VYPR

Office

by Microsoft

CVEs (1,069)

  • CVE-2017-8531MedJun 15, 2017
    risk 0.43cvss 6.5epss 0.07

    Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, Windows Server 2016, Microsoft Office 2007 Service Pack 3, and Microsoft Office 2010 Service Pack 2 allows improper…

  • CVE-2016-3209MedOct 14, 2016
    risk 0.43cvss 5.5epss 0.54

    Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for…

  • CVE-2016-0141MedSep 14, 2016
    risk 0.43cvss 6.5epss 0.05

    The Visual Basic macros in Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2016 export a certificate-store private key during a document-save operation, which allows attackers to obtain sensitive information via unspecified vectors, aka "Microsoft Information Disclosure…

  • CVE-2008-5180MedNov 20, 2008
    risk 0.43cvss 5.3epss 0.68

    Microsoft Communicator, and Communicator in Microsoft Office 2010 beta, allows remote attackers to cause a denial of service (memory consumption) via a large number of SIP INVITE requests, which trigger the creation of many sessions.

  • CVE-2026-34350MedMay 12, 2026
    risk 0.42cvss 6.5epss 0.01

    Null pointer dereference in Windows Storport Miniport Driver allows an unauthorized attacker to deny service over a network.

  • CVE-2023-36893MedAug 8, 2023
    risk 0.42cvss 6.5epss 0.02

    Microsoft Outlook Spoofing Vulnerability

  • CVE-2022-38001MedOct 11, 2022
    risk 0.42cvss 6.5epss 0.01

    Microsoft Office Spoofing Vulnerability

  • CVE-2022-26934MedMay 10, 2022
    risk 0.42cvss 6.5epss 0.03

    Windows Graphics Component Information Disclosure Vulnerability

  • CVE-2021-42293MedDec 15, 2021
    risk 0.42cvss 6.5epss 0.03

    Microsoft Jet Red Database Engine and Access Connectivity Engine Elevation of Privilege Vulnerability

  • CVE-2026-41614MedMay 12, 2026
    risk 0.40cvss 6.2epss 0.00

    Improper access control in M365 Copilot for Desktop allows an unauthorized attacker to perform spoofing locally.

  • CVE-2021-41368MedNov 10, 2021
    risk 0.40cvss 6.1epss 0.04

    Microsoft Access Remote Code Execution Vulnerability

  • CVE-2017-8550MedJun 15, 2017
    risk 0.40cvss 5.4epss 0.22

    A remote code execution vulnerability exists in Skype for Business when the software fails to sanitize specially crafted content, aka "Skype for Business Remote Code Execution Vulnerability".

  • CVE-2017-0060MedMar 17, 2017
    risk 0.40cvss 5.5epss 0.16

    The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from…

  • CVE-2019-1153MedAug 14, 2019
    risk 0.39cvss 5.5epss 0.03

    An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this…

  • CVE-2019-1148MedAug 14, 2019
    risk 0.39cvss 5.5epss 0.03

    An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this…

  • CVE-2018-8546MedNov 14, 2018
    risk 0.39cvss 5.9epss 0.05

    A denial of service vulnerability exists in Skype for Business, aka "Microsoft Skype for Business Denial of Service Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Lync, Skype.

  • CVE-2017-0194MedApr 12, 2017
    risk 0.38cvss 5.5epss 0.26

    Microsoft Excel 2007 SP3, Microsoft Excel 2010 SP2, and Office Compatibility Pack SP2 allow remote attackers to obtain sensitive information from process memory via a crafted Office document, aka "Microsoft Office Information Disclosure Vulnerability."

  • CVE-2017-0105MedMar 17, 2017
    risk 0.38cvss 5.5epss 0.30

    Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from out-of-bound memory via a…

  • CVE-2016-3263MedOct 14, 2016
    risk 0.38cvss 5.5epss 0.32

    Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for…

  • CVE-2016-3262MedOct 14, 2016
    risk 0.38cvss 5.5epss 0.32

    Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for…

Page 23 of 54