Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vbscript vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2012-3351
Multiple cross-site scripting (XSS) vulnerabilities in LongTail Video JW Player up to and including 5.10.2295 allow remote malicious users to inject arbitrary web script or HTML via the (1) link, (2) logo.link, or (3) aboutlink parameter, or a nested URI scheme name for (4) javas...
Longtailvideo Jw Player
1 EDB exploit
8.8
CVSSv3
CVE-2016-3260
The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 11, Microsoft Edge, and other products, allow remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web s...
Microsoft Edge -
Microsoft Internet Explorer 11
8.8
CVSSv3
CVE-2016-3204
The Microsoft (1) JScript 5.8 and 9 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Script...
Microsoft Internet Explorer 9
Microsoft Internet Explorer 11
Microsoft Internet Explorer 10
NA
CVE-2006-0830
The scripting engine in Internet Explorer allows remote malicious users to cause a denial of service (resource consumption) and possibly execute arbitrary code via a web page that contains a recurrent call to an infinite loop in Javascript or VBscript, which consumes the stack, a...
Microsoft Internet Explorer 6.0.2900
NA
CVE-2011-0031
The (1) JScript 5.8 and (2) VBScript 5.8 scripting engines in Microsoft Windows Server 2008 R2 and Windows 7 do not properly load decoded scripts obtained from web pages, which allows remote malicious users to trigger memory corruption and consequently obtain sensitive informatio...
Microsoft Windows Server 2008 R2
Microsoft Windows 7 -
NA
CVE-2010-3886
The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft mshtml.dll uses a certain pointer value as part of producing Timer ID values for the setTimeout and setInterval methods in VBScript and JScript, which allows remote malicious users to obtain sensitive information ...
Microsoft Internet Explorer 8
1 EDB exploit
NA
CVE-2008-2011
Cross-site scripting (XSS) vulnerability in the National Rail Enquiries Live Departure Boards gadget prior to 1.1 allows remote National Rail Enquiries servers or man-in-the-middle malicious users to inject arbitrary web script or HTML, and execute arbitrary code, via a response ...
National Rail Enquiries National Rail Enquiries Live Departure Boards
8.1
CVSSv3
CVE-2021-27197
DSUtility.dll in Pelco Digital Sentry Server prior to 7.19.67 has an arbitrary file write vulnerability. The AppendToTextFile method doesn't check if it's being called from the application or from a malicious user. The vulnerability is triggered when a remote attacker c...
Pelco Digital Sentry Server
6.3
CVSSv3
CVE-2023-40621
SAP PowerDesigner Client - version 16.7, allows an unauthenticated malicious user to inject VBScript code in a document and have it opened by an unsuspecting user, to have it executed by the application on behalf of the user. The application has a security option to disable or pr...
Sap Powerdesigner 16.7
8.8
CVSSv3
CVE-2016-3248
The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a cra...
Microsoft Internet Explorer 9
Microsoft Internet Explorer 11
Microsoft Internet Explorer 10
Microsoft Edge
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »