CVSS: 7.6EPSS: 13%CPEs: 14EXPL: 0CVE-2018-8460 – Microsoft Internet Explorer CSS Style Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-8460
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-8491. Existe una vulnerabilidad de ejecución remota de código cuando Internet Explorer accede incorrectamente a los objetos en la memoria. Esto también se conoce como "Internet Explorer Memory Corruption Vulnerability". • http://www.securityfocus.com/bid/105449 http://www.securitytracker.com/id/1041841 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8460 • CWE-787: Out-of-bounds Write •
CVSS: 7.6EPSS: 13%CPEs: 14EXPL: 0CVE-2018-8491 – Microsoft Internet Explorer WebCrypto importKey Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2018-8491
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-8460. Existe una vulnerabilidad de ejecución remota de código cuando Internet Explorer accede incorrectamente a los objetos en la memoria. Esto también se conoce como "Internet Explorer Memory Corruption Vulnerability". • http://www.securityfocus.com/bid/105454 http://www.securitytracker.com/id/1041841 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8491 • CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 1CVE-2018-17039
https://notcve.org/view.php?id=CVE-2018-17039
MiniCMS 1.10, when Internet Explorer is used, allows XSS via a crafted URI because $_SERVER['REQUEST_URI'] is mishandled. MiniCMS 1.10, cuando se emplea Internet Explorer, permite Cross-Site Scripting (XSS) mediante un URI manipulado denido a que $_SERVER['REQUEST_URI'] se gestiona de manera errónea. • https://github.com/bg5sbk/MiniCMS/issues/24 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 20EXPL: 0CVE-2018-8452
https://notcve.org/view.php?id=CVE-2018-8452
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers, aka "Scripting Engine Information Disclosure Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. Existe una vulnerabilidad de divulgación de información cuando el motor de scripting no gestiona correctamente los objetos en la memoria en los navegadores de Microsoft. Esto también se conoce como "Scripting Engine Information Disclosure Vulnerability". Esto afecta a ChakraCore, Internet Explorer 11 y Microsoft Edge. • http://www.securityfocus.com/bid/105252 http://www.securitytracker.com/id/1041623 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8452 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.2EPSS: 0%CPEs: 22EXPL: 0CVE-2018-8315
https://notcve.org/view.php?id=CVE-2018-8315
An information disclosure vulnerability exists when the browser scripting engine improperly handle object types, aka "Microsoft Scripting Engine Information Disclosure Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. Existe una vulnerabilidad de divulgación de información cuando el motor de scripting del navegador no gestiona correctamente los tipos de objetos. Esto también se conoce como "Microsoft Scripting Engine Information Disclosure Vulnerability". Esto afecta a ChakraCore, Internet Explorer 11, Microsoft Edge e Internet Explorer 10. • http://www.securityfocus.com/bid/105251 http://www.securitytracker.com/id/1041623 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8315 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •