Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
internet explorer vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2024-3094
Malicious code exists in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific fun...
Tukaani Xz 5.6.1
Tukaani Xz 5.6.0
71 Github repositories
4 Articles
NA
CVE-2023-40290
An issue exists on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker could exploit an XSS issue that affects Internet Explorer 11 on Windows.
8.8
CVSSv3
CVE-2022-41128
Windows Scripting Languages Remote Code Execution Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 10 1607
Microsoft Windows 8.1 -
Microsoft Windows Server 2016 -
Microsoft Windows Server 2012 -
Microsoft Windows 10 -
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows 7 Sp1
Microsoft Windows 10 20h2
Microsoft Windows 10 21h1
Microsoft Windows Server 2022 -
Microsoft Windows 11 -
Microsoft Windows 10 21h2
Microsoft Windows 11 22h2
Microsoft Windows 10 22h2
3 Articles
6.1
CVSSv3
CVE-2022-25869
All versions of package angular are vulnerable to Cross-site Scripting (XSS) due to insecure page caching in the Internet Explorer browser, which allows interpolation of <textarea> elements.
Angularjs Angular
1 Github repository
6.1
CVSSv3
CVE-2022-30118
Title for CVE: XSS in /dashboard/system/express/entities/forms/save_control/[GUID]: old browsers only.Description: When using Internet Explorer with the XSS protection disabled, editing a form control in an express entities form for Concrete 8.5.7 and below as well as Concrete 9....
Concretecms Concrete Cms
6.1
CVSSv3
CVE-2022-30119
XSS in /dashboard/reports/logs/view - old browsers only. When using Internet Explorer with the XSS protection disabled, insufficient sanitation where built urls are outputted can be exploited for Concrete 8.5.7 and below as well as Concrete 9.0 up to and including 9.0.2. This can...
Concretecms Concrete Cms
6.1
CVSSv3
CVE-2022-1756
The Newsletter WordPress plugin prior to 7.4.5 does not sanitize and escape the $_SERVER['REQUEST_URI'] before echoing it back in admin pages. Although this uses addslashes, and most modern browsers automatically URLEncode requests, this is still vulnerable to Reflected...
Thenewsletterplugin Newsletter
9.8
CVSSv3
CVE-2022-32269
In Real Player 20.0.8.310, the G2 Control allows injection of unsafe javascript: URIs in local HTTP error pages (displayed by Internet Explorer core). This leads to arbitrary code execution.
Realnetworks Realplayer 20.0.8.310
5.4
CVSSv3
CVE-2021-43551
A remote attacker with write access to PI Vision could inject code into a display. Unauthorized information disclosure, modification, or deletion is possible if a victim views or interacts with the infected display using Microsoft Internet Explorer. The impact affects PI System d...
Osisoft Pi Vision
6.5
CVSSv3
CVE-2021-38492
When delegating navigations to the operating system, Firefox would accept the `mk` scheme which might allow malicious users to launch pages and execute scripts in Internet Explorer in unprivileged mode. *This bug only affects Firefox for Windows. Other operating systems are unaff...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
injection
CVE-2024-30983
CVE-2023-4235
CVE-2024-21338
privilege
encryption
CVE-2023-4232
CVE-2024-31497
CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »