Skip to main content

Office For Mac

10 CVEs product

Monthly

CVE-2018-8429 MEDIUM PATCH This Month

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Excel Excel Viewer Office +2
NVD
CVSS 3.0
5.5
EPSS
12.3%
CVE-2018-8332 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka "Win32k Graphics Remote Code Execution Vulnerability." This affects. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft RCE Office Office For Mac Windows 10 +3
NVD
CVSS 3.0
8.8
EPSS
19.1%
CVE-2018-8412 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Microsoft AutoUpdate (MAU) application for Mac improperly validates updates before executing them, aka "Microsoft (MAU) Office Elevation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Office For Mac
NVD
CVSS 3.0
7.8
EPSS
1.2%
CVE-2018-8176 HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly validate XML content, aka "Microsoft PowerPoint Remote Code Execution Vulnerability.". Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft RCE Office For Mac
NVD
CVSS 3.0
8.8
EPSS
22.1%
CVE-2018-8162 HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Excel Office Office For Mac
NVD
CVSS 3.0
7.8
EPSS
23.1%
CVE-2018-8148 HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Excel Office Office Compatibility Pack +1
NVD
CVSS 3.0
7.8
EPSS
23.1%
CVE-2018-8147 HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Excel Office Office Compatibility Pack +1
NVD
CVSS 3.0
7.8
EPSS
23.1%
CVE-2017-11825 HIGH PATCH Act Now

Microsoft Office 2016 Click-to-Run (C2R) and Microsoft Office 2016 for Mac allow an attacker to use a specially crafted file to perform actions in the security context of the current user, due to how. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 32.4%.

Buffer Overflow RCE Microsoft Office Office For Mac
NVD
CVSS 3.0
7.8
EPSS
32.4%
CVE-2016-7276 HIGH This Week

Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office for Mac 2011, and Office 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a denial. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Information Disclosure Buffer Overflow Microsoft Office +1
NVD
CVSS 3.0
7.1
EPSS
8.6%
CVE-2016-7257 MEDIUM This Month

The GDI component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Office for Mac 2011, and Office 2016 for Mac allows remote attackers to obtain sensitive. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.3% and no vendor patch available.

Information Disclosure Microsoft Office For Mac Windows 7 Windows Server 2008 +1
NVD
CVSS 3.0
6.5
EPSS
13.3%
EPSS 12% CVSS 5.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Excel +4
NVD
EPSS 19% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka "Win32k Graphics Remote Code Execution Vulnerability." This affects. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft RCE Office +5
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Microsoft AutoUpdate (MAU) application for Mac improperly validates updates before executing them, aka "Microsoft (MAU) Office Elevation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Office For Mac
NVD
EPSS 22% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly validate XML content, aka "Microsoft PowerPoint Remote Code Execution Vulnerability.". Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft RCE Office For Mac
NVD
EPSS 23% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Excel +2
NVD
EPSS 23% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Excel +3
NVD
EPSS 23% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Excel +3
NVD
EPSS 32% CVSS 7.8
HIGH PATCH Act Now

Microsoft Office 2016 Click-to-Run (C2R) and Microsoft Office 2016 for Mac allow an attacker to use a specially crafted file to perform actions in the security context of the current user, due to how. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 32.4%.

Buffer Overflow RCE Microsoft +2
NVD
EPSS 9% CVSS 7.1
HIGH This Week

Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office for Mac 2011, and Office 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a denial. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Information Disclosure Buffer Overflow +3
NVD
EPSS 13% CVSS 6.5
MEDIUM This Month

The GDI component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Office for Mac 2011, and Office 2016 for Mac allows remote attackers to obtain sensitive. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.3% and no vendor patch available.

Information Disclosure Microsoft Office For Mac +3
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy