Skip to main content

365 Apps

420 CVEs product

Monthly

CVE-2020-17129 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Excel Office +2
NVD
CVSS 3.1
7.8
EPSS
3.3%
CVE-2020-17128 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Excel Office +2
NVD
CVSS 3.1
7.8
EPSS
2.6%
CVE-2020-17126 MEDIUM PATCH This Month

Microsoft Excel Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure 365 Apps Excel Office +2
NVD
CVSS 3.1
5.5
EPSS
1.1%
CVE-2020-17125 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Excel Office +2
NVD
CVSS 3.1
7.8
EPSS
3.3%
CVE-2020-17124 HIGH PATCH This Week

Microsoft PowerPoint Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Office Powerpoint
NVD
CVSS 3.1
7.8
EPSS
3.3%
CVE-2020-17123 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Excel Office Online Server +1
NVD
CVSS 3.1
7.8
EPSS
3.6%
CVE-2020-17119 MEDIUM PATCH This Month

Microsoft Outlook Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure 365 Apps Office Outlook
NVD
CVSS 3.1
6.5
EPSS
4.1%
CVE-2020-17067 HIGH PATCH This Week

Microsoft Excel Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft Authentication Bypass 365 Apps Excel Office
NVD
CVSS 3.1
7.8
EPSS
3.0%
CVE-2020-17065 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Excel Office +2
NVD
CVSS 3.1
7.8
EPSS
3.8%
CVE-2020-17064 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Excel Office +1
NVD
CVSS 3.1
7.8
EPSS
3.2%
CVE-2020-17063 MEDIUM PATCH This Month

Microsoft Office Online Spoofing Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.

Microsoft Information Disclosure 365 Apps Office
NVD
CVSS 3.1
6.8
EPSS
1.5%
CVE-2020-17062 HIGH PATCH This Week

Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Office
NVD
CVSS 3.1
7.8
EPSS
3.8%
CVE-2020-17020 LOW PATCH Monitor

Microsoft Word Security Feature Bypass Vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity.

Microsoft Authentication Bypass 365 Apps Office Word
NVD
CVSS 3.1
3.3
EPSS
1.2%
CVE-2020-16957 HIGH PATCH This Week

<p>A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Office
NVD
CVSS 3.1
7.8
EPSS
3.9%
CVE-2020-16955 HIGH PATCH This Week

<p>An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure 365 Apps Office
NVD
CVSS 3.1
7.8
EPSS
3.5%
CVE-2020-16954 HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Office
NVD
CVSS 3.1
7.8
EPSS
3.3%
CVE-2020-16949 MEDIUM PATCH This Month

<p>A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. Rated medium severity (CVSS 4.7). This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Denial Of Service Microsoft Windows 10 Windows 7 Windows 8 1 +8
NVD
CVSS 3.1
4.7
EPSS
3.0%
CVE-2020-16947 HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow RCE Microsoft Information Disclosure 365 Apps +2
NVD
CVSS 3.1
7.5
EPSS
33.6%
CVE-2020-16934 HIGH PATCH This Week

<p>An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Microsoft Information Disclosure 365 Apps Office Office 2013 Click To Run
NVD
CVSS 3.1
7.0
EPSS
2.7%
CVE-2020-16933 HIGH PATCH This Week

<p>A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Microsoft Authentication Bypass Windows 10 Windows 7 Windows 8 1 +8
NVD
CVSS 3.1
7.0
EPSS
2.7%
CVE-2020-16932 HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

RCE Microsoft 365 Apps Excel Office +2
NVD
CVSS 3.1
7.8
EPSS
4.8%
CVE-2020-16931 HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

RCE Microsoft 365 Apps Excel Office +2
NVD
CVSS 3.1
7.8
EPSS
4.8%
CVE-2020-16930 HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft RCE Memory Corruption 365 Apps +1
NVD
CVSS 3.1
7.8
EPSS
4.7%
CVE-2020-16929 HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Microsoft Use After Free Memory Corruption RCE 365 Apps +7
NVD
CVSS 3.1
7.8
EPSS
3.7%
CVE-2020-16928 HIGH PATCH This Week

<p>An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure 365 Apps Office
NVD
CVSS 3.1
7.8
EPSS
3.4%
CVE-2020-16918 HIGH PATCH Act Now

<p>A remote code execution vulnerability exists when the Base3D rendering engine improperly handles memory.</p> <p>An attacker who successfully exploited the vulnerability would gain execution on a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 12.5%.

RCE Buffer Overflow Memory Corruption 365 Apps 3D Viewer
NVD
CVSS 3.1
7.8
EPSS
12.5%
CVE-2020-1594 HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Excel Office
NVD
CVSS 3.1
7.8
EPSS
3.7%
CVE-2020-1338 HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Office Office Online Server +1
NVD
CVSS 3.1
7.8
EPSS
3.7%
CVE-2020-1335 HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Excel Office +3
NVD
CVSS 3.1
7.8
EPSS
3.7%
CVE-2020-1332 HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Excel Office
NVD
CVSS 3.1
7.8
EPSS
3.7%
CVE-2020-1224 MEDIUM PATCH This Month

<p>An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure 365 Apps Excel Office +3
NVD
CVSS 3.1
5.5
EPSS
4.4%
CVE-2020-1218 HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Office Office Online Server +4
NVD
CVSS 3.1
7.8
EPSS
3.6%
CVE-2020-1193 HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Office
NVD
CVSS 3.1
7.8
EPSS
3.6%
CVE-2020-1583 HIGH PATCH This Week

An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure 365 Apps Office Office Online Server +4
NVD
CVSS 3.1
8.8
EPSS
4.9%
CVE-2020-1582 HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

RCE Microsoft 365 Apps Access Office
NVD
CVSS 3.1
7.8
EPSS
2.7%
CVE-2020-1581 HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) components handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure 365 Apps Office
NVD
CVSS 3.1
7.8
EPSS
3.7%
CVE-2020-1563 HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Office
NVD
CVSS 3.1
7.8
EPSS
3.2%
CVE-2020-1503 MEDIUM PATCH This Month

An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure 365 Apps Office Office Online Server +4
NVD
CVSS 3.1
5.5
EPSS
4.6%
CVE-2020-1502 MEDIUM PATCH This Month

An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure 365 Apps Office Office Online Server +1
NVD
CVSS 3.1
5.5
EPSS
4.6%
CVE-2020-1498 HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft 365 Apps Excel Office
NVD
CVSS 3.1
8.8
EPSS
3.9%
CVE-2020-1497 MEDIUM PATCH This Month

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure 365 Apps Excel Office
NVD
CVSS 3.1
5.5
EPSS
4.6%
CVE-2020-1496 HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft 365 Apps Excel Office
NVD
CVSS 3.1
8.8
EPSS
4.2%
CVE-2020-1495 HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft 365 Apps Excel Office +3
NVD
CVSS 3.1
8.8
EPSS
4.2%
CVE-2020-1494 HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft 365 Apps Excel Office
NVD
CVSS 3.1
8.8
EPSS
4.2%
CVE-2020-1493 MEDIUM PATCH This Month

An information disclosure vulnerability exists when attaching files to Outlook messages. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure 365 Apps Office Outlook
NVD
CVSS 3.1
5.5
EPSS
7.3%
CVE-2020-1483 MEDIUM PATCH This Month

A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft RCE Memory Corruption 365 Apps +2
NVD
CVSS 3.1
5.0
EPSS
8.9%
CVE-2020-1458 HIGH PATCH This Week

A remote code execution vulnerability exists when Microsoft Office improperly validates input before loading dynamic link library (DLL) files, aka 'Microsoft Office Remote Code Execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps
NVD
CVSS 3.1
7.8
EPSS
10.9%
CVE-2020-1449 HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Project software when the software fails to check the source markup of a file, aka 'Microsoft Project Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Office Project 2016
NVD
CVSS 3.1
7.8
EPSS
4.6%
CVE-2020-1447 HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft 365 Apps Office Office Online Server +5
NVD
CVSS 3.1
8.8
EPSS
10.7%
CVE-2020-1446 HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft 365 Apps Office Office Online Server +5
NVD
CVSS 3.1
8.8
EPSS
11.3%
CVE-2020-1445 MEDIUM PATCH This Month

An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka 'Microsoft Office Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure 365 Apps Office Office Online Server +3
NVD
CVSS 3.1
5.5
EPSS
6.1%
CVE-2020-1349 HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka 'Microsoft Outlook Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Office Outlook
NVD
CVSS 3.1
7.8
EPSS
22.5%
CVE-2020-1342 MEDIUM PATCH This Month

An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka 'Microsoft. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Microsoft Information Disclosure 365 Apps Office +5
NVD
CVSS 3.1
5.5
EPSS
6.4%
CVE-2020-1240 HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft 365 Apps
NVD
CVSS 3.1
8.8
EPSS
13.8%
CVE-2020-1322 MEDIUM PATCH This Month

An information disclosure vulnerability exists when Microsoft Project reads out of bound memory due to an uninitialized variable, aka 'Microsoft Project Information Disclosure Vulnerability'. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Microsoft Information Disclosure 365 Apps Office +1
NVD
CVSS 3.1
6.5
EPSS
5.5%
CVE-2020-1321 HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory, aka 'Microsoft Office Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft 365 Apps Office
NVD
CVSS 3.1
8.8
EPSS
11.6%
CVE-2020-1229 MEDIUM PATCH This Month

A security feature bypass vulnerability exists in Microsoft Outlook when Office fails to enforce security settings configured on a system, aka 'Microsoft Outlook Security Feature Bypass. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Authentication Bypass 365 Apps Office Word
NVD
CVSS 3.1
4.3
EPSS
3.8%
CVE-2020-1226 HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Microsoft Use After Free Memory Corruption RCE 365 Apps +2
NVD
CVSS 3.1
8.8
EPSS
17.2%
CVE-2020-1225 HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Microsoft Use After Free Memory Corruption RCE 365 Apps +2
NVD
CVSS 3.1
8.8
EPSS
17.2%
CVE-2020-0901 CRITICAL PATCH Act Now

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft 365 Apps Office
NVD
CVSS 3.1
9.8
EPSS
11.6%
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps +4
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps +4
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Microsoft Excel Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure 365 Apps +4
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps +4
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Microsoft PowerPoint Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps +2
NVD
EPSS 4% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps +3
NVD
EPSS 4% CVSS 6.5
MEDIUM PATCH This Month

Microsoft Outlook Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure 365 Apps +2
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft Authentication Bypass 365 Apps +2
NVD
EPSS 4% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps +4
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps +3
NVD
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

Microsoft Office Online Spoofing Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.

Microsoft Information Disclosure 365 Apps +1
NVD
EPSS 4% CVSS 7.8
HIGH PATCH This Week

Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps +1
NVD
EPSS 1% CVSS 3.3
LOW PATCH Monitor

Microsoft Word Security Feature Bypass Vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity.

Microsoft Authentication Bypass 365 Apps +2
NVD
EPSS 4% CVSS 7.8
HIGH PATCH This Week

<p>A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps +1
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

<p>An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure 365 Apps +1
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps +1
NVD
EPSS 3% CVSS 4.7
MEDIUM PATCH This Month

<p>A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. Rated medium severity (CVSS 4.7). This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Denial Of Service Microsoft Windows 10 +10
NVD
EPSS 34% CVSS 7.5
HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow RCE Microsoft +4
NVD
EPSS 3% CVSS 7.0
HIGH PATCH This Week

<p>An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Microsoft Information Disclosure 365 Apps +2
NVD
EPSS 3% CVSS 7.0
HIGH PATCH This Week

<p>A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Microsoft Authentication Bypass Windows 10 +10
NVD
EPSS 5% CVSS 7.8
HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

RCE Microsoft 365 Apps +4
NVD
EPSS 5% CVSS 7.8
HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

RCE Microsoft 365 Apps +4
NVD
EPSS 5% CVSS 7.8
HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft RCE +3
NVD
EPSS 4% CVSS 7.8
HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Microsoft Use After Free Memory Corruption +9
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

<p>An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure 365 Apps +1
NVD
EPSS 12% CVSS 7.8
HIGH PATCH Act Now

<p>A remote code execution vulnerability exists when the Base3D rendering engine improperly handles memory.</p> <p>An attacker who successfully exploited the vulnerability would gain execution on a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 12.5%.

RCE Buffer Overflow Memory Corruption +2
NVD
EPSS 4% CVSS 7.8
HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps +2
NVD
EPSS 4% CVSS 7.8
HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps +3
NVD
EPSS 4% CVSS 7.8
HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps +5
NVD
EPSS 4% CVSS 7.8
HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps +2
NVD
EPSS 4% CVSS 5.5
MEDIUM PATCH This Month

<p>An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure 365 Apps +5
NVD
EPSS 4% CVSS 7.8
HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps +6
NVD
EPSS 4% CVSS 7.8
HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps +1
NVD
EPSS 5% CVSS 8.8
HIGH PATCH This Week

An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure 365 Apps +6
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

RCE Microsoft 365 Apps +2
NVD
EPSS 4% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) components handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure 365 Apps +1
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps +1
NVD
EPSS 5% CVSS 5.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure 365 Apps +6
NVD
EPSS 5% CVSS 5.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure 365 Apps +3
NVD
EPSS 4% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft 365 Apps +2
NVD
EPSS 5% CVSS 5.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure 365 Apps +2
NVD
EPSS 4% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft 365 Apps +2
NVD
EPSS 4% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft 365 Apps +5
NVD
EPSS 4% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft 365 Apps +2
NVD
EPSS 7% CVSS 5.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when attaching files to Outlook messages. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure 365 Apps +2
NVD
EPSS 9% CVSS 5.0
MEDIUM PATCH This Month

A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft RCE +4
NVD
EPSS 11% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists when Microsoft Office improperly validates input before loading dynamic link library (DLL) files, aka 'Microsoft Office Remote Code Execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps
NVD
EPSS 5% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Project software when the software fails to check the source markup of a file, aka 'Microsoft Project Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps +2
NVD
EPSS 11% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft 365 Apps +7
NVD
EPSS 11% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft 365 Apps +7
NVD
EPSS 6% CVSS 5.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka 'Microsoft Office Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure 365 Apps +5
NVD
EPSS 23% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka 'Microsoft Outlook Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps +2
NVD
EPSS 6% CVSS 5.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka 'Microsoft. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Microsoft Information Disclosure +7
NVD
EPSS 14% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft 365 Apps
NVD
EPSS 5% CVSS 6.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when Microsoft Project reads out of bound memory due to an uninitialized variable, aka 'Microsoft Project Information Disclosure Vulnerability'. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Microsoft Information Disclosure +3
NVD
EPSS 12% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory, aka 'Microsoft Office Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft 365 Apps +1
NVD
EPSS 4% CVSS 4.3
MEDIUM PATCH This Month

A security feature bypass vulnerability exists in Microsoft Outlook when Office fails to enforce security settings configured on a system, aka 'Microsoft Outlook Security Feature Bypass. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Authentication Bypass 365 Apps +2
NVD
EPSS 17% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Microsoft Use After Free Memory Corruption +4
NVD
EPSS 17% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Microsoft Use After Free Memory Corruption +4
NVD
EPSS 12% CVSS 9.8
CRITICAL PATCH Act Now

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft 365 Apps +1
NVD
Prev Page 5 of 5

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy