VYPR

Office

by Microsoft

CVEs (1,069)

  • CVE-2021-28452HigApr 13, 2021
    risk 0.46cvss 7.1epss 0.01

    Microsoft Outlook Memory Corruption Vulnerability

  • CVE-2021-27055HigMar 11, 2021
    risk 0.46cvss 7.0epss 0.02

    Microsoft Visio Security Feature Bypass Vulnerability

  • CVE-2020-16934HigOct 16, 2020
    risk 0.46cvss 7.0epss 0.02

    An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. An attacker who successfully exploited the vulnerability could elevate privileges. To exploit this vulnerability, an attacker would need to…

  • CVE-2020-16933HigOct 16, 2020
    risk 0.46cvss 7.0epss 0.03

    A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.…

  • CVE-2023-36413MedNov 14, 2023
    risk 0.45cvss 6.5epss 0.30

    Microsoft Office Security Feature Bypass Vulnerability

  • CVE-2023-35636MedDec 12, 2023
    risk 0.44cvss 6.5epss 0.18

    Microsoft Outlook Information Disclosure Vulnerability

  • CVE-2023-33153MedJul 11, 2023
    risk 0.44cvss 6.8epss 0.01

    Microsoft Outlook Remote Code Execution Vulnerability

  • CVE-2020-17063MedNov 11, 2020
    risk 0.44cvss 6.8epss 0.01

    Microsoft Office Online Spoofing Vulnerability

  • CVE-2016-7257MedDec 20, 2016
    risk 0.44cvss 6.5epss 0.23

    The GDI component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Office for Mac 2011, and Office 2016 for Mac allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "GDI Information Disclosure…

  • CVE-2016-7233MedNov 10, 2016
    risk 0.44cvss 6.5epss 0.22

    Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Excel for Mac 2011, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2013 SP1, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information…

  • CVE-2023-33151MedJul 11, 2023
    risk 0.43cvss 6.5epss 0.03

    Microsoft Outlook Spoofing Vulnerability

  • CVE-2020-17119MedDec 10, 2020
    risk 0.43cvss 6.5epss 0.04

    Microsoft Outlook Information Disclosure Vulnerability

  • CVE-2019-0559MedJan 8, 2019
    risk 0.43cvss 6.5epss 0.07

    An information disclosure vulnerability exists when Microsoft Outlook improperly handles certain types of messages, aka "Microsoft Outlook Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook.

  • CVE-2018-8579MedNov 14, 2018
    risk 0.43cvss 6.5epss 0.06

    An information disclosure vulnerability exists when attaching files to Outlook messages, aka "Microsoft Outlook Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office. This CVE ID is unique from CVE-2018-8558.

  • CVE-2018-8558MedNov 14, 2018
    risk 0.43cvss 6.5epss 0.06

    An information disclosure vulnerability exists when Microsoft Outlook fails to respect "Default link type" settings configured via the SharePoint Online Admin Center, aka "Microsoft Outlook Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office.…

  • CVE-2018-0950MedApr 12, 2018
    risk 0.43cvss 6.5epss 0.09

    An information disclosure vulnerability exists when Office renders Rich Text Format (RTF) email messages containing OLE objects when a message is opened or previewed, aka "Microsoft Office Information Disclosure Vulnerability." This affects Microsoft Word, Microsoft Office. This…

  • CVE-2017-11939MedDec 12, 2017
    risk 0.43cvss 6.5epss 0.06

    Microsoft Office 2016 Click-to-Run (C2R) allows an information disclosure vulnerability due to the way Microsoft Office enforces DRM copy/paste permissions, aka "Microsoft Office Information Disclosure Vulnerability".

  • CVE-2017-8534MedJun 15, 2017
    risk 0.43cvss 6.5epss 0.06

    Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, Windows Server 2016, Microsoft Office 2007 SP3, and Microsoft Office 2010 SP2 allows improper disclosure of memory contents,…

  • CVE-2017-8533MedJun 15, 2017
    risk 0.43cvss 6.5epss 0.08

    Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows improper disclosure of memory contents, aka "Graphics Uniscribe Information Disclosure…

  • CVE-2017-8532MedJun 15, 2017
    risk 0.43cvss 6.5epss 0.07

    Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows improper disclosure of memory contents, aka "Graphics Uniscribe Information Disclosure…

Page 22 of 54