Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2007-0870

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-11 Feb, 2007 | 21:00
Updated At-07 Aug, 2024 | 12:34
Rejected At-
Credits

Unspecified vulnerability in Microsoft Word 2000 allows remote attackers to cause a denial of service (crash) via unknown vectors, a different vulnerability than CVE-2006-5994, CVE-2006-6456, CVE-2006-6561, and CVE-2007-0515, a variant of Exploit-MS06-027.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:11 Feb, 2007 | 21:00
Updated At:07 Aug, 2024 | 12:34
Rejected At:
▼CVE Numbering Authority (CNA)

Unspecified vulnerability in Microsoft Word 2000 allows remote attackers to cause a denial of service (crash) via unknown vectors, a different vulnerability than CVE-2006-5994, CVE-2006-6456, CVE-2006-6561, and CVE-2007-0515, a variant of Exploit-MS06-027.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://secunia.com/advisories/24122
third-party-advisory
x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/468871/100/200/threaded
vendor-advisory
x_refsource_HP
https://exchange.xforce.ibmcloud.com/vulnerabilities/32503
vdb-entry
x_refsource_XF
http://www.securityfocus.com/archive/1/468871/100/200/threaded
vendor-advisory
x_refsource_HP
http://www.vupen.com/english/advisories/2007/1709
vdb-entry
x_refsource_VUPEN
http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0370.html
mailing-list
x_refsource_FULLDISC
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-024
vendor-advisory
x_refsource_MS
http://osvdb.org/33196
vdb-entry
x_refsource_OSVDB
http://www.securityfocus.com/bid/22567
vdb-entry
x_refsource_BID
http://www.us-cert.gov/cas/techalerts/TA07-128A.html
third-party-advisory
x_refsource_CERT
http://www.avertlabs.com/research/blog/?p=206
x_refsource_MISC
http://www.vupen.com/english/advisories/2007/0607
vdb-entry
x_refsource_VUPEN
http://www.kb.cert.org/vuls/id/332404
third-party-advisory
x_refsource_CERT-VN
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1860
vdb-entry
signature
x_refsource_OVAL
http://www.microsoft.com/technet/security/advisory/933052.mspx
x_refsource_MISC
http://www.securitytracker.com/id?1017653
vdb-entry
x_refsource_SECTRACK
http://www.avertlabs.com/research/blog/?p=199
x_refsource_MISC
Hyperlink: http://secunia.com/advisories/24122
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securityfocus.com/archive/1/468871/100/200/threaded
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/32503
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://www.securityfocus.com/archive/1/468871/100/200/threaded
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://www.vupen.com/english/advisories/2007/1709
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0370.html
Resource:
mailing-list
x_refsource_FULLDISC
Hyperlink: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-024
Resource:
vendor-advisory
x_refsource_MS
Hyperlink: http://osvdb.org/33196
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://www.securityfocus.com/bid/22567
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA07-128A.html
Resource:
third-party-advisory
x_refsource_CERT
Hyperlink: http://www.avertlabs.com/research/blog/?p=206
Resource:
x_refsource_MISC
Hyperlink: http://www.vupen.com/english/advisories/2007/0607
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.kb.cert.org/vuls/id/332404
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1860
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://www.microsoft.com/technet/security/advisory/933052.mspx
Resource:
x_refsource_MISC
Hyperlink: http://www.securitytracker.com/id?1017653
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://www.avertlabs.com/research/blog/?p=199
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://secunia.com/advisories/24122
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securityfocus.com/archive/1/468871/100/200/threaded
vendor-advisory
x_refsource_HP
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/32503
vdb-entry
x_refsource_XF
x_transferred
http://www.securityfocus.com/archive/1/468871/100/200/threaded
vendor-advisory
x_refsource_HP
x_transferred
http://www.vupen.com/english/advisories/2007/1709
vdb-entry
x_refsource_VUPEN
x_transferred
http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0370.html
mailing-list
x_refsource_FULLDISC
x_transferred
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-024
vendor-advisory
x_refsource_MS
x_transferred
http://osvdb.org/33196
vdb-entry
x_refsource_OSVDB
x_transferred
http://www.securityfocus.com/bid/22567
vdb-entry
x_refsource_BID
x_transferred
http://www.us-cert.gov/cas/techalerts/TA07-128A.html
third-party-advisory
x_refsource_CERT
x_transferred
http://www.avertlabs.com/research/blog/?p=206
x_refsource_MISC
x_transferred
http://www.vupen.com/english/advisories/2007/0607
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.kb.cert.org/vuls/id/332404
third-party-advisory
x_refsource_CERT-VN
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1860
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://www.microsoft.com/technet/security/advisory/933052.mspx
x_refsource_MISC
x_transferred
http://www.securitytracker.com/id?1017653
vdb-entry
x_refsource_SECTRACK
x_transferred
http://www.avertlabs.com/research/blog/?p=199
x_refsource_MISC
x_transferred
Hyperlink: http://secunia.com/advisories/24122
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/468871/100/200/threaded
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/32503
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/468871/100/200/threaded
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/1709
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0370.html
Resource:
mailing-list
x_refsource_FULLDISC
x_transferred
Hyperlink: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-024
Resource:
vendor-advisory
x_refsource_MS
x_transferred
Hyperlink: http://osvdb.org/33196
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://www.securityfocus.com/bid/22567
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA07-128A.html
Resource:
third-party-advisory
x_refsource_CERT
x_transferred
Hyperlink: http://www.avertlabs.com/research/blog/?p=206
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/0607
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/332404
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1860
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://www.microsoft.com/technet/security/advisory/933052.mspx
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.securitytracker.com/id?1017653
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://www.avertlabs.com/research/blog/?p=199
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:11 Feb, 2007 | 21:28
Updated At:16 Oct, 2018 | 16:34

Unspecified vulnerability in Microsoft Word 2000 allows remote attackers to cause a denial of service (crash) via unknown vectors, a different vulnerability than CVE-2006-5994, CVE-2006-6456, CVE-2006-6561, and CVE-2007-0515, a variant of Exploit-MS06-027.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.6HIGH
AV:N/AC:H/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 7.6
Base severity: HIGH
Vector:
AV:N/AC:H/Au:N/C:C/I:C/A:C
CPE Matches
Microsoft Corporation
microsoft
>>word>>2000
cpe:2.3:a:microsoft:word:2000:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0370.htmlcve@mitre.org
N/A
http://osvdb.org/33196cve@mitre.org
N/A
http://secunia.com/advisories/24122cve@mitre.org
N/A
http://www.avertlabs.com/research/blog/?p=199cve@mitre.org
N/A
http://www.avertlabs.com/research/blog/?p=206cve@mitre.org
N/A
http://www.kb.cert.org/vuls/id/332404cve@mitre.org
US Government Resource
http://www.microsoft.com/technet/security/advisory/933052.mspxcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/468871/100/200/threadedcve@mitre.org
N/A
http://www.securityfocus.com/bid/22567cve@mitre.org
N/A
http://www.securitytracker.com/id?1017653cve@mitre.org
N/A
http://www.us-cert.gov/cas/techalerts/TA07-128A.htmlcve@mitre.org
US Government Resource
http://www.vupen.com/english/advisories/2007/0607cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2007/1709cve@mitre.org
N/A
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-024cve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/32503cve@mitre.org
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1860cve@mitre.org
N/A
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0370.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://osvdb.org/33196
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/24122
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.avertlabs.com/research/blog/?p=199
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.avertlabs.com/research/blog/?p=206
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.kb.cert.org/vuls/id/332404
Source: cve@mitre.org
Resource:
US Government Resource
Hyperlink: http://www.microsoft.com/technet/security/advisory/933052.mspx
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/468871/100/200/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/22567
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securitytracker.com/id?1017653
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA07-128A.html
Source: cve@mitre.org
Resource:
US Government Resource
Hyperlink: http://www.vupen.com/english/advisories/2007/0607
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2007/1709
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-024
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/32503
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1860
Source: cve@mitre.org
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

742Records found
CVE-2006-2385
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.6||HIGH
EPSS-18.24% / 94.95%
||
7 Day CHG~0.00%
Published-13 Jun, 2006 | 19:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows user-assisted remote attackers to execute arbitrary code via a crafted web page that triggers memory corruption when it is saved as a multipart HTML (.mht) file.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_explorerien/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2017-0149
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-29.48% / 96.44%
||
7 Day CHG~0.00%
Published-17 Mar, 2017 | 00:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-06-14||Apply updates per vendor instructions.

Microsoft Internet Explorer 9 through 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0018 and CVE-2017-0037.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2008windows_7windows_server_2012windows_10_1607windows_server_2016windows_10_1507windows_8.1windows_10_1511windows_rt_8.1windows_vistainternet_explorerInternet ExplorerInternet Explorer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-0131
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-16.01% / 94.52%
||
7 Day CHG~0.00%
Published-17 Mar, 2017 | 00:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151.

Action-Not Available
Vendor-Microsoft Corporation
Product-edgewindows_10windows_server_2016Browser
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-0970
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-38.32% / 97.13%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 15:13
Updated-04 Aug, 2024 | 06:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0968.

Action-Not Available
Vendor-Microsoft Corporation
Product-edgewindows_server_2019chakracorewindows_10Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based SystemsChakraCoreMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows Server 2019Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-0235
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-26.11% / 96.09%
||
7 Day CHG~0.00%
Published-12 May, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0236, and CVE-2017-0238.

Action-Not Available
Vendor-Microsoft Corporation
Product-edgeMicrosoft Edge
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-0674
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-93.87% / 99.86%
||
7 Day CHG~0.00%
Published-11 Feb, 2020 | 21:22
Updated-30 Jul, 2025 | 01:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2008windows_7windows_8.1windows_rt_8.1windows_10internet_explorerwindows_server_2012windows_server_2019Internet Explorer 11 on Windows 10 Version 1903 for 32-bit SystemsInternet Explorer 9Internet Explorer 11 on Windows 10 Version 1909 for 32-bit SystemsInternet Explorer 11 on Windows Server 2012Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based SystemsInternet Explorer 10Internet Explorer 11 on Windows 10 Version 1903 for x64-based SystemsInternet Explorer 11 on Windows 10 Version 1903 for ARM64-based SystemsInternet Explorer 11Internet Explorer 11 on Windows 10 Version 1909 for x64-based SystemsInternet Explorer
CWE ID-CWE-416
Use After Free
CVE-2017-0238
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-23.48% / 95.76%
||
7 Day CHG~0.00%
Published-12 May, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in Microsoft browsers in the way JavaScript scripting engines handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, and CVE-2017-0236.

Action-Not Available
Vendor-Microsoft Corporation
Product-internet_exploreredgeMicrosoft browsers
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-0848
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-3.81% / 87.66%
||
7 Day CHG~0.00%
Published-12 Mar, 2020 | 15:48
Updated-04 Aug, 2024 | 06:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016chakracorewindows_10windows_server_2019edgeChakraCoreMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows Server 2019Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows Server 2016Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-0227
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-21.96% / 95.56%
||
7 Day CHG~0.00%
Published-12 May, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in Microsoft Edge in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0221 and CVE-2017-0240.

Action-Not Available
Vendor-Microsoft Corporation
Product-edgeMicrosoft Edge
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-0826
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-3.84% / 87.73%
||
7 Day CHG~0.00%
Published-12 Mar, 2020 | 15:48
Updated-04 Aug, 2024 | 06:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016chakracorewindows_10windows_server_2019edgeChakraCoreMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows Server 2019Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows Server 2016Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-1035
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-3.36% / 86.86%
||
7 Day CHG~0.00%
Published-21 May, 2020 | 22:52
Updated-04 Aug, 2024 | 06:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1058, CVE-2020-1060, CVE-2020-1093.

Action-Not Available
Vendor-Microsoft Corporation
Product-internet_explorerwindows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2019windows_server_2008Internet Explorer 11 on Windows 10 Version 1903 for x64-based SystemsInternet Explorer 11 on Windows 10 Version 1909 for ARM64-based SystemsInternet Explorer 11Internet Explorer 11 on Windows 10 Version 1903 for 32-bit SystemsInternet Explorer 9Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based SystemsInternet Explorer 11 on Windows 10 Version 1909 for x64-based SystemsInternet Explorer 11 on Windows Server 2012Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-0071
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-32.39% / 96.69%
||
7 Day CHG~0.00%
Published-17 Mar, 2017 | 00:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151.

Action-Not Available
Vendor-Microsoft Corporation
Product-edgewindows_10windows_server_2016Browser
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-0640
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-3.40% / 86.93%
||
7 Day CHG~0.00%
Published-14 Jan, 2020 | 23:11
Updated-04 Aug, 2024 | 06:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'.

Action-Not Available
Vendor-Microsoft Corporation
Product-internet_explorerwindows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2019windows_server_2008Internet Explorer 11 on Windows 10 Version 1903 for x64-based SystemsInternet Explorer 11 on Windows 10 Version 1909 for ARM64-based SystemsInternet Explorer 11Internet Explorer 11 on Windows 10 Version 1903 for 32-bit SystemsInternet Explorer 9Internet Explorer 10Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based SystemsInternet Explorer 11 on Windows Server 2012Internet Explorer 11 on Windows 10 Version 1909 for x64-based SystemsInternet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0673
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-4.07% / 88.09%
||
7 Day CHG~0.00%
Published-11 Feb, 2020 | 21:22
Updated-04 Aug, 2024 | 06:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767.

Action-Not Available
Vendor-Microsoft Corporation
Product-internet_explorerwindows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2019windows_server_2008Internet Explorer 11 on Windows 10 Version 1903 for x64-based SystemsInternet Explorer 11 on Windows 10 Version 1909 for ARM64-based SystemsInternet Explorer 11Internet Explorer 11 on Windows 10 Version 1903 for 32-bit SystemsInternet Explorer 9Internet Explorer 10Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based SystemsInternet Explorer 11 on Windows 10 Version 1909 for x64-based SystemsInternet Explorer 11 on Windows Server 2012Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-0205
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-23.91% / 95.81%
||
7 Day CHG~0.00%
Published-12 Apr, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user, aka "Microsoft Edge Memory Corruption Vulnerability."

Action-Not Available
Vendor-Microsoft Corporation
Product-edgeEdge
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-1058
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-3.36% / 86.86%
||
7 Day CHG~0.00%
Published-21 May, 2020 | 22:52
Updated-04 Aug, 2024 | 06:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1035, CVE-2020-1060, CVE-2020-1093.

Action-Not Available
Vendor-Microsoft Corporation
Product-internet_explorerwindows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2019windows_server_2008Internet Explorer 11 on Windows 10 Version 1903 for x64-based SystemsInternet Explorer 11 on Windows 10 Version 1909 for ARM64-based SystemsInternet Explorer 11Internet Explorer 11 on Windows 10 Version 1903 for 32-bit SystemsInternet Explorer 9Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based SystemsInternet Explorer 11 on Windows 10 Version 1909 for x64-based SystemsInternet Explorer 11 on Windows Server 2012Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0711
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-3.81% / 87.66%
||
7 Day CHG-1.39%
Published-11 Feb, 2020 | 21:23
Updated-04 Aug, 2024 | 06:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767.

Action-Not Available
Vendor-Microsoft Corporation
Product-edgewindows_server_2019chakracorewindows_10Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based SystemsChakraCoreMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows Server 2019Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-0266
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-53.21% / 97.88%
||
7 Day CHG~0.00%
Published-12 May, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in Microsoft Edge in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Remote Code Execution Vulnerability."

Action-Not Available
Vendor-Microsoft Corporation
Product-edgeMicrosoft Edge
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-0969
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-38.32% / 97.13%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 15:13
Updated-04 Aug, 2024 | 06:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Chakra Scripting Engine Memory Corruption Vulnerability'.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016chakracorewindows_10windows_server_2019edgeChakraCoreMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows Server 2019Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows Server 2016Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-0229
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-24.01% / 95.82%
||
7 Day CHG~0.00%
Published-12 May, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in Microsoft Edge in the way JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238.

Action-Not Available
Vendor-Microsoft Corporation
Product-edgeMicrosoft Edge
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-0018
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-20.82% / 95.39%
||
7 Day CHG~0.00%
Published-17 Mar, 2017 | 00:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Internet Explorer 10 and 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0037 and CVE-2017-0149.

Action-Not Available
Vendor-Microsoft Corporation
Product-internet_explorerInternet Explorer
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-1037
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-4.54% / 88.74%
||
7 Day CHG~0.00%
Published-21 May, 2020 | 22:52
Updated-04 Aug, 2024 | 06:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Chakra Scripting Engine Memory Corruption Vulnerability'.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016chakracorewindows_10windows_server_2019edgeChakraCoreMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows Server 2019Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows Server 2016Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0830
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-4.46% / 88.66%
||
7 Day CHG~0.00%
Published-12 Mar, 2020 | 15:48
Updated-04 Aug, 2024 | 06:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848.

Action-Not Available
Vendor-Microsoft Corporation
Product-internet_explorerwindows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7chakracorewindows_10windows_server_2019windows_server_2008edgeChakraCoreMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows Server 2019Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based SystemsInternet Explorer 11Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based SystemsInternet Explorer 11 on Windows Server 2012Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows Server 2016Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based SystemsInternet Explorer 11 on Windows 10 Version 1909 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based SystemsInternet Explorer 11 on Windows 10 Version 1903 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 for 32-bit SystemsInternet Explorer 11 on Windows 10 Version 1903 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based SystemsInternet Explorer 11 on Windows 10 Version 1903 for ARM64-based SystemsInternet Explorer 11 on Windows 10 Version 1909 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-0151
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-16.01% / 94.52%
||
7 Day CHG~0.00%
Published-17 Mar, 2017 | 00:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, and CVE-2017-0150.

Action-Not Available
Vendor-Microsoft Corporation
Product-edgewindows_10windows_server_2016Browser
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-0827
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-28.79% / 96.38%
||
7 Day CHG~0.00%
Published-12 Mar, 2020 | 15:48
Updated-04 Aug, 2024 | 06:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016chakracorewindows_10windows_server_2019edgeChakraCoreMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows Server 2019Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows Server 2016Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0710
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-3.81% / 87.66%
||
7 Day CHG-1.39%
Published-11 Feb, 2020 | 21:23
Updated-04 Aug, 2024 | 06:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016chakracorewindows_10windows_server_2019edgeChakraCoreMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows Server 2019Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows Server 2016Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-1060
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-3.36% / 86.86%
||
7 Day CHG~0.00%
Published-21 May, 2020 | 22:52
Updated-04 Aug, 2024 | 06:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1035, CVE-2020-1058, CVE-2020-1093.

Action-Not Available
Vendor-Microsoft Corporation
Product-internet_explorerwindows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2019windows_server_2008Internet Explorer 11 on Windows 10 Version 1903 for x64-based SystemsInternet Explorer 11 on Windows 10 Version 1909 for ARM64-based SystemsInternet Explorer 11Internet Explorer 11 on Windows 10 Version 1903 for 32-bit SystemsInternet Explorer 9Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based SystemsInternet Explorer 11 on Windows 10 Version 1909 for x64-based SystemsInternet Explorer 11 on Windows Server 2012Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0847
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-6.19% / 90.48%
||
7 Day CHG~0.00%
Published-12 Mar, 2020 | 15:48
Updated-04 Aug, 2024 | 06:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'.

Action-Not Available
Vendor-Microsoft Corporation
Product-internet_explorerwindows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2008Internet Explorer 11 on Windows 10 Version 1903 for x64-based SystemsInternet Explorer 11 on Windows 10 Version 1909 for ARM64-based SystemsInternet Explorer 11Internet Explorer 11 on Windows 10 Version 1903 for 32-bit SystemsInternet Explorer 9Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based SystemsInternet Explorer 11 on Windows 10 Version 1909 for x64-based SystemsInternet Explorer 11 on Windows Server 2012Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems
CVE-2020-0824
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-3.33% / 86.78%
||
7 Day CHG~0.00%
Published-12 Mar, 2020 | 15:48
Updated-04 Aug, 2024 | 06:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'.

Action-Not Available
Vendor-Microsoft Corporation
Product-internet_explorerwindows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2019windows_server_2008Internet Explorer 11 on Windows 10 Version 1903 for x64-based SystemsInternet Explorer 11 on Windows 10 Version 1909 for ARM64-based SystemsInternet Explorer 11Internet Explorer 11 on Windows 10 Version 1903 for 32-bit SystemsInternet Explorer 11 on Windows 10 Version 1903 for ARM64-based SystemsInternet Explorer 11 on Windows 10 Version 1909 for x64-based SystemsInternet Explorer 11 on Windows Server 2012Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-0202
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-61.87% / 98.28%
||
7 Day CHG~0.00%
Published-12 Apr, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user, a.k.a. "Internet Explorer Memory Corruption Vulnerability."

Action-Not Available
Vendor-Microsoft Corporation
Product-internet_explorerInternet Explorer
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-0895
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-6.24% / 90.52%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 15:12
Updated-04 Aug, 2024 | 06:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'.

Action-Not Available
Vendor-Microsoft Corporation
Product-internet_explorerwindows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2019windows_server_2008Internet Explorer 11 on Windows 10 Version 1903 for x64-based SystemsInternet Explorer 11 on Windows 10 Version 1909 for ARM64-based SystemsInternet Explorer 11Internet Explorer 11 on Windows 10 Version 1903 for 32-bit SystemsInternet Explorer 9Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based SystemsInternet Explorer 11 on Windows 10 Version 1909 for x64-based SystemsInternet Explorer 11 on Windows Server 2012Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems
CVE-2020-1062
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-54.01% / 97.92%
||
7 Day CHG~0.00%
Published-21 May, 2020 | 22:52
Updated-04 Aug, 2024 | 06:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1092.

Action-Not Available
Vendor-Microsoft Corporation
Product-internet_explorerwindows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2019windows_server_2008Internet Explorer 11 on Windows 10 Version 1903 for x64-based SystemsInternet Explorer 11 on Windows 10 Version 1909 for ARM64-based SystemsInternet Explorer 11Internet Explorer 11 on Windows 10 Version 1903 for 32-bit SystemsInternet Explorer 9Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based SystemsInternet Explorer 11 on Windows 10 Version 1909 for x64-based SystemsInternet Explorer 11 on Windows Server 2012Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems
CWE ID-CWE-787
Out-of-bounds Write
CVE-2006-0022
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.6||HIGH
EPSS-37.94% / 97.10%
||
7 Day CHG~0.00%
Published-13 Jun, 2006 | 19:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Microsoft PowerPoint in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP1 and SP2, Office 2004 for Mac, and v. X for Mac allows user-assisted attackers to execute arbitrary code via a PowerPoint document with a malformed record, which triggers memory corruption.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-powerpointn/a
CVE-2020-0968
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-43.24% / 97.41%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 15:13
Updated-30 Jul, 2025 | 01:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0970.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2008windows_7windows_8.1windows_rt_8.1windows_10internet_explorerwindows_server_2012windows_server_2019Internet Explorer 11 on Windows 10 Version 1903 for 32-bit SystemsInternet Explorer 9Internet Explorer 11 on Windows 10 Version 1909 for 32-bit SystemsInternet Explorer 11 on Windows Server 2012Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based SystemsInternet Explorer 11 on Windows 10 Version 1903 for x64-based SystemsInternet Explorer 11 on Windows 10 Version 1903 for ARM64-based SystemsInternet Explorer 11Internet Explorer 11 on Windows 10 Version 1909 for x64-based SystemsInternet Explorer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0767
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-41.06% / 97.30%
||
7 Day CHG-1.13%
Published-11 Feb, 2020 | 21:23
Updated-04 Aug, 2024 | 06:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016chakracorewindows_10windows_server_2019edgeChakraCoreMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows Server 2019Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows Server 2016Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0831
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-3.84% / 87.73%
||
7 Day CHG~0.00%
Published-12 Mar, 2020 | 15:48
Updated-04 Aug, 2024 | 06:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016chakracorewindows_10windows_server_2019edgeChakraCoreMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows Server 2019Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows Server 2016Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0832
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-2.48% / 84.69%
||
7 Day CHG~0.00%
Published-12 Mar, 2020 | 15:48
Updated-04 Aug, 2024 | 06:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0833, CVE-2020-0848.

Action-Not Available
Vendor-Microsoft Corporation
Product-internet_explorerwindows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2019windows_server_2008Internet Explorer 11 on Windows 10 Version 1903 for x64-based SystemsInternet Explorer 11 on Windows 10 Version 1909 for ARM64-based SystemsInternet Explorer 11Internet Explorer 11 on Windows 10 Version 1903 for 32-bit SystemsInternet Explorer 9Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based SystemsInternet Explorer 11 on Windows Server 2012Internet Explorer 11 on Windows 10 Version 1909 for x64-based SystemsInternet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems
CWE ID-CWE-787
Out-of-bounds Write
CVE-2014-2781
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.6||HIGH
EPSS-7.54% / 91.43%
||
7 Day CHG~0.00%
Published-08 Jul, 2014 | 22:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly restrict the exchange of keyboard and mouse data between programs at different integrity levels, which allows attackers to bypass intended access restrictions by leveraging control over a low-integrity process to launch the On-Screen Keyboard (OSK) and then upload a crafted application, aka "On-Screen Keyboard Elevation of Privilege Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_rtwindows_7windows_8windows_server_2008windows_rt_8.1windows_vistawindows_server_2012windows_8.1n/a
CVE-2020-0811
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-3.43% / 87.00%
||
7 Day CHG~0.00%
Published-12 Mar, 2020 | 15:48
Updated-04 Aug, 2024 | 06:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based)L, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0812.

Action-Not Available
Vendor-Microsoft Corporation
Product-edgewindows_server_2019chakracorewindows_10ChakraCoreMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows Server 2019Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0713
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-3.81% / 87.66%
||
7 Day CHG-1.39%
Published-11 Feb, 2020 | 21:23
Updated-04 Aug, 2024 | 06:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0767.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016chakracorewindows_10windows_server_2019edgeChakraCoreMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows Server 2019Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows Server 2016Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems
CWE ID-CWE-787
Out-of-bounds Write
CVE-2005-2124
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.6||HIGH
EPSS-83.17% / 99.22%
||
7 Day CHG~0.00%
Published-29 Nov, 2005 | 21:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1, related to "An unchecked buffer" and possibly buffer overflows, allows remote attackers to execute arbitrary code via a crafted Windows Metafile (WMF) format image, aka "Windows Metafile Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_xpwindows_2000windows_2003_servern/a
CVE-2020-0828
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-3.84% / 87.73%
||
7 Day CHG~0.00%
Published-12 Mar, 2020 | 15:48
Updated-04 Aug, 2024 | 06:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016chakracorewindows_10windows_server_2019edgeChakraCoreMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows Server 2019Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows Server 2016Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0812
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-3.43% / 87.00%
||
7 Day CHG~0.00%
Published-12 Mar, 2020 | 15:48
Updated-04 Aug, 2024 | 06:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based)L, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0811.

Action-Not Available
Vendor-Microsoft Corporation
Product-edgewindows_server_2019chakracorewindows_10Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based SystemsChakraCoreMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows Server 2019Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0712
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-3.81% / 87.66%
||
7 Day CHG-1.39%
Published-11 Feb, 2020 | 21:23
Updated-04 Aug, 2024 | 06:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0713, CVE-2020-0767.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016chakracorewindows_10windows_server_2019edgeChakraCoreMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows Server 2019Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows Server 2016Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0829
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-3.84% / 87.73%
||
7 Day CHG~0.00%
Published-12 Mar, 2020 | 15:48
Updated-04 Aug, 2024 | 06:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016chakracorewindows_10windows_server_2019edgeChakraCoreMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows Server 2019Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows Server 2016Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit SystemsMicrosoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-3289
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-31.57% / 96.63%
||
7 Day CHG~0.00%
Published-09 Aug, 2016 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3322.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_exploreredgen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-4112
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7.5||HIGH
EPSS-6.49% / 90.71%
||
7 Day CHG~0.00%
Published-11 May, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.

Action-Not Available
Vendor-n/aMicrosoft CorporationAdobe Inc.
Product-flash_playerinternet_exploreredgen/a
CVE-2016-4110
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7.5||HIGH
EPSS-6.96% / 91.05%
||
7 Day CHG~0.00%
Published-11 May, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.

Action-Not Available
Vendor-n/aMicrosoft CorporationAdobe Inc.
Product-flash_playerinternet_exploreredgen/a
CVE-2016-4115
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7.5||HIGH
EPSS-6.49% / 90.71%
||
7 Day CHG~0.00%
Published-11 May, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.

Action-Not Available
Vendor-n/aMicrosoft CorporationAdobe Inc.
Product-flash_playerinternet_exploreredgen/a
CVE-2016-3241
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-16.93% / 94.70%
||
7 Day CHG~0.00%
Published-13 Jul, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3240 and CVE-2016-3242.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_explorern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • ...
  • 6
  • 7
  • 8
  • ...
  • 14
  • 15
  • Next
Details not found