Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vbscript vulnerabilities and exploits
(subscribe to this query)
685
VMScore
CVE-2006-6597
Argument injection vulnerability in HyperAccess 8.4 allows user-assisted remote malicious users to execute arbitrary vbscript and commands via the /r option in a telnet:// URI, which is configured to use hawin32.exe.
Hilgraeve Hyperaccess 8.4
1 EDB exploit
668
VMScore
CVE-2014-0818
Untrusted search path vulnerability in Autodesk AutoCAD prior to 2014 allows local users to gain privileges and execute arbitrary VBScript code via a Trojan horse FAS file in the FAS file search path.
Autodesk Autocad
505
VMScore
CVE-2004-2090
Microsoft Internet Explorer 5.0.1 up to and including 6.0 allows remote malicious users to determine the existence of arbitrary files via the VBScript LoadPicture method, which returns an error code if the file does not exist.
Microsoft Internet Explorer 5.0.1
Microsoft Ie 6.0
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.0
1 EDB exploit
383
VMScore
CVE-2013-1297
Microsoft Internet Explorer 6 through 8 does not properly restrict data access by VBScript, which allows remote malicious users to perform cross-domain reading of JSON files via a crafted web site, aka "JSON Array Information Disclosure Vulnerability."
Microsoft Internet Explorer 8
Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
1 Github repository
828
VMScore
CVE-2015-2493
The (1) VBScript and (2) JScript engines in Microsoft Internet Explorer 8 allow remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."
Microsoft Internet Explorer 8
828
VMScore
CVE-2016-3210
The Microsoft (1) JScript and (2) VBScript engines, as used in Internet Explorer 11, allow remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."
Microsoft Internet Explorer 11
383
VMScore
CVE-2017-0049
The VBScript engine in Microsoft Internet Explorer 11 allows remote malicious users to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability." This vulnerability is different from those descri...
Microsoft Internet Explorer 11
445
VMScore
CVE-2006-0585
jscript.dll in Microsoft Internet Explorer 6.0 SP1 and previous versions allows remote malicious users to cause a denial of service (application crash) via a Shockwave Flash object that contains ActionScript code that calls VBScript, which in turn calls the Javascript document.wr...
Microsoft Internet Explorer 5.00.2920.0000
Microsoft Internet Explorer 5.00.2919.6307
Microsoft Internet Explorer 5.0.1
Microsoft Internet Explorer 5.00.0910.1309
Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.1
Microsoft Internet Explorer 5.50.4308.2900
Microsoft Internet Explorer 5.2.3
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 4.5
Microsoft Internet Explorer 4.0.1
Microsoft Internet Explorer 4.72.3110.8
Microsoft Internet Explorer 4.40.308
Microsoft Internet Explorer 3.0
Microsoft Internet Explorer
Microsoft Internet Explorer 5.00.3502.1000
Microsoft Internet Explorer 5.00.2919.3800
Microsoft Internet Explorer 5.00.2919.800
Microsoft Internet Explorer 5.00.2516.1900
Microsoft Internet Explorer 5.00.0518.10
Microsoft Internet Explorer 5.50.4030.2400
Microsoft Internet Explorer 5.50.4134.0100
828
VMScore
CVE-2008-0083
The (1) VBScript (VBScript.dll) and (2) JScript (JScript.dll) scripting engines 5.1 and 5.6, as used in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2, do not properly decode script, which allows remote malicious users to execute arbitrary code via unknown vector...
Microsoft Windows 2003 Server
Microsoft Windows Xp
Microsoft Windows 2000
435
VMScore
CVE-2012-3351
Multiple cross-site scripting (XSS) vulnerabilities in LongTail Video JW Player up to and including 5.10.2295 allow remote malicious users to inject arbitrary web script or HTML via the (1) link, (2) logo.link, or (3) aboutlink parameter, or a nested URI scheme name for (4) javas...
Longtailvideo Jw Player
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »