VYPR

Office

by Microsoft

CVEs (1,070)

  • CVE-2017-8695MedSep 13, 2017
    risk 0.35cvss 5.3epss 0.10

    Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, 1607, 1703, and Server 2016; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for Mac 2011 and 2016; Skype…

  • CVE-2017-0195MedApr 12, 2017
    risk 0.35cvss 5.4epss 0.04

    Microsoft Excel Services on Microsoft SharePoint Server 2010 SP1 and SP2, Microsoft Excel Web Apps 2010 SP2, Microsoft Office Web Apps 2010 SP2, Microsoft Office Web Apps Server 2013 SP1 and Office Online Server allows remote attackers to perform cross-site scripting and run…

  • CVE-2020-1483MedAug 17, 2020
    risk 0.33cvss 5.0epss 0.09

    A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on…

  • CVE-2017-0027MedMar 17, 2017
    risk 0.32cvss 4.7epss 0.23

    Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Services on SharePoint Server 2013 SP1 allow remote attackers to obtain sensitive information from process memory via a crafted Office document, aka "Microsoft…

  • CVE-2026-45460MedJun 9, 2026
    risk 0.31cvss 4.7epss 0.00

    Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

  • CVE-2022-33632MedJul 12, 2022
    risk 0.31cvss 4.7epss 0.01

    Microsoft Office Security Feature Bypass Vulnerability

  • CVE-2020-16949MedOct 16, 2020
    risk 0.31cvss 4.7epss 0.03

    A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could cause a remote denial of service against a system. Exploitation of the…

  • CVE-2018-8598MedDec 12, 2018
    risk 0.31cvss 4.7epss 0.06

    An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel. This CVE ID is unique from…

  • CVE-2017-0073MedMar 17, 2017
    risk 0.31cvss 4.3epss 0.33

    The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from…

  • CVE-2023-36769MedNov 6, 2023
    risk 0.30cvss 4.6epss 0.00

    Microsoft OneNote Spoofing Vulnerability

  • CVE-2016-0012MedJan 13, 2016
    risk 0.29cvss 4.3epss 0.11

    Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, Word 2013 SP1, Excel 2013 RT…

  • CVE-2026-40421MedMay 12, 2026
    risk 0.28cvss 4.3epss 0.01

    Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

  • CVE-2023-36767MedSep 12, 2023
    risk 0.28cvss 4.3epss 0.03

    Microsoft Office Security Feature Bypass Vulnerability

  • CVE-2019-1204MedAug 14, 2019
    risk 0.28cvss 4.3epss 0.04

    An elevation of privilege vulnerability exists when Microsoft Outlook initiates processing of incoming messages without sufficient validation of the formatting of the messages. An attacker who successfully exploited the vulnerability could attempt to force Outlook to load a…

  • CVE-2017-8676LowSep 13, 2017
    risk 0.23cvss 3.3epss 0.14

    The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, 1607, 1703, and Server 2016; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for…

  • CVE-2022-41043LowOct 11, 2022
    risk 0.22cvss 3.3epss 0.01

    Microsoft Office Information Disclosure Vulnerability

  • CVE-2020-17020LowNov 11, 2020
    risk 0.22cvss 3.3epss 0.01

    Microsoft Word Security Feature Bypass Vulnerability

  • CVE-2018-0919LowMar 14, 2018
    risk 0.22cvss 3.3epss 0.12

    Microsoft Office 2010 SP2, 2013 SP1, and 2016, Microsoft Office 2016 Click-to-Run Microsoft Office 2016 for Mac, Microsoft Office Web Apps 2010 SP2, Microsoft Office Web Apps 2013 SP1, Microsoft SharePoint Enterprise Server 2013 SP1, Microsoft SharePoint Enterprise Server 2016,…

  • CVE-2018-0853LowFeb 15, 2018
    risk 0.22cvss 3.3epss 0.12

    Microsoft Office 2010 SP2, Microsoft Office 2013 SP1 and RT SP1, Microsoft Office 2016, and Microsoft Office 2016 Click-to-Run (C2R) allow an information disclosure vulnerability, due to how Office initializes the affected variable, aka "Microsoft Office Information Disclosure…

  • CVE-2016-0137LowSep 14, 2016
    risk 0.22cvss 3.3epss 0.07

    The Click-to-Run (C2R) implementation in Microsoft Office 2013 SP1 and 2016 allows local users to bypass the ASLR protection mechanism via a crafted application, aka "Microsoft APP-V ASLR Bypass."

Page 27 of 54