Skip to main content

Internet Explorer

997 CVEs product

Monthly

CVE-2016-3325 LOW POC THREAT Monitor

Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability.". Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 24.3%.

Information Disclosure Microsoft Edge Internet Explorer
NVD Exploit-DB
CVSS 3.0
3.1
EPSS
24.3%
CVE-2016-3324 HIGH POC THREAT Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 11.7%.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
11.7%
CVE-2016-3297 HIGH Act Now

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 18.1% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Edge +1
NVD
CVSS 3.0
8.8
EPSS
18.1%
CVE-2016-3295 HIGH Act Now

Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 21.4% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Edge +1
NVD
CVSS 3.0
7.5
EPSS
21.4%
CVE-2016-3292 MEDIUM This Month

Microsoft Internet Explorer 10 and 11 mishandles integrity settings and zone settings, which allows remote attackers to bypass a sandbox protection mechanism via a crafted web site, aka "Internet. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Microsoft Internet Explorer
NVD
CVSS 3.0
5.0
EPSS
6.1%
CVE-2016-3291 LOW Monitor

Microsoft Internet Explorer 11 and Microsoft Edge mishandle cross-origin requests, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Edge Internet Explorer
NVD
CVSS 3.0
2.4
EPSS
1.8%
CVE-2016-3247 HIGH POC THREAT Act Now

Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 50.8%.

Denial Of Service RCE Buffer Overflow Microsoft Edge +1
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
50.8%
Threat
4.5
CVE-2016-7153 MEDIUM This Month

The HTTP/2 protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Edge Internet Explorer Chrome Safari +2
NVD
CVSS 3.0
5.3
EPSS
1.3%
CVE-2016-7152 MEDIUM This Month

The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Opera Safari Firefox Edge +2
NVD
CVSS 3.0
5.3
EPSS
1.3%
CVE-2016-3329 MEDIUM This Month

Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to determine the existence of files via a crafted webpage, aka "Internet Explorer Information Disclosure Vulnerability.". Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 32.7% and no vendor patch available.

Information Disclosure Microsoft Edge Internet Explorer
NVD
CVSS 3.0
5.3
EPSS
32.7%
CVE-2016-3327 MEDIUM This Month

Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to obtain sensitive information via a crafted web page, aka "Microsoft Browser Information Disclosure Vulnerability," a. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 32.7% and no vendor patch available.

Information Disclosure Microsoft Edge Internet Explorer
NVD
CVSS 3.0
5.3
EPSS
32.7%
CVE-2016-3326 MEDIUM This Month

Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to obtain sensitive information via a crafted web page, aka "Microsoft Browser Information Disclosure Vulnerability," a. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 16.8% and no vendor patch available.

Information Disclosure Microsoft Edge Internet Explorer
NVD
CVSS 3.0
5.3
EPSS
16.8%
CVE-2016-3322 HIGH Act Now

Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 23.9% and no vendor patch available.

RCE Buffer Overflow Microsoft Edge Internet Explorer
NVD
CVSS 3.0
7.5
EPSS
23.9%
CVE-2016-3321 LOW POC THREAT Monitor

Microsoft Internet Explorer 10 and 11 load different files for attempts to open a file:// URL depending on whether the file exists, which allows local users to enumerate files via vectors involving a. Rated low severity (CVSS 2.5). Public exploit code available and EPSS exploitation probability 28.7%.

Information Disclosure Microsoft Internet Explorer
NVD
CVSS 3.0
2.5
EPSS
28.7%
CVE-2016-3293 HIGH Act Now

Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability.". Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 17.8% and no vendor patch available.

RCE Buffer Overflow Microsoft Edge Internet Explorer
NVD
CVSS 3.0
7.5
EPSS
17.8%
CVE-2016-3290 HIGH Act Now

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code via a crafted web page, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 14.0% and no vendor patch available.

RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 3.0
7.5
EPSS
14.0%
CVE-2016-3289 HIGH Act Now

Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 17.8% and no vendor patch available.

RCE Buffer Overflow Microsoft Edge Internet Explorer
NVD
CVSS 3.0
7.5
EPSS
17.8%
CVE-2016-3288 HIGH POC THREAT Act Now

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code via a crafted web page, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 34.1%.

RCE Buffer Overflow Microsoft Internet Explorer
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
34.1%
Threat
4.0
CVE-2016-3277 MEDIUM This Month

Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability.". Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 32.5% and no vendor patch available.

Information Disclosure Microsoft Edge Internet Explorer
NVD
CVSS 3.0
5.3
EPSS
32.5%
CVE-2016-3276 LOW Monitor

Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to conduct content-spoofing attacks via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability.". Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Microsoft Authentication Bypass Internet Explorer
NVD
CVSS 3.0
3.1
EPSS
7.2%
CVE-2016-3274 LOW Monitor

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to conduct content-spoofing attacks via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability.". Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Microsoft Authentication Bypass Edge Internet Explorer
NVD
CVSS 3.0
3.1
EPSS
7.2%
CVE-2016-3273 MEDIUM This Month

The XSS Filter in Microsoft Internet Explorer 9 through 11 and Microsoft Edge does not properly restrict JavaScript code, which allows remote attackers to obtain sensitive information via a crafted. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 22.9% and no vendor patch available.

XSS Information Disclosure Microsoft Edge Internet Explorer
NVD
CVSS 3.0
5.3
EPSS
22.9%
CVE-2016-3264 HIGH Act Now

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 18.3% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Edge +1
NVD
CVSS 3.0
7.5
EPSS
18.3%
CVE-2016-3261 MEDIUM This Month

Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability.". Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 36.7% and no vendor patch available.

Information Disclosure Microsoft Internet Explorer
NVD
CVSS 3.0
5.3
EPSS
36.7%
CVE-2016-3260 NuGet HIGH PATCH Act Now

The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 11, Microsoft Edge, and other products, allow remote attackers to execute. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 20.4%.

Denial Of Service RCE Buffer Overflow Microsoft Edge +1
NVD
CVSS 3.0
8.8
EPSS
20.4%
CVE-2016-3259 NuGet HIGH PATCH Act Now

The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 18.1%.

Denial Of Service RCE Buffer Overflow Microsoft Edge +1
NVD
CVSS 3.0
8.8
EPSS
18.1%
CVE-2016-3248 NuGet HIGH Act Now

The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 20.4% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Edge +1
NVD
CVSS 3.0
8.8
EPSS
20.4%
CVE-2016-3245 MEDIUM This Month

Microsoft Internet Explorer 9 through 11 allows remote attackers to trick users into making TCP connections to a restricted port via a crafted web site, aka "Internet Explorer Security Feature Bypass. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.5% and no vendor patch available.

Microsoft Authentication Bypass Internet Explorer
NVD
CVSS 3.0
6.5
EPSS
10.5%
CVE-2016-3243 HIGH Act Now

Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 12.8% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 3.0
7.5
EPSS
12.8%
CVE-2016-3242 HIGH Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 12.8% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 3.0
7.5
EPSS
12.8%
CVE-2016-3241 HIGH Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 12.8% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 3.0
7.5
EPSS
12.8%
CVE-2016-3240 HIGH Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 12.8% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 3.0
7.5
EPSS
12.8%
CVE-2016-3204 HIGH Act Now

The Microsoft (1) JScript 5.8 and 9 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 22.8% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 3.0
8.8
EPSS
22.8%
CVE-2016-3213 HIGH POC THREAT Act Now

The Web Proxy Auto Discovery (WPAD) protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 78.3%.

Privilege Escalation Microsoft Internet Explorer Windows 10 Windows 7 +5
NVD
CVSS 3.0
8.8
EPSS
78.3%
Threat
5.6
CVE-2016-3212 MEDIUM This Month

The XSS Filter in Microsoft Internet Explorer 9 through 11 does not properly identify JavaScript, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 22.4% and no vendor patch available.

XSS Microsoft Internet Explorer
NVD
CVSS 3.0
6.1
EPSS
22.4%
CVE-2016-3211 HIGH Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 18.5% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 3.0
8.8
EPSS
18.5%
CVE-2016-3210 HIGH Act Now

The Microsoft (1) JScript and (2) VBScript engines, as used in Internet Explorer 11, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 17.9% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 3.0
8.8
EPSS
17.9%
CVE-2016-0200 HIGH Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 14.0% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 3.0
8.8
EPSS
14.0%
CVE-2016-0199 HIGH POC THREAT Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 70.1%.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
70.1%
Threat
5.4
CVE-2016-4116 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Flash Player Edge +1
NVD
CVSS 3.0
7.5
EPSS
6.1%
CVE-2016-4115 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD
CVSS 3.0
7.5
EPSS
6.5%
CVE-2016-4114 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD
CVSS 3.0
7.5
EPSS
6.5%
CVE-2016-4113 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD
CVSS 3.0
7.5
EPSS
6.5%
CVE-2016-4112 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Flash Player Edge +1
NVD
CVSS 3.0
7.5
EPSS
6.5%
CVE-2016-4111 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD
CVSS 3.0
7.5
EPSS
6.5%
CVE-2016-4110 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Flash Player Edge +1
NVD
CVSS 3.0
7.5
EPSS
7.0%
CVE-2016-4109 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Flash Player Edge +1
NVD
CVSS 3.0
7.5
EPSS
6.5%
CVE-2016-4108 HIGH POC THREAT Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 65.6%.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
65.6%
Threat
5.0
CVE-2016-1110 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD
CVSS 3.0
7.5
EPSS
7.0%
CVE-2016-1109 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD
CVSS 3.0
7.5
EPSS
7.0%
CVE-2016-1108 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD
CVSS 3.0
7.5
EPSS
7.0%
CVE-2016-1107 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Flash Player Edge +1
NVD
CVSS 3.0
7.5
EPSS
7.0%
CVE-2016-1106 HIGH POC THREAT Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 57.6%.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
57.6%
Threat
4.7
CVE-2016-1105 HIGH POC THREAT Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 53.1%.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
53.1%
Threat
4.6
CVE-2016-1104 HIGH POC THREAT Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 39.7%.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
39.7%
Threat
4.2
CVE-2016-1103 HIGH POC THREAT Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 53.1%.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
53.1%
Threat
4.6
CVE-2016-1102 HIGH POC THREAT Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 39.7%.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
39.7%
Threat
4.2
CVE-2016-1101 HIGH POC THREAT Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 53.1%.

Adobe Information Disclosure Microsoft Flash Player Edge +1
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
53.1%
Threat
4.6
CVE-2016-1100 HIGH Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 15.5% and no vendor patch available.

Adobe Information Disclosure Microsoft Flash Player Edge +1
NVD
CVSS 3.0
7.5
EPSS
15.5%
CVE-2016-1099 HIGH Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 15.5% and no vendor patch available.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD
CVSS 3.0
7.5
EPSS
15.5%
CVE-2016-1098 HIGH Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 15.5% and no vendor patch available.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD
CVSS 3.0
7.5
EPSS
15.5%
CVE-2016-1097 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD
CVSS 3.0
7.5
EPSS
7.0%
CVE-2016-1096 HIGH POC THREAT Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 39.7%.

Adobe Information Disclosure Microsoft Flash Player Edge +1
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
39.7%
Threat
4.2
CVE-2016-0194 MEDIUM This Month

Microsoft Internet Explorer 10 and 11 allows remote attackers to bypass file permissions and obtain sensitive information via a crafted web site, aka "Internet Explorer Information Disclosure. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Microsoft Internet Explorer
NVD
CVSS 3.0
5.3
EPSS
0.9%
CVE-2016-0192 HIGH Act Now

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 29.9% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Edge +1
NVD
CVSS 3.0
7.5
EPSS
29.9%
CVE-2016-0188 HIGH Act Now

The User Mode Code Integrity (UMCI) implementation in Device Guard in Microsoft Internet Explorer 11 allows remote attackers to bypass a code-signing protection mechanism via unspecified vectors, aka. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 32.7% and no vendor patch available.

Microsoft Authentication Bypass Internet Explorer
NVD
CVSS 3.0
8.8
EPSS
32.7%
CVE-2016-0166 HIGH This Week

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 3.0
7.5
EPSS
9.8%
CVE-2016-0164 HIGH Act Now

Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 12.8% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 3.0
7.5
EPSS
12.8%
CVE-2016-0160 HIGH This Week

Microsoft Internet Explorer 11 mishandles DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loading Remote Code Execution Vulnerability.". Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Microsoft Internet Explorer
NVD
CVSS 3.0
7.8
EPSS
1.2%
CVE-2016-0159 HIGH This Week

Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 3.0
7.5
EPSS
9.8%
CVE-2016-0154 HIGH Act Now

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 16.3% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Edge +1
NVD
CVSS 3.0
7.5
EPSS
16.3%
CVE-2015-6184 HIGH Act Now

The CAttrArray object implementation in Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and memory corruption). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 49.7% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 3.0
8.1
EPSS
49.7%
CVE-2016-0114 HIGH Act Now

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 19.5% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 3.0
7.5
EPSS
19.5%
CVE-2016-0113 HIGH Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 19.5% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 3.0
7.5
EPSS
19.5%
CVE-2016-0112 HIGH Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 19.5% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 3.0
7.5
EPSS
19.5%
CVE-2016-0111 HIGH POC THREAT Act Now

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 45.0%.

Denial Of Service RCE Buffer Overflow Microsoft Edge +1
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
45.0%
Threat
4.3
CVE-2016-0110 HIGH Act Now

Microsoft Internet Explorer 10 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 19.5% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Edge +1
NVD
CVSS 3.0
7.5
EPSS
19.5%
CVE-2016-0109 HIGH Act Now

Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 27.1% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Edge +1
NVD
CVSS 3.0
7.5
EPSS
27.1%
CVE-2016-0108 HIGH POC THREAT Act Now

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 31.8%.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
31.8%
Threat
4.0
CVE-2016-0107 HIGH Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 19.5% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 3.0
7.5
EPSS
19.5%
CVE-2016-0106 HIGH Act Now

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 19.5% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 3.0
7.5
EPSS
19.5%
CVE-2016-0105 HIGH Act Now

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 19.5% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Edge +1
NVD
CVSS 3.0
7.5
EPSS
19.5%
CVE-2016-0104 HIGH Act Now

Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 15.9% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 3.0
7.5
EPSS
15.9%
CVE-2016-0103 HIGH Act Now

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 12.8% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 3.0
7.5
EPSS
12.8%
CVE-2016-0102 HIGH Act Now

Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 15.9% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Edge +1
NVD
CVSS 3.0
7.5
EPSS
15.9%
CVE-2016-0069 HIGH Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability," a different. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 38.0% and no vendor patch available.

Privilege Escalation Microsoft Internet Explorer
NVD
CVSS 3.0
8.8
EPSS
38.0%
CVE-2016-0068 HIGH Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability," a different. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 35.0% and no vendor patch available.

Privilege Escalation Microsoft Internet Explorer
NVD
CVSS 3.0
8.8
EPSS
35.0%
CVE-2016-0077 MEDIUM This Month

Microsoft Internet Explorer 9 through 11 and Microsoft Edge misparse HTTP responses, which allows remote attackers to spoof web sites via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability.". Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Edge Internet Explorer
NVD
CVSS 3.0
4.3
EPSS
9.4%
CVE-2016-0072 HIGH Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 14.0% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 3.0
8.8
EPSS
14.0%
CVE-2016-0071 HIGH Act Now

Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 20.5% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 3.0
8.8
EPSS
20.5%
EPSS 24% CVSS 3.1
LOW POC THREAT Monitor

Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability.". Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 24.3%.

Information Disclosure Microsoft Edge +1
NVD Exploit-DB
EPSS 12% CVSS 8.8
HIGH POC THREAT Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 11.7%.

Denial Of Service RCE Buffer Overflow +2
NVD Exploit-DB
EPSS 18% CVSS 8.8
HIGH Act Now

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 18.1% and no vendor patch available.

Denial Of Service RCE Buffer Overflow +3
NVD
EPSS 21% CVSS 7.5
HIGH Act Now

Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 21.4% and no vendor patch available.

Denial Of Service RCE Buffer Overflow +3
NVD
EPSS 6% CVSS 5.0
MEDIUM This Month

Microsoft Internet Explorer 10 and 11 mishandles integrity settings and zone settings, which allows remote attackers to bypass a sandbox protection mechanism via a crafted web site, aka "Internet. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Microsoft Internet Explorer
NVD
EPSS 2% CVSS 2.4
LOW Monitor

Microsoft Internet Explorer 11 and Microsoft Edge mishandle cross-origin requests, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Edge +1
NVD
EPSS 51% 4.5 CVSS 7.5
HIGH POC THREAT Act Now

Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 50.8%.

Denial Of Service RCE Buffer Overflow +3
NVD Exploit-DB
EPSS 1% CVSS 5.3
MEDIUM This Month

The HTTP/2 protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Edge Internet Explorer +4
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Opera Safari +4
NVD
EPSS 33% CVSS 5.3
MEDIUM This Month

Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to determine the existence of files via a crafted webpage, aka "Internet Explorer Information Disclosure Vulnerability.". Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 32.7% and no vendor patch available.

Information Disclosure Microsoft Edge +1
NVD
EPSS 33% CVSS 5.3
MEDIUM This Month

Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to obtain sensitive information via a crafted web page, aka "Microsoft Browser Information Disclosure Vulnerability," a. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 32.7% and no vendor patch available.

Information Disclosure Microsoft Edge +1
NVD
EPSS 17% CVSS 5.3
MEDIUM This Month

Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to obtain sensitive information via a crafted web page, aka "Microsoft Browser Information Disclosure Vulnerability," a. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 16.8% and no vendor patch available.

Information Disclosure Microsoft Edge +1
NVD
EPSS 24% CVSS 7.5
HIGH Act Now

Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 23.9% and no vendor patch available.

RCE Buffer Overflow Microsoft +2
NVD
EPSS 29% CVSS 2.5
LOW POC THREAT Monitor

Microsoft Internet Explorer 10 and 11 load different files for attempts to open a file:// URL depending on whether the file exists, which allows local users to enumerate files via vectors involving a. Rated low severity (CVSS 2.5). Public exploit code available and EPSS exploitation probability 28.7%.

Information Disclosure Microsoft Internet Explorer
NVD
EPSS 18% CVSS 7.5
HIGH Act Now

Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability.". Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 17.8% and no vendor patch available.

RCE Buffer Overflow Microsoft +2
NVD
EPSS 14% CVSS 7.5
HIGH Act Now

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code via a crafted web page, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 14.0% and no vendor patch available.

RCE Buffer Overflow Microsoft +1
NVD
EPSS 18% CVSS 7.5
HIGH Act Now

Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 17.8% and no vendor patch available.

RCE Buffer Overflow Microsoft +2
NVD
EPSS 34% 4.0 CVSS 7.5
HIGH POC THREAT Act Now

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code via a crafted web page, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 34.1%.

RCE Buffer Overflow Microsoft +1
NVD Exploit-DB
EPSS 33% CVSS 5.3
MEDIUM This Month

Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability.". Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 32.5% and no vendor patch available.

Information Disclosure Microsoft Edge +1
NVD
EPSS 7% CVSS 3.1
LOW Monitor

Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to conduct content-spoofing attacks via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability.". Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Microsoft Authentication Bypass Internet Explorer
NVD
EPSS 7% CVSS 3.1
LOW Monitor

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to conduct content-spoofing attacks via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability.". Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Microsoft Authentication Bypass Edge +1
NVD
EPSS 23% CVSS 5.3
MEDIUM This Month

The XSS Filter in Microsoft Internet Explorer 9 through 11 and Microsoft Edge does not properly restrict JavaScript code, which allows remote attackers to obtain sensitive information via a crafted. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 22.9% and no vendor patch available.

XSS Information Disclosure Microsoft +2
NVD
EPSS 18% CVSS 7.5
HIGH Act Now

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 18.3% and no vendor patch available.

Denial Of Service RCE Buffer Overflow +3
NVD
EPSS 37% CVSS 5.3
MEDIUM This Month

Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability.". Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 36.7% and no vendor patch available.

Information Disclosure Microsoft Internet Explorer
NVD
EPSS 20% CVSS 8.8
HIGH PATCH Act Now

The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 11, Microsoft Edge, and other products, allow remote attackers to execute. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 20.4%.

Denial Of Service RCE Buffer Overflow +3
NVD
EPSS 18% CVSS 8.8
HIGH PATCH Act Now

The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 18.1%.

Denial Of Service RCE Buffer Overflow +3
NVD
EPSS 20% CVSS 8.8
HIGH Act Now

The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 20.4% and no vendor patch available.

Denial Of Service RCE Buffer Overflow +3
NVD
EPSS 11% CVSS 6.5
MEDIUM This Month

Microsoft Internet Explorer 9 through 11 allows remote attackers to trick users into making TCP connections to a restricted port via a crafted web site, aka "Internet Explorer Security Feature Bypass. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.5% and no vendor patch available.

Microsoft Authentication Bypass Internet Explorer
NVD
EPSS 13% CVSS 7.5
HIGH Act Now

Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 12.8% and no vendor patch available.

Denial Of Service RCE Buffer Overflow +2
NVD
EPSS 13% CVSS 7.5
HIGH Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 12.8% and no vendor patch available.

Denial Of Service RCE Buffer Overflow +2
NVD
EPSS 13% CVSS 7.5
HIGH Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 12.8% and no vendor patch available.

Denial Of Service RCE Buffer Overflow +2
NVD
EPSS 13% CVSS 7.5
HIGH Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 12.8% and no vendor patch available.

Denial Of Service RCE Buffer Overflow +2
NVD
EPSS 23% CVSS 8.8
HIGH Act Now

The Microsoft (1) JScript 5.8 and 9 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 22.8% and no vendor patch available.

Denial Of Service RCE Buffer Overflow +2
NVD
EPSS 78% 5.6 CVSS 8.8
HIGH POC THREAT Act Now

The Web Proxy Auto Discovery (WPAD) protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 78.3%.

Privilege Escalation Microsoft Internet Explorer +7
NVD
EPSS 22% CVSS 6.1
MEDIUM This Month

The XSS Filter in Microsoft Internet Explorer 9 through 11 does not properly identify JavaScript, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 22.4% and no vendor patch available.

XSS Microsoft Internet Explorer
NVD
EPSS 18% CVSS 8.8
HIGH Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 18.5% and no vendor patch available.

Denial Of Service RCE Buffer Overflow +2
NVD
EPSS 18% CVSS 8.8
HIGH Act Now

The Microsoft (1) JScript and (2) VBScript engines, as used in Internet Explorer 11, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 17.9% and no vendor patch available.

Denial Of Service RCE Buffer Overflow +2
NVD
EPSS 14% CVSS 8.8
HIGH Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 14.0% and no vendor patch available.

Denial Of Service RCE Buffer Overflow +2
NVD
EPSS 70% 5.4 CVSS 8.8
HIGH POC THREAT Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 70.1%.

Denial Of Service RCE Buffer Overflow +2
NVD Exploit-DB
EPSS 6% CVSS 7.5
HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft +3
NVD
EPSS 6% CVSS 7.5
HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft +3
NVD
EPSS 6% CVSS 7.5
HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft +3
NVD
EPSS 6% CVSS 7.5
HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft +3
NVD
EPSS 6% CVSS 7.5
HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft +3
NVD
EPSS 6% CVSS 7.5
HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft +3
NVD
EPSS 7% CVSS 7.5
HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft +3
NVD
EPSS 6% CVSS 7.5
HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft +3
NVD
EPSS 66% 5.0 CVSS 7.5
HIGH POC THREAT Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 65.6%.

Adobe Information Disclosure Microsoft +3
NVD Exploit-DB
EPSS 7% CVSS 7.5
HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft +3
NVD
EPSS 7% CVSS 7.5
HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft +3
NVD
EPSS 7% CVSS 7.5
HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft +3
NVD
EPSS 7% CVSS 7.5
HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft +3
NVD
EPSS 58% 4.7 CVSS 7.5
HIGH POC THREAT Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 57.6%.

Adobe Information Disclosure Microsoft +3
NVD Exploit-DB
EPSS 53% 4.6 CVSS 7.5
HIGH POC THREAT Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 53.1%.

Adobe Information Disclosure Microsoft +3
NVD Exploit-DB
EPSS 40% 4.2 CVSS 7.5
HIGH POC THREAT Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 39.7%.

Adobe Information Disclosure Microsoft +3
NVD Exploit-DB
EPSS 53% 4.6 CVSS 7.5
HIGH POC THREAT Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 53.1%.

Adobe Information Disclosure Microsoft +3
NVD Exploit-DB
EPSS 40% 4.2 CVSS 7.5
HIGH POC THREAT Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 39.7%.

Adobe Information Disclosure Microsoft +3
NVD Exploit-DB
EPSS 53% 4.6 CVSS 7.5
HIGH POC THREAT Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 53.1%.

Adobe Information Disclosure Microsoft +3
NVD Exploit-DB
EPSS 15% CVSS 7.5
HIGH Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 15.5% and no vendor patch available.

Adobe Information Disclosure Microsoft +3
NVD
EPSS 15% CVSS 7.5
HIGH Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 15.5% and no vendor patch available.

Adobe Information Disclosure Microsoft +3
NVD
EPSS 15% CVSS 7.5
HIGH Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 15.5% and no vendor patch available.

Adobe Information Disclosure Microsoft +3
NVD
EPSS 7% CVSS 7.5
HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft +3
NVD
EPSS 40% 4.2 CVSS 7.5
HIGH POC THREAT Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 39.7%.

Adobe Information Disclosure Microsoft +3
NVD Exploit-DB
EPSS 1% CVSS 5.3
MEDIUM This Month

Microsoft Internet Explorer 10 and 11 allows remote attackers to bypass file permissions and obtain sensitive information via a crafted web site, aka "Internet Explorer Information Disclosure. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Microsoft Internet Explorer
NVD
EPSS 30% CVSS 7.5
HIGH Act Now

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 29.9% and no vendor patch available.

Denial Of Service RCE Buffer Overflow +3
NVD
EPSS 33% CVSS 8.8
HIGH Act Now

The User Mode Code Integrity (UMCI) implementation in Device Guard in Microsoft Internet Explorer 11 allows remote attackers to bypass a code-signing protection mechanism via unspecified vectors, aka. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 32.7% and no vendor patch available.

Microsoft Authentication Bypass Internet Explorer
NVD
EPSS 10% CVSS 7.5
HIGH This Week

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service RCE Buffer Overflow +2
NVD
EPSS 13% CVSS 7.5
HIGH Act Now

Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 12.8% and no vendor patch available.

Denial Of Service RCE Buffer Overflow +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Microsoft Internet Explorer 11 mishandles DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loading Remote Code Execution Vulnerability.". Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Microsoft Internet Explorer
NVD
EPSS 10% CVSS 7.5
HIGH This Week

Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service RCE Buffer Overflow +2
NVD
EPSS 16% CVSS 7.5
HIGH Act Now

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 16.3% and no vendor patch available.

Denial Of Service RCE Buffer Overflow +3
NVD
EPSS 50% CVSS 8.1
HIGH Act Now

The CAttrArray object implementation in Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and memory corruption). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 49.7% and no vendor patch available.

Denial Of Service RCE Buffer Overflow +2
NVD
EPSS 19% CVSS 7.5
HIGH Act Now

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 19.5% and no vendor patch available.

Denial Of Service RCE Buffer Overflow +2
NVD
EPSS 19% CVSS 7.5
HIGH Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 19.5% and no vendor patch available.

Denial Of Service RCE Buffer Overflow +2
NVD
EPSS 19% CVSS 7.5
HIGH Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 19.5% and no vendor patch available.

Denial Of Service RCE Buffer Overflow +2
NVD
EPSS 45% 4.3 CVSS 7.5
HIGH POC THREAT Act Now

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 45.0%.

Denial Of Service RCE Buffer Overflow +3
NVD Exploit-DB
EPSS 19% CVSS 7.5
HIGH Act Now

Microsoft Internet Explorer 10 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 19.5% and no vendor patch available.

Denial Of Service RCE Buffer Overflow +3
NVD
EPSS 27% CVSS 7.5
HIGH Act Now

Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 27.1% and no vendor patch available.

Denial Of Service RCE Buffer Overflow +3
NVD
EPSS 32% 4.0 CVSS 7.5
HIGH POC THREAT Act Now

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 31.8%.

Denial Of Service RCE Buffer Overflow +2
NVD Exploit-DB
EPSS 19% CVSS 7.5
HIGH Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 19.5% and no vendor patch available.

Denial Of Service RCE Buffer Overflow +2
NVD
EPSS 19% CVSS 7.5
HIGH Act Now

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 19.5% and no vendor patch available.

Denial Of Service RCE Buffer Overflow +2
NVD
EPSS 19% CVSS 7.5
HIGH Act Now

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 19.5% and no vendor patch available.

Denial Of Service RCE Buffer Overflow +3
NVD
EPSS 16% CVSS 7.5
HIGH Act Now

Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 15.9% and no vendor patch available.

Denial Of Service RCE Buffer Overflow +2
NVD
EPSS 13% CVSS 7.5
HIGH Act Now

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 12.8% and no vendor patch available.

Denial Of Service RCE Buffer Overflow +2
NVD
EPSS 16% CVSS 7.5
HIGH Act Now

Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 15.9% and no vendor patch available.

Denial Of Service RCE Buffer Overflow +3
NVD
EPSS 38% CVSS 8.8
HIGH Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability," a different. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 38.0% and no vendor patch available.

Privilege Escalation Microsoft Internet Explorer
NVD
EPSS 35% CVSS 8.8
HIGH Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability," a different. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 35.0% and no vendor patch available.

Privilege Escalation Microsoft Internet Explorer
NVD
EPSS 9% CVSS 4.3
MEDIUM This Month

Microsoft Internet Explorer 9 through 11 and Microsoft Edge misparse HTTP responses, which allows remote attackers to spoof web sites via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability.". Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Edge +1
NVD
EPSS 14% CVSS 8.8
HIGH Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 14.0% and no vendor patch available.

Denial Of Service RCE Buffer Overflow +2
NVD
EPSS 20% CVSS 8.8
HIGH Act Now

Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 20.5% and no vendor patch available.

Denial Of Service RCE Buffer Overflow +2
NVD
Prev Page 4 of 12 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy