Microsoft Internet Explorer 11 vulnerabilities
161 known vulnerabilities affecting microsoft/internet_explorer_11.
Total CVEs
161
CISA KEV
13
actively exploited
Public exploits
15
Exploited in wild
17
Severity breakdown
HIGH128MEDIUM33
Vulnerabilities
Page 1 of 9
CVE-2021-26419HIGHCVSS 7.5≥ 1.0.0, < 10.0.14393.4401≥ 1.0.0, < 10.0.17134.2207+10 more2021-05-11
CVE-2021-26419 [HIGH] Scripting Engine Memory Corruption Vulnerability
Scripting Engine Memory Corruption Vulnerability
Scripting Engine Memory Corruption Vulnerability
cvelistv5
CVE-2021-27085HIGHCVSS 8.8KEV≥ 1.0.0, < publication2021-03-11
CVE-2021-27085 [HIGH] CVE-2021-27085: Internet Explorer Remote Code Execution Vulnerability
Internet Explorer Remote Code Execution Vulnerability
cvelistv5nvd
CVE-2021-26411HIGHCVSS 8.8KEV≥ 1.0.0, < publication2021-03-11
CVE-2021-26411 [HIGH] Internet Explorer Memory Corruption Vulnerability
Internet Explorer Memory Corruption Vulnerability
Internet Explorer Memory Corruption Vulnerability
cvelistv5
CVE-2020-17058HIGHCVSS 7.5≥ 1.0.0, < publication2020-11-11
CVE-2020-17058 [HIGH] Microsoft Browser Memory Corruption Vulnerability
Microsoft Browser Memory Corruption Vulnerability
Microsoft Browser Memory Corruption Vulnerability
cvelistv5
CVE-2020-17053HIGHCVSS 7.5≥ 1.0.0, < publication2020-11-11
CVE-2020-17053 [HIGH] Internet Explorer Memory Corruption Vulnerability
Internet Explorer Memory Corruption Vulnerability
Internet Explorer Memory Corruption Vulnerability
cvelistv5
CVE-2020-17052HIGHCVSS 7.5≥ 1.0.0, < publication2020-11-11
CVE-2020-17052 [HIGH] Scripting Engine Memory Corruption Vulnerability
Scripting Engine Memory Corruption Vulnerability
Scripting Engine Memory Corruption Vulnerability
cvelistv5
CVE-2020-1012HIGHCVSS 8.8≥ 1.0.0, < publication2020-09-11
CVE-2020-1012 [HIGH] CVE-2020-1012: <p>An elevation of privilege vulnerability exists in the way that the Wininit.dll handles objects in
An elevation of privilege vulnerability exists in the way that the Wininit.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.
There are multiple ways an attacker could exploit the vulnerability:
In a web-based attack scenario, an attacker could host a specially crafted website t
cvelistv5nvd
CVE-2020-0878HIGHCVSS 7.5KEV≥ 1.0.0, < publication2020-09-11
CVE-2020-0878 [MEDIUM] CWE-787 CVE-2020-0878: <p>A remote code execution vulnerability exists in the way that Microsoft browsers access objects in
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user
cvelistv5nvd
CVE-2020-1506HIGHCVSS 8.8≥ 1.0.0, < publication2020-09-11
CVE-2020-1506 [MEDIUM] CVE-2020-1506: <p>An elevation of privilege vulnerability exists in the way that the Wininit.dll handles objects in
An elevation of privilege vulnerability exists in the way that the Wininit.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.
There are multiple ways an attacker could exploit the vulnerability:
In a web-based attack scenario, an attacker could host a specially crafted website
cvelistv5nvd
CVE-2020-1380HIGHCVSS 8.8KEV≥ 1.0.0, < publication2020-08-17
CVE-2020-1380 [HIGH] CWE-787 CVE-2020-1380: A remote code execution vulnerability exists in the way that the scripting engine handles objects in
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights a
cvelistv5nvd
CVE-2020-1567HIGHCVSS 7.5≥ 1.0.0, < publication2020-08-17
CVE-2020-1567 [MEDIUM] CVE-2020-1567: A remote code execution vulnerability exists in the way that the MSHTML engine improperly validates
A remote code execution vulnerability exists in the way that the MSHTML engine improperly validates input.
An attacker could execute arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker c
cvelistv5nvd
CVE-2020-1570HIGHCVSS 7.5≥ 1.0.0, < publication2020-08-17
CVE-2020-1570 [HIGH] CWE-787 CVE-2020-1570: A remote code execution vulnerability exists in the way that the scripting engine handles objects in
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights a
cvelistv5nvd
CVE-2020-1403HIGHCVSS 7.5vWindows 10 Version 1803 for 32-bit SystemsvWindows 10 Version 1803 for x64-based Systems+20 more2020-07-14
CVE-2020-1403 [HIGH] CVE-2020-1403: A remote code execution vulnerability exists in the way that the VBScript engine handles objects in
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'.
cvelistv5nvd
CVE-2020-1432MEDIUMCVSS 4.3vWindows 10 Version 1803 for 32-bit SystemsvWindows 10 Version 1803 for x64-based Systems+20 more2020-07-14
CVE-2020-1432 [MEDIUM] CVE-2020-1432: An information disclosure vulnerability exists when Skype for Business is accessed via Internet Expl
An information disclosure vulnerability exists when Skype for Business is accessed via Internet Explorer, aka 'Skype for Business via Internet Explorer Information Disclosure Vulnerability'.
cvelistv5nvd
CVE-2020-1219HIGHCVSS 7.5vWindows 10 Version 1803 for 32-bit SystemsvWindows 10 Version 1803 for x64-based Systems+20 more2020-06-09
CVE-2020-1219 [HIGH] CWE-843 CVE-2020-1219: A remote code execution vulnerability exists in the way that Microsoft browsers access objects in me
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'.
cvelistv5nvd
CVE-2020-1213HIGHCVSS 7.5vWindows 10 Version 1803 for 32-bit SystemsvWindows 10 Version 1803 for x64-based Systems+20 more2020-06-09
CVE-2020-1213 [HIGH] CWE-787 CVE-2020-1213: A remote code execution vulnerability exists in the way that the VBScript engine handles objects in
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1214, CVE-2020-1215, CVE-2020-1216, CVE-2020-1230, CVE-2020-1260.
cvelistv5nvd
CVE-2020-1216HIGHCVSS 7.5vWindows 10 Version 1803 for 32-bit SystemsvWindows 10 Version 1803 for x64-based Systems+20 more2020-06-09
CVE-2020-1216 [HIGH] CVE-2020-1216: A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulner
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1213, CVE-2020-1214, CVE-2020-1215, CVE-2020-1230, CVE-2020-1260.
cvelistv5
CVE-2020-1260HIGHCVSS 7.5vWindows 10 Version 1803 for 32-bit SystemsvWindows 10 Version 1803 for x64-based Systems+20 more2020-06-09
CVE-2020-1260 [HIGH] CVE-2020-1260: A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulner
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1213, CVE-2020-1214, CVE-2020-1215, CVE-2020-1216, CVE-2020-1230.
cvelistv5
CVE-2020-1230HIGHCVSS 7.5vWindows 10 Version 1803 for 32-bit SystemsvWindows 10 Version 1803 for x64-based Systems+20 more2020-06-09
CVE-2020-1230 [HIGH] CVE-2020-1230: A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulner
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1213, CVE-2020-1214, CVE-2020-1215, CVE-2020-1216, CVE-2020-1260.
cvelistv5
CVE-2020-1215HIGHCVSS 7.5vWindows 10 Version 1803 for 32-bit SystemsvWindows 10 Version 1803 for x64-based Systems+20 more2020-06-09
CVE-2020-1215 [HIGH] CVE-2020-1215: A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulner
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1213, CVE-2020-1214, CVE-2020-1216, CVE-2020-1230, CVE-2020-1260.
cvelistv5
1 / 9Next →