本页列出影响 microsoft vbscript 的已公开 CVE 漏洞(通过 NVD CPE 关联)。每行包含严重程度评分、摘要与发布日期,便于识别与分析安全问题。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2016-3207 | The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3205 and CVE-2016-3206. | [email protected] | 7.5 | 17.40% | 2016-06-16 | 2026-05-06 |
| CVE-2016-3206 | The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3205 and CVE-2016-3207. | [email protected] | 7.5 | 14.66% | 2016-06-16 | 2026-05-06 |
| CVE-2016-3205 | The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3206 and CVE-2016-3207. | [email protected] | 7.5 | 14.66% | 2016-06-16 | 2026-05-06 |
| CVE-2016-3202 | The Microsoft (1) Chakra JavaScript, (2) JScript, and (3) VBScript engines, as used in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." | [email protected] | 7.5 | 17.35% | 2016-06-16 | 2026-05-06 |
| CVE-2016-0189 KEV | The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0187. | [email protected] | 7.5 | 93.16% | 2016-05-11 | 2026-04-22 |
| CVE-2016-0187 | The Microsoft (1) JScript 5.8 and (2) VBScript 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0189. | [email protected] | 7.5 | 21.59% | 2016-05-11 | 2026-05-06 |
| CVE-2016-0002 | The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." | [email protected] | 7.5 | 23.94% | 2016-01-13 | 2026-05-06 |
| CVE-2015-6136 | The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." | [email protected] | 9.3 | 25.75% | 2015-12-09 | 2026-05-06 |
| CVE-2015-6135 | The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability." | [email protected] | 5.0 | 24.48% | 2015-12-09 | 2026-05-06 |
| CVE-2015-6089 | The Microsoft (1) VBScript and (2) JScript engines, as used in Internet Explorer 8 through 11, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." | [email protected] | 9.3 | 13.27% | 2015-11-11 | 2026-05-06 |
| CVE-2015-6059 | The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability." | [email protected] | 4.3 | 16.64% | 2015-10-14 | 2026-05-06 |
| CVE-2015-6056 | The (1) JScript and (2) VBScript engines in Microsoft Internet Explorer 9 through 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." | [email protected] | 9.3 | 12.92% | 2015-10-14 | 2026-05-06 |
| CVE-2015-6055 | The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Filter arguments, aka "Scripting Engine Memory Corruption Vulnerability." | [email protected] | 9.3 | 25.08% | 2015-10-14 | 2026-05-06 |
| CVE-2015-6052 | The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "VBScript and JScript ASLR Bypass." | [email protected] | 4.3 | 15.18% | 2015-10-14 | 2026-05-06 |
| CVE-2015-2482 | The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted replace operation with a JavaScript regular expression, aka "Scripting Engine Memory Corruption Vulnerability." | [email protected] | 9.3 | 32.29% | 2015-10-14 | 2026-05-06 |
| CVE-2015-2372 | vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 6 through 11 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScript Memory Corruption Vulnerability." | [email protected] | 9.3 | 20.24% | 2015-07-14 | 2026-05-06 |
| CVE-2015-1686 | The Microsoft (1) VBScript 5.6 through 5.8 and (2) JScript 5.6 through 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "VBScript and JScript ASLR Bypass." | [email protected] | 4.3 | 16.27% | 2015-05-13 | 2026-05-06 |
| CVE-2015-1684 | VBScript.dll in the Microsoft VBScript 5.6 through 5.8 engine, as used in Internet Explorer 8 through 11 and other products, allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "VBScript ASLR Bypass." | [email protected] | 4.3 | 16.27% | 2015-05-13 | 2026-05-06 |
| CVE-2015-0032 | vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 8 through 11 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScript Memory Corruption Vulnerability." | [email protected] | 9.3 | 22.63% | 2015-03-11 | 2026-05-06 |
| CVE-2014-6363 | vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 6 through 11 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScript Memory Corruption Vulnerability." | [email protected] | 9.3 | 28.44% | 2014-12-11 | 2026-05-06 |