Office
by Microsoft
CVEs (1,069)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-16932 | Hig | 0.51 | 7.8 | 0.04 | Oct 16, 2020 | A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is… | ||
| CVE-2020-16931 | Hig | 0.51 | 7.8 | 0.04 | Oct 16, 2020 | A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is… | ||
| CVE-2020-16930 | Hig | 0.51 | 7.8 | 0.04 | Oct 16, 2020 | A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is… | ||
| CVE-2020-16929 | Hig | 0.51 | 7.8 | 0.03 | Oct 16, 2020 | A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is… | ||
| CVE-2020-16928 | Hig | 0.51 | 7.8 | 0.03 | Oct 16, 2020 | An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. An attacker who successfully exploited the vulnerability could elevate privileges. To exploit this vulnerability, an attacker would need to… | ||
| CVE-2020-1594 | Hig | 0.51 | 7.8 | 0.04 | Sep 11, 2020 | A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is… | ||
| CVE-2020-1338 | Hig | 0.51 | 7.8 | 0.04 | Sep 11, 2020 | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current… | ||
| CVE-2020-1335 | Hig | 0.51 | 7.8 | 0.04 | Sep 11, 2020 | A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is… | ||
| CVE-2020-1332 | Hig | 0.51 | 7.8 | 0.04 | Sep 11, 2020 | A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is… | ||
| CVE-2020-1218 | Hig | 0.51 | 7.8 | 0.04 | Sep 11, 2020 | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current… | ||
| CVE-2020-1193 | Hig | 0.51 | 7.8 | 0.04 | Sep 11, 2020 | A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is… | ||
| CVE-2020-1582 | Hig | 0.51 | 7.8 | 0.03 | Aug 17, 2020 | A remote code execution vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is… | ||
| CVE-2020-1581 | Hig | 0.51 | 7.8 | 0.04 | Aug 17, 2020 | An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) components handle objects in memory. An attacker who successfully exploited the vulnerability could elevate privileges. The attacker would need to already have the ability to… | ||
| CVE-2020-1563 | Hig | 0.51 | 7.8 | 0.03 | Aug 17, 2020 | A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is… | ||
| CVE-2020-0697 | Hig | 0.51 | 7.8 | 0.01 | Feb 11, 2020 | An elevation of privilege vulnerability exists in Microsoft Office OLicenseHeartbeat task, where an attacker who successfully exploited this vulnerability could run this task as SYSTEM.To exploit the vulnerability, an authenticated attacker would need to place a specially… | ||
| CVE-2019-1457 | Hig | 0.51 | 7.8 | 0.03 | Nov 12, 2019 | A security feature bypass vulnerability exists in Microsoft Office software by not enforcing macro settings on an Excel document, aka 'Microsoft Office Excel Security Feature Bypass'. | ||
| CVE-2019-1264 | Hig | 0.51 | 7.8 | 0.04 | Sep 11, 2019 | A security feature bypass vulnerability exists when Microsoft Office improperly handles input, aka 'Microsoft Office Security Feature Bypass Vulnerability'. | ||
| CVE-2019-1201 | Hig | 0.51 | 7.8 | 0.05 | Aug 14, 2019 | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.… | ||
| CVE-2019-1200 | Hig | 0.51 | 7.8 | 0.05 | Aug 14, 2019 | A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current… | ||
| CVE-2019-1199 | Hig | 0.51 | 7.8 | 0.05 | Aug 14, 2019 | A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on… |
- risk 0.51cvss 7.8epss 0.04
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is…
- risk 0.51cvss 7.8epss 0.04
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is…
- risk 0.51cvss 7.8epss 0.04
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is…
- risk 0.51cvss 7.8epss 0.03
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is…
- risk 0.51cvss 7.8epss 0.03
An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. An attacker who successfully exploited the vulnerability could elevate privileges. To exploit this vulnerability, an attacker would need to…
- risk 0.51cvss 7.8epss 0.04
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is…
- risk 0.51cvss 7.8epss 0.04
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current…
- risk 0.51cvss 7.8epss 0.04
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is…
- risk 0.51cvss 7.8epss 0.04
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is…
- risk 0.51cvss 7.8epss 0.04
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current…
- risk 0.51cvss 7.8epss 0.04
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is…
- risk 0.51cvss 7.8epss 0.03
A remote code execution vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is…
- risk 0.51cvss 7.8epss 0.04
An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) components handle objects in memory. An attacker who successfully exploited the vulnerability could elevate privileges. The attacker would need to already have the ability to…
- risk 0.51cvss 7.8epss 0.03
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is…
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability exists in Microsoft Office OLicenseHeartbeat task, where an attacker who successfully exploited this vulnerability could run this task as SYSTEM.To exploit the vulnerability, an authenticated attacker would need to place a specially…
- risk 0.51cvss 7.8epss 0.03
A security feature bypass vulnerability exists in Microsoft Office software by not enforcing macro settings on an Excel document, aka 'Microsoft Office Excel Security Feature Bypass'.
- risk 0.51cvss 7.8epss 0.04
A security feature bypass vulnerability exists when Microsoft Office improperly handles input, aka 'Microsoft Office Security Feature Bypass Vulnerability'.
- risk 0.51cvss 7.8epss 0.05
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.…
- risk 0.51cvss 7.8epss 0.05
A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current…
- risk 0.51cvss 7.8epss 0.05
A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on…
Page 19 of 54