cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2021-41351,https://securityvulnerability.io/vulnerability/CVE-2021-41351,Microsoft Edge (Chrome based) Spoofing on IE Mode,Microsoft Edge (Chrome based) Spoofing on IE Mode,Microsoft,Microsoft Edge (chromium-based) In Ie Mode,4.3,MEDIUM,0.006680000107735395,false,false,false,true,true,false,false,2021-11-10T00:46:34.000Z,0
CVE-2020-1220,https://securityvulnerability.io/vulnerability/CVE-2020-1220,,"A spoofing vulnerability exists when theMicrosoft Edge (Chromium-based) in IE Mode improperly handles specific redirects, aka 'Microsoft Edge (Chromium-based) in IE Mode Spoofing Vulnerability'.",Microsoft,"Microsoft Edge (chromium-based) In Ie Mode On Windows 10 Version 1803 For Arm64-based Systems,Microsoft Edge (chromium-based) In Ie Mode On Windows 10 Version 1803 For 32-bit Systems,Microsoft Edge (chromium-based) In Ie Mode On Windows 10 Version 1803 For X64-based Systems,Microsoft Edge (chromium-based) In Ie Mode On Windows 10 Version 1709 For X64-based Systems,Microsoft Edge (chromium-based) In Ie Mode On Windows 10 Version 1909 For X64-based Systems,Microsoft Edge (chromium-based) In Ie Mode On Windows 10 Version 1903 For 32-bit Systems,Microsoft Edge (chromium-based) In Ie Mode On Windows 10 Version 1809 For Arm64-based Systems,Microsoft Edge (chromium-based) In Ie Mode On Windows 10 Version 1809 For X64-based Systems,Microsoft Edge (chromium-based) In Ie Mode On Windows Server 2019,Microsoft Edge (chromium-based) In Ie Mode On Windows 10 Version 2004 For Arm64-based Systems,Microsoft Edge (chromium-based) In Ie Mode On Windows 10 Version 1909 For 32-bit Systems,Microsoft Edge (chromium-based) In Ie Mode On Windows 10 Version 1903 For X64-based Systems,Microsoft Edge (chromium-based) In Ie Mode On Windows 10 Version 1903 For Arm64-based Systems,Microsoft Edge (chromium-based) In Ie Mode On Windows 10 Version 2004 For X64-based Systems,Microsoft Edge (chromium-based) In Ie Mode On Windows 10 Version 1809 For 32-bit Systems,Microsoft Edge (chromium-based) In Ie Mode On Windows Server 2012 R2,Microsoft Edge (chromium-based) In Ie Mode On Windows 10 Version 1607 For X64-based Systems,Microsoft Edge (chromium-based) In Ie Mode On Windows Rt 8.1,Microsoft Edge (chromium-based) In Ie Mode On Windows 10 Version 2004 For 32-bit Systems,Microsoft Edge (chromium-based) In Ie Mode On Windows 10 Version 1909 For Arm64-based Systems,Microsoft Edge (chromium-based) In Ie Mode On Windows 7 For X64-based Systems Service Pack 1,Microsoft Edge (chromium-based) In Ie Mode On Windows Server 2012,Microsoft Edge (chromium-based) In Ie Mode On Windows Server 2008 R2 For X64-based Systems Service Pack 1,Microsoft Edge (chromium-based) In Ie Mode On Windows 10 Version 1607 For 32-bit Systems,Microsoft Edge (chromium-based) In Ie Mode On Windows 8.1 For 32-bit Systems,Microsoft Edge (chromium-based) In Ie Mode On Windows Server 2016,Microsoft Edge (chromium-based) In Ie Mode On Windows 10 Version 1709 For Arm64-based Systems,Microsoft Edge (chromium-based) In Ie Mode On Windows 10 Version 1709 For 32-bit Systems,Microsoft Edge (chromium-based) In Ie Mode On Windows 8.1 For X64-based Systems,Microsoft Edge (chromium-based) In Ie Mode On Windows 10 For X64-based Systems,Microsoft Edge (chromium-based) In Ie Mode On Windows 10 For 32-bit Systems,Microsoft Edge (chromium-based) In Ie Mode On Windows 7 For 32-bit Systems Service Pack 1",6.1,MEDIUM,0.001979999942705035,false,false,false,false,,false,false,2020-06-09T19:43:29.000Z,0
CVE-2012-1545,https://securityvulnerability.io/vulnerability/CVE-2012-1545,,"Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, allows remote attackers to bypass Protected Mode or cause a denial of service (memory corruption) by leveraging access to a Low integrity process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012.",Microsoft,"Ie,Internet Explorer",,,0.010490000247955322,false,false,false,false,,false,false,2012-03-09T11:55:00.000Z,0
CVE-2010-5071,https://securityvulnerability.io/vulnerability/CVE-2010-5071,,"The JavaScript implementation in Microsoft Internet Explorer 8.0 and earlier does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method.",Microsoft,"Internet Explorer,Ie",,,0.0038799999747425318,false,false,false,false,,false,false,2011-12-07T19:55:00.000Z,0
CVE-2002-2435,https://securityvulnerability.io/vulnerability/CVE-2002-2435,,"The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264.",Microsoft,"Internet Explorer,Ie",,,0.005009999964386225,false,false,false,false,,false,false,2011-12-07T19:00:00.000Z,0
CVE-2011-2382,https://securityvulnerability.io/vulnerability/CVE-2011-2382,,"Microsoft Internet Explorer 8 and earlier, and Internet Explorer 9 beta, does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing a file: URL, as demonstrated by a Facebook game, related to a ""cookiejacking"" issue.",Microsoft,"Internet Explorer,Ie",,,0.011169999837875366,false,false,false,false,,false,false,2011-06-03T17:55:00.000Z,0
CVE-2011-2383,https://securityvulnerability.io/vulnerability/CVE-2011-2383,,"Microsoft Internet Explorer 9 and earlier does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing an http: URL that redirects to a file: URL, as demonstrated by a Facebook game, related to a ""cookiejacking"" issue, aka ""Drag and Drop Information Disclosure Vulnerability."" NOTE: this vulnerability exists because of an incomplete fix in the Internet Explorer 9 release.",Microsoft,"Internet Explorer,Ie",,,0.021460000425577164,false,false,false,false,,false,false,2011-06-03T17:00:00.000Z,0
CVE-2010-2118,https://securityvulnerability.io/vulnerability/CVE-2010-2118,,Microsoft Internet Explorer 6.0.2900.2180 and 8.0.7600.16385 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid news:// URIs.,Microsoft,"Ie,Internet Explorer",,,0.002570000011473894,false,false,false,false,,false,false,2010-06-01T20:00:00.000Z,0
CVE-2010-1991,https://securityvulnerability.io/vulnerability/CVE-2010-1991,,"Microsoft Internet Explorer 6.0.2900.2180, 7, and 8.0.7600.16385 executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many IFRAME elements.",Microsoft,"Ie,Internet Explorer",,,0.002950000111013651,false,false,false,false,,false,false,2010-05-20T17:00:00.000Z,0
CVE-2009-2576,https://securityvulnerability.io/vulnerability/CVE-2009-2576,,"Microsoft Internet Explorer 6.0.2900.2180 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a long Unicode string argument to the write method, a related issue to CVE-2009-2479.  NOTE: it was later reported that 7.0.6000.16473 and earlier are also affected.",Microsoft,"Ie,Internet Explorer",,,0.020549999549984932,false,false,false,false,,false,false,2009-07-22T18:00:00.000Z,0
CVE-2009-2433,https://securityvulnerability.io/vulnerability/CVE-2009-2433,,Stack-based buffer overflow in the AddFavorite method in Microsoft Internet Explorer allows remote attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a long URL in the first argument.,Microsoft,"Ie,Internet Explorer",,,0.02484999969601631,false,false,false,false,,false,false,2009-07-10T20:25:00.000Z,0
CVE-2009-2057,https://securityvulnerability.io/vulnerability/CVE-2009-2057,,"Microsoft Internet Explorer before 8 uses the HTTP Host header to determine the context of a document provided in a (1) 4xx or (2) 5xx CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying this CONNECT response, aka an ""SSL tampering"" attack.",Microsoft,"Ie,Internet Explorer",,,0.0021100000012665987,false,false,false,false,,false,false,2009-06-15T19:30:00.000Z,0
CVE-2009-2069,https://securityvulnerability.io/vulnerability/CVE-2009-2069,,"Microsoft Internet Explorer before 8 displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT response page returned by a proxy server, which allows man-in-the-middle attackers to spoof an arbitrary https site by letting a browser obtain a valid certificate from this site during one request, and then sending the browser a crafted 502 response page upon a subsequent request.",Microsoft,"Ie,Internet Explorer",,,0.001019999966956675,false,false,false,false,,false,false,2009-06-15T19:00:00.000Z,0
CVE-2009-2064,https://securityvulnerability.io/vulnerability/CVE-2009-2064,,"Microsoft Internet Explorer 8, and possibly other versions, detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script file on an http site, related to ""HTTP-Intended-but-HTTPS-Loadable (HPIHSL) pages.""",Microsoft,"Internet Explorer,Pocket Ie",,,0.0022100000642240047,false,false,false,false,,false,false,2009-06-15T19:00:00.000Z,0
CVE-2009-0552,https://securityvulnerability.io/vulnerability/CVE-2009-0552,,"Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 on Windows XP SP2 and SP3, and 6 on Windows Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a web page that triggers presence of an object in memory that was (1) not properly initialized or (2) deleted, aka ""Uninitialized Memory Corruption Vulnerability.""",Microsoft,"Ie,Internet Explorer",,,0.8532900214195251,false,false,false,false,,false,false,2009-04-15T03:49:00.000Z,0
CVE-2008-2281,https://securityvulnerability.io/vulnerability/CVE-2008-2281,,"Cross-zone scripting vulnerability in the Print Table of Links feature in Internet Explorer 6.0, 7.0, and 8.0b allows user-assisted remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via an HTML document with a link containing JavaScript sequences, which are evaluated by a resource script when a user prints this document.",Microsoft,"Ie,Internet Explorer",,,0.46636998653411865,false,false,false,false,,false,false,2008-05-18T14:00:00.000Z,0
CVE-2008-1085,https://securityvulnerability.io/vulnerability/CVE-2008-1085,,"Use-after-free vulnerability in Microsoft Internet Explorer 5.01 SP4, 6 through SP1, and 7 allows remote attackers to execute arbitrary code via a crafted data stream that triggers memory corruption, as demonstrated using an invalid MIME-type that does not have a registered handler.",Microsoft,"Ie,Internet Explorer",,,0.8165799975395203,false,false,false,false,,false,false,2008-04-08T23:05:00.000Z,0
CVE-2008-0076,https://securityvulnerability.io/vulnerability/CVE-2008-0076,,"Unspecified vulnerability in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via crafted HTML layout combinations, aka ""HTML Rendering Memory Corruption Vulnerability.""",Microsoft,"Ie,Internet Explorer",,,0.9371899962425232,false,false,false,false,,false,false,2008-02-12T22:00:00.000Z,0
CVE-2008-0078,https://securityvulnerability.io/vulnerability/CVE-2008-0078,,"Unspecified vulnerability in an ActiveX control (dxtmsft.dll) in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via a crafted image, aka ""Argument Handling Memory Corruption Vulnerability.""",Microsoft,"Ie,Internet Explorer,Activex",,,0.9308199882507324,false,false,false,false,,false,false,2008-02-12T22:00:00.000Z,0
CVE-2007-3903,https://securityvulnerability.io/vulnerability/CVE-2007-3903,,"Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code via uninitialized or deleted objects used in repeated calls to the (1) cloneNode or (2) nodeValue JavaScript function, a different issue than CVE-2007-3902 and CVE-2007-5344, a variant of ""Uninitialized Memory Corruption Vulnerability.""",Microsoft,"Ie,Internet Explorer",,,0.9120299816131592,false,false,false,false,,false,false,2007-12-12T00:00:00.000Z,0
CVE-2007-5344,https://securityvulnerability.io/vulnerability/CVE-2007-5344,,"Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code via a crafted website using Javascript that creates, modifies, deletes, and accesses document objects using the tags property, which triggers heap corruption, related to uninitialized or deleted objects, a different issue than CVE-2007-3902 and CVE-2007-3903, and a variant of ""Uninitialized Memory Corruption Vulnerability.""",Microsoft,"Internet Explorer,Ie",,,0.8894199728965759,false,false,false,false,,false,false,2007-12-12T00:00:00.000Z,0
CVE-2007-5347,https://securityvulnerability.io/vulnerability/CVE-2007-5347,,"Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code via ""unexpected method calls to HTML objects,"" aka ""DHTML Object Memory Corruption Vulnerability.""",Microsoft,"Internet Explorer,Ie",,,0.7952700257301331,false,false,false,false,,false,false,2007-12-12T00:00:00.000Z,0
CVE-2007-3902,https://securityvulnerability.io/vulnerability/CVE-2007-3902,,"Use-after-free vulnerability in the CRecalcProperty function in mshtml.dll in Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code by calling the setExpression method and then modifying the outerHTML property of an HTML element, one variant of ""Uninitialized Memory Corruption Vulnerability.""",Microsoft,"Internet Explorer,Ie",,,0.9051399827003479,false,false,false,false,,false,false,2007-12-12T00:00:00.000Z,0
CVE-2007-4848,https://securityvulnerability.io/vulnerability/CVE-2007-4848,,"Microsoft Internet Explorer 4.0 through 7 allows remote attackers to determine the existence of local files that have associated images via a res:// URI in the src property of a JavaScript Image object, as demonstrated by the URI for a bitmap image resource within a (1) .exe or (2) .dll file.",Microsoft,"Internet Explorer,Ie",,,0.0027699999045580626,false,false,false,false,,false,false,2007-09-12T20:00:00.000Z,0
CVE-2007-0943,https://securityvulnerability.io/vulnerability/CVE-2007-0943,,"Unspecified vulnerability in Internet Explorer 5.01 and 6 SP1 allows remote attackers to execute arbitrary code via crafted Cascading Style Sheets (CSS) strings that trigger memory corruption during parsing, related to use of out-of-bounds pointers.",Microsoft,"Ie,Internet Explorer",,,0.8931800127029419,false,false,false,false,,false,false,2007-08-14T21:00:00.000Z,0