adobe Denial Of Service Microsoft Internet Explorer
NVD
CVSS 2.0
7.5
EPSS
17.2%
CVE-2013-2552 HIGH Act Now

Unspecified vulnerability in Microsoft Internet Explorer 10 on Windows 8 allows remote attackers to bypass the sandbox protection mechanism by leveraging access to a Medium integrity process, as. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 13.0% and no vendor patch available.

Microsoft Authentication Bypass Internet Explorer
NVD
CVSS 2.0
7.5
EPSS
13.0%
CVE-2013-0030 CRITICAL Emergency

The Vector Markup Language (VML) implementation in Microsoft Internet Explorer 6 through 10 does not properly allocate buffers, which allows remote attackers to execute arbitrary code via a crafted. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.6% and no vendor patch available.

Buffer Overflow Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
31.6%
CVE-2013-0029 HIGH Act Now

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 54.1% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 3.1
7.5
EPSS
54.1%
CVE-2013-0028 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 45.7% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
45.7%
CVE-2013-0027 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 45.7% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
45.7%
CVE-2013-0026 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 45.7% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
45.7%
CVE-2013-0025 CRITICAL POC THREAT Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 86.1%.

Denial Of Service Microsoft RCE Internet Explorer
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
86.1%
Threat
5.9
CVE-2013-0024 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 48.4% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer Windows Server 2008 +1
NVD
CVSS 2.0
9.3
EPSS
48.4%
CVE-2013-0023 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 55.1% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
55.1%
CVE-2013-0022 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 31.0% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 3.1
9.0
EPSS
31.0%
CVE-2013-0021 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 37.4% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
37.4%
CVE-2013-0020 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 41.1% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
41.1%
CVE-2013-0019 CRITICAL POC THREAT Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 32.4%.

Denial Of Service Microsoft RCE Internet Explorer
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
32.4%
Threat
4.3
CVE-2013-0018 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 45.7% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
45.7%
CVE-2013-0015 MEDIUM This Month

Microsoft Internet Explorer 6 through 9 does not properly perform auto-selection of the Shift JIS encoding, which allows remote attackers to read content from a different (1) domain or (2) zone via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 12.7% and no vendor patch available.

Information Disclosure Microsoft Internet Explorer
NVD
CVSS 2.0
4.3
EPSS
12.7%
CVE-2013-1451 MEDIUM POC This Month

Microsoft Internet Explorer 8 and 9, when the Proxy Settings configuration has the same Proxy address and Port values in the HTTP and Secure rows, does not ensure that the SSL lock icon is consistent. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Information Disclosure Microsoft Internet Explorer
NVD Exploit-DB
CVSS 2.0
4.0
EPSS
9.6%
CVE-2013-1450 MEDIUM POC THREAT This Month

Microsoft Internet Explorer 8 and 9, when the Proxy Settings configuration has the same Proxy address and Port values in the HTTP and Secure rows, does not properly reuse TCP sessions to the proxy. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 16.6%.

Information Disclosure Microsoft Internet Explorer
NVD
CVSS 2.0
4.0
EPSS
16.6%
CVE-2012-6502 LOW Monitor

Microsoft Internet Explorer before 10 allows remote attackers to obtain sensitive information about the existence of files, and read certain data from files, via a UNC share pathname in the SRC. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Microsoft Internet Explorer
NVD
CVSS 2.0
2.6
EPSS
6.5%
CVE-2012-4787 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 36.2% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 3.1
9.0
EPSS
36.2%
CVE-2012-4782 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "CMarkup. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 51.4% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
51.4%
CVE-2012-4781 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 49.4% and no vendor patch available.

Code Injection Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
49.4%
CVE-2012-4775 HIGH Act Now

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreeNode Use After Free Vulnerability.". Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 14.8% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 3.1
8.8
EPSS
14.8%
CVE-2012-1539 HIGH Act Now

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreePos Use After Free Vulnerability.". Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 19.0% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 3.1
8.1
EPSS
19.0%
CVE-2012-1538 CRITICAL Act Now

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CFormElement Use After Free Vulnerability.". Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 14.2% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
14.2%
CVE-2012-2557 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 36.9% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
36.9%
CVE-2012-2548 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Layout Use After. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 36.9% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
36.9%
CVE-2012-2546 CRITICAL Act Now

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Event Listener. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 26.8% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
26.8%
CVE-2012-1529 CRITICAL Act Now

Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 26.8% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
26.8%
CVE-2012-2523 CRITICAL Emergency

Integer overflow in Microsoft Internet Explorer 8 and 9, JScript 5.8, and VBScript 5.8 on 64-bit platforms allows remote attackers to execute arbitrary code by leveraging an incorrect size. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 64.7% and no vendor patch available.

Microsoft RCE Internet Explorer Jscript Vbscript
NVD
CVSS 2.0
9.3
EPSS
64.7%
CVE-2012-2522 CRITICAL Emergency

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a malformed virtual function table after this. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 51.9% and no vendor patch available.

Code Injection Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
51.9%
CVE-2012-2521 CRITICAL Emergency

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Asynchronous NULL. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 54.9% and no vendor patch available.

Code Injection Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
54.9%
CVE-2012-1526 CRITICAL Emergency

Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not initialized or (2) is. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 53.2% and no vendor patch available.

Buffer Overflow Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
53.2%
CVE-2012-1524 CRITICAL Emergency

Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Attribute Remove Remote Code. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 51.9% and no vendor patch available.

Code Injection Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
51.9%
CVE-2012-1522 CRITICAL Emergency

Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Cached Object Remote Code. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 54.9% and no vendor patch available.

Code Injection Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
54.9%
CVE-2012-1882 MEDIUM This Month

Microsoft Internet Explorer 6 through 9 does not block cross-domain scrolling events, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 22.9% and no vendor patch available.

Information Disclosure Microsoft Internet Explorer
NVD
CVSS 2.0
4.3
EPSS
22.9%
CVE-2012-1881 CRITICAL Emergency

Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnRowsInserted Event Remote. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 53.0% and no vendor patch available.

Code Injection Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
53.0%
CVE-2012-1880 CRITICAL Emergency

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "insertRow Remote Code. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 53.0% and no vendor patch available.

Code Injection Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
53.0%
CVE-2012-1879 HIGH Act Now

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access an undefined memory location, aka. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 27.7% and no vendor patch available.

Code Injection Microsoft RCE Internet Explorer
NVD
CVSS 3.1
8.1
EPSS
27.7%
CVE-2012-1878 CRITICAL Emergency

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnBeforeDeactivate. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 53.0% and no vendor patch available.

Code Injection Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
53.0%
CVE-2012-1877 CRITICAL Emergency

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Title Element Change. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 53.0% and no vendor patch available.

Code Injection Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
53.0%
CVE-2012-1876 CRITICAL POC THREAT Emergency

Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 87.3%.

Buffer Overflow Code Injection Microsoft RCE Internet Explorer
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
87.3%
Threat
6.0
CVE-2012-1875 CRITICAL POC THREAT Emergency

Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Same ID Property Remote Code. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 82.2%.

Code Injection Microsoft RCE Internet Explorer
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
82.2%
Threat
5.8
CVE-2012-1874 CRITICAL Emergency

Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows user-assisted remote attackers to execute arbitrary code by accessing a deleted object, aka "Developer. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 53.0% and no vendor patch available.

Code Injection Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
53.0%
CVE-2012-1873 MEDIUM This Month

Microsoft Internet Explorer 7 through 9 does not properly create and initialize string data, which allows remote attackers to obtain sensitive information from process memory via a crafted HTML. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 18.6% and no vendor patch available.

Information Disclosure Microsoft Internet Explorer
NVD
CVSS 2.0
4.3
EPSS
18.6%
CVE-2012-1872 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to inject arbitrary web script or HTML via crafted character sequences with EUC-JP. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft XSS Internet Explorer
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2012-1858 MEDIUM POC THREAT This Month

The toStaticHTML API (aka the SafeHTML component) in Microsoft Internet Explorer 8 and 9, Communicator 2007 R2, and Lync 2010 and 2010 Attendee does not properly handle event attributes and script,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 41.4%.

Information Disclosure Microsoft XSS Lync Office Communicator +1
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
41.4%
CVE-2012-1523 CRITICAL Emergency

Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Center Element Remote. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 53.0% and no vendor patch available.

Code Injection Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
53.0%
CVE-2012-0172 CRITICAL Emergency

Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "VML Style Remote Code. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 55.7% and no vendor patch available.

Code Injection Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
55.7%
CVE-2012-0171 CRITICAL PATCH Act Now

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "SelectAll Remote Code. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 53.2%.

Code Injection Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
53.2%
CVE-2012-0170 CRITICAL Emergency

Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnReadyStateChange Remote. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 58.5% and no vendor patch available.

Code Injection Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
58.5%
EPSS 31% CVSS 9.3
CRITICAL Emergency

Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft +2
NVD
EPSS 31% CVSS 9.3
CRITICAL Emergency

Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft +2
NVD
EPSS 11% CVSS 9.3
CRITICAL Act Now

Microsoft Internet Explorer 9 and 10, when script debugging is enabled, does not properly handle objects in memory during the processing of script, which allows remote attackers to execute arbitrary. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 10.8% and no vendor patch available.

Buffer Overflow Microsoft RCE +1
NVD
EPSS 31% CVSS 9.3
CRITICAL Emergency

Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft +2
NVD
EPSS 31% CVSS 9.3
CRITICAL Emergency

Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft +2
NVD
EPSS 31% CVSS 9.3
CRITICAL Emergency

Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft +2
NVD
EPSS 31% CVSS 9.3
CRITICAL Emergency

Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft +2
NVD
EPSS 31% CVSS 9.3
CRITICAL Emergency

Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft +2
NVD
EPSS 23% 4.1 CVSS 9.3
CRITICAL POC THREAT Emergency

Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 23.2%.

Buffer Overflow Denial Of Service Microsoft +2
NVD Exploit-DB
EPSS 31% CVSS 9.3
CRITICAL Emergency

Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft +2
NVD
EPSS 31% CVSS 9.3
CRITICAL Emergency

Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft +2
NVD
EPSS 27% CVSS 9.3
CRITICAL Act Now

Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 27.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft +2
NVD
EPSS 27% CVSS 9.3
CRITICAL Act Now

Microsoft Internet Explorer 7 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 27.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft +2
NVD
EPSS 31% CVSS 9.3
CRITICAL Emergency

Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft +2
NVD
EPSS 31% CVSS 9.3
CRITICAL Emergency

Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft +2
NVD
EPSS 31% CVSS 9.3
CRITICAL Emergency

Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft +2
NVD
EPSS 42% 4.6 CVSS 9.3
CRITICAL POC THREAT Emergency

Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 41.5%.

Buffer Overflow Denial Of Service Microsoft +2
NVD Exploit-DB
EPSS 31% CVSS 9.3
CRITICAL Emergency

Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft +2
NVD
EPSS 41% CVSS 9.3
CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 41.0% and no vendor patch available.

Use After Free Denial Of Service Memory Corruption +3
NVD
EPSS 46% 4.7 CVSS 9.3
CRITICAL POC THREAT Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 46.1%.

Use After Free Denial Of Service Memory Corruption +3
NVD Exploit-DB
EPSS 41% CVSS 9.3
CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 41.0% and no vendor patch available.

Use After Free Denial Of Service Memory Corruption +3
NVD
EPSS 38% 4.5 CVSS 9.3
CRITICAL POC THREAT Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 38.0%.

Use After Free Denial Of Service Memory Corruption +3
NVD Exploit-DB
EPSS 25% CVSS 9.3
CRITICAL Act Now

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 24.8% and no vendor patch available.

Use After Free Denial Of Service Memory Corruption +3
NVD
EPSS 41% CVSS 9.3
CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 41.0% and no vendor patch available.

Use After Free Denial Of Service Memory Corruption +3
NVD
EPSS 17% CVSS 9.3
CRITICAL POC THREAT Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 16.9%.

Use After Free Denial Of Service Memory Corruption +3
NVD Exploit-DB
EPSS 14% CVSS 4.3
MEDIUM This Month

Microsoft Internet Explorer 6 through 8 does not properly restrict data access by VBScript, which allows remote attackers to perform cross-domain reading of JSON files via a crafted web site, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 14.5% and no vendor patch available.

Information Disclosure Microsoft Internet Explorer
NVD
EPSS 41% CVSS 9.3
CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 41.0% and no vendor patch available.

Use After Free Denial Of Service Memory Corruption +3
NVD
EPSS 33% CVSS 9.3
CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 33.5% and no vendor patch available.

Denial Of Service Microsoft RCE +1
NVD
EPSS 37% CVSS 9.3
CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 36.8% and no vendor patch available.

Denial Of Service Microsoft RCE +1
NVD
EPSS 33% CVSS 9.3
CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 33.5% and no vendor patch available.

Denial Of Service Microsoft RCE +1
NVD
EPSS 59% CVSS 9.3
CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 59.1% and no vendor patch available.

Denial Of Service Microsoft RCE +1
NVD
EPSS 59% CVSS 9.3
CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 59.1% and no vendor patch available.

Denial Of Service Microsoft RCE +1
NVD
EPSS 59% CVSS 9.3
CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 59.1% and no vendor patch available.

Denial Of Service Microsoft RCE +1
NVD
EPSS 42% CVSS 9.3
CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 42.3% and no vendor patch available.

Denial Of Service Microsoft RCE +1
NVD
EPSS 40% CVSS 9.3
CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 39.5% and no vendor patch available.

Denial Of Service Microsoft RCE +1
NVD
EPSS 19% CVSS 8.8
HIGH POC THREAT Act Now

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 18.8%.

Denial Of Service Microsoft RCE +1
NVD Exploit-DB
EPSS 59% CVSS 9.3
CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 59.1% and no vendor patch available.

Denial Of Service Microsoft RCE +1
NVD
EPSS 40% CVSS 9.3
CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 39.5% and no vendor patch available.

Denial Of Service Microsoft RCE +1
NVD
EPSS 59% CVSS 9.3
CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 59.1% and no vendor patch available.

Denial Of Service Microsoft RCE +1
NVD
EPSS 17% CVSS 7.5
HIGH Act Now

The sandbox protection mechanism in Microsoft Internet Explorer 9 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.2% and no vendor patch available.

Buffer Overflow Adobe Denial Of Service +2
NVD
EPSS 13% CVSS 7.5
HIGH Act Now

Unspecified vulnerability in Microsoft Internet Explorer 10 on Windows 8 allows remote attackers to bypass the sandbox protection mechanism by leveraging access to a Medium integrity process, as. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 13.0% and no vendor patch available.

Microsoft Authentication Bypass Internet Explorer
NVD
EPSS 32% CVSS 9.3
CRITICAL Emergency

The Vector Markup Language (VML) implementation in Microsoft Internet Explorer 6 through 10 does not properly allocate buffers, which allows remote attackers to execute arbitrary code via a crafted. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.6% and no vendor patch available.

Buffer Overflow Microsoft RCE +1
NVD
EPSS 54% CVSS 7.5
HIGH Act Now

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 54.1% and no vendor patch available.

Denial Of Service Microsoft RCE +1
NVD
EPSS 46% CVSS 9.3
CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 45.7% and no vendor patch available.

Denial Of Service Microsoft RCE +1
NVD
EPSS 46% CVSS 9.3
CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 45.7% and no vendor patch available.

Denial Of Service Microsoft RCE +1
NVD
EPSS 46% CVSS 9.3
CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 45.7% and no vendor patch available.

Denial Of Service Microsoft RCE +1
NVD
EPSS 86% 5.9 CVSS 9.3
CRITICAL POC THREAT Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 86.1%.

Denial Of Service Microsoft RCE +1
NVD Exploit-DB
EPSS 48% CVSS 9.3
CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 48.4% and no vendor patch available.

Denial Of Service Microsoft RCE +3
NVD
EPSS 55% CVSS 9.3
CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 55.1% and no vendor patch available.

Denial Of Service Microsoft RCE +1
NVD
EPSS 31% CVSS 9.0
CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 31.0% and no vendor patch available.

Denial Of Service Microsoft RCE +1
NVD
EPSS 37% CVSS 9.3
CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 37.4% and no vendor patch available.

Denial Of Service Microsoft RCE +1
NVD
EPSS 41% CVSS 9.3
CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 41.1% and no vendor patch available.

Denial Of Service Microsoft RCE +1
NVD
EPSS 32% 4.3 CVSS 9.3
CRITICAL POC THREAT Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 32.4%.

Denial Of Service Microsoft RCE +1
NVD Exploit-DB
EPSS 46% CVSS 9.3
CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 45.7% and no vendor patch available.

Denial Of Service Microsoft RCE +1
NVD
EPSS 13% CVSS 4.3
MEDIUM This Month

Microsoft Internet Explorer 6 through 9 does not properly perform auto-selection of the Shift JIS encoding, which allows remote attackers to read content from a different (1) domain or (2) zone via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 12.7% and no vendor patch available.

Information Disclosure Microsoft Internet Explorer
NVD
EPSS 10% CVSS 4.0
MEDIUM POC This Month

Microsoft Internet Explorer 8 and 9, when the Proxy Settings configuration has the same Proxy address and Port values in the HTTP and Secure rows, does not ensure that the SSL lock icon is consistent. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Information Disclosure Microsoft Internet Explorer
NVD Exploit-DB
EPSS 17% CVSS 4.0
MEDIUM POC THREAT This Month

Microsoft Internet Explorer 8 and 9, when the Proxy Settings configuration has the same Proxy address and Port values in the HTTP and Secure rows, does not properly reuse TCP sessions to the proxy. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 16.6%.

Information Disclosure Microsoft Internet Explorer
NVD
EPSS 7% CVSS 2.6
LOW Monitor

Microsoft Internet Explorer before 10 allows remote attackers to obtain sensitive information about the existence of files, and read certain data from files, via a UNC share pathname in the SRC. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Microsoft Internet Explorer
NVD
EPSS 36% CVSS 9.0
CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 36.2% and no vendor patch available.

Denial Of Service Microsoft RCE +1
NVD
EPSS 51% CVSS 9.3
CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "CMarkup. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 51.4% and no vendor patch available.

Denial Of Service Microsoft RCE +1
NVD
EPSS 49% CVSS 9.3
CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 49.4% and no vendor patch available.

Code Injection Denial Of Service Microsoft +2
NVD
EPSS 15% CVSS 8.8
HIGH Act Now

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreeNode Use After Free Vulnerability.". Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 14.8% and no vendor patch available.

Denial Of Service Microsoft RCE +1
NVD
EPSS 19% CVSS 8.1
HIGH Act Now

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreePos Use After Free Vulnerability.". Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 19.0% and no vendor patch available.

Denial Of Service Microsoft RCE +1
NVD
EPSS 14% CVSS 9.3
CRITICAL Act Now

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CFormElement Use After Free Vulnerability.". Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 14.2% and no vendor patch available.

Denial Of Service Microsoft RCE +1
NVD
EPSS 37% CVSS 9.3
CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 36.9% and no vendor patch available.

Denial Of Service Microsoft RCE +1
NVD
EPSS 37% CVSS 9.3
CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Layout Use After. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 36.9% and no vendor patch available.

Denial Of Service Microsoft RCE +1
NVD
EPSS 27% CVSS 9.3
CRITICAL Act Now

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Event Listener. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 26.8% and no vendor patch available.

Denial Of Service Microsoft RCE +1
NVD
EPSS 27% CVSS 9.3
CRITICAL Act Now

Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 26.8% and no vendor patch available.

Denial Of Service Microsoft RCE +1
NVD
EPSS 65% CVSS 9.3
CRITICAL Emergency

Integer overflow in Microsoft Internet Explorer 8 and 9, JScript 5.8, and VBScript 5.8 on 64-bit platforms allows remote attackers to execute arbitrary code by leveraging an incorrect size. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 64.7% and no vendor patch available.

Microsoft RCE Internet Explorer +2
NVD
EPSS 52% CVSS 9.3
CRITICAL Emergency

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a malformed virtual function table after this. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 51.9% and no vendor patch available.

Code Injection Microsoft RCE +1
NVD
EPSS 55% CVSS 9.3
CRITICAL Emergency

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Asynchronous NULL. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 54.9% and no vendor patch available.

Code Injection Microsoft RCE +1
NVD
EPSS 53% CVSS 9.3
CRITICAL Emergency

Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not initialized or (2) is. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 53.2% and no vendor patch available.

Buffer Overflow Microsoft RCE +1
NVD
EPSS 52% CVSS 9.3
CRITICAL Emergency

Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Attribute Remove Remote Code. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 51.9% and no vendor patch available.

Code Injection Microsoft RCE +1
NVD
EPSS 55% CVSS 9.3
CRITICAL Emergency

Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Cached Object Remote Code. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 54.9% and no vendor patch available.

Code Injection Microsoft RCE +1
NVD
EPSS 23% CVSS 4.3
MEDIUM This Month

Microsoft Internet Explorer 6 through 9 does not block cross-domain scrolling events, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 22.9% and no vendor patch available.

Information Disclosure Microsoft Internet Explorer
NVD
EPSS 53% CVSS 9.3
CRITICAL Emergency

Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnRowsInserted Event Remote. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 53.0% and no vendor patch available.

Code Injection Microsoft RCE +1
NVD
EPSS 53% CVSS 9.3
CRITICAL Emergency

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "insertRow Remote Code. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 53.0% and no vendor patch available.

Code Injection Microsoft RCE +1
NVD
EPSS 28% CVSS 8.1
HIGH Act Now

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access an undefined memory location, aka. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 27.7% and no vendor patch available.

Code Injection Microsoft RCE +1
NVD
EPSS 53% CVSS 9.3
CRITICAL Emergency

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnBeforeDeactivate. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 53.0% and no vendor patch available.

Code Injection Microsoft RCE +1
NVD
EPSS 53% CVSS 9.3
CRITICAL Emergency

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Title Element Change. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 53.0% and no vendor patch available.

Code Injection Microsoft RCE +1
NVD
EPSS 87% 6.0 CVSS 9.3
CRITICAL POC THREAT Emergency

Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 87.3%.

Buffer Overflow Code Injection Microsoft +2
NVD Exploit-DB
EPSS 82% 5.8 CVSS 9.3
CRITICAL POC THREAT Emergency

Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Same ID Property Remote Code. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 82.2%.

Code Injection Microsoft RCE +1
NVD Exploit-DB
EPSS 53% CVSS 9.3
CRITICAL Emergency

Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows user-assisted remote attackers to execute arbitrary code by accessing a deleted object, aka "Developer. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 53.0% and no vendor patch available.

Code Injection Microsoft RCE +1
NVD
EPSS 19% CVSS 4.3
MEDIUM This Month

Microsoft Internet Explorer 7 through 9 does not properly create and initialize string data, which allows remote attackers to obtain sensitive information from process memory via a crafted HTML. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 18.6% and no vendor patch available.

Information Disclosure Microsoft Internet Explorer
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to inject arbitrary web script or HTML via crafted character sequences with EUC-JP. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft XSS Internet Explorer
NVD
EPSS 41% CVSS 4.3
MEDIUM POC THREAT This Month

The toStaticHTML API (aka the SafeHTML component) in Microsoft Internet Explorer 8 and 9, Communicator 2007 R2, and Lync 2010 and 2010 Attendee does not properly handle event attributes and script,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 41.4%.

Information Disclosure Microsoft XSS +3
NVD Exploit-DB
EPSS 53% CVSS 9.3
CRITICAL Emergency

Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Center Element Remote. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 53.0% and no vendor patch available.

Code Injection Microsoft RCE +1
NVD
EPSS 56% CVSS 9.3
CRITICAL Emergency

Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "VML Style Remote Code. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 55.7% and no vendor patch available.

Code Injection Microsoft RCE +1
NVD
EPSS 53% CVSS 9.3
CRITICAL PATCH Act Now

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "SelectAll Remote Code. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 53.2%.

Code Injection Microsoft RCE +1
NVD
EPSS 58% CVSS 9.3
CRITICAL Emergency

Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnReadyStateChange Remote. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 58.5% and no vendor patch available.

Code Injection Microsoft RCE +1
NVD
Prev Page 11 of 12 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy