Skip to main content

Office

747 CVEs product

Monthly

CVE-2021-40442 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Excel Office +4
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2021-40486 HIGH PATCH This Week

Microsoft Word Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Office Office Online Server Office Web Apps Server +3
NVD
CVSS 3.1
7.8
EPSS
5.7%
CVE-2021-40485 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Microsoft 365 Apps Excel +4
NVD
CVSS 3.1
7.8
EPSS
2.5%
CVE-2021-40481 HIGH PATCH This Week

Microsoft Office Visio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Office Office Long Term Servicing Channel
NVD
CVSS 3.1
7.1
EPSS
5.6%
CVE-2021-40480 HIGH PATCH This Week

Microsoft Office Visio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Office Office Long Term Servicing Channel
NVD
CVSS 3.1
7.8
EPSS
5.4%
CVE-2021-40479 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Office Office Long Term Servicing Channel
NVD
CVSS 3.1
7.8
EPSS
2.2%
CVE-2021-40474 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Excel Office +3
NVD
CVSS 3.1
7.8
EPSS
2.2%
CVE-2021-40473 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Office Office Long Term Servicing Channel
NVD
CVSS 3.1
7.8
EPSS
2.2%
CVE-2021-40472 MEDIUM PATCH This Month

Microsoft Excel Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure 365 Apps Excel Office +3
NVD
CVSS 3.1
5.5
EPSS
0.7%
CVE-2021-40471 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Office Office Long Term Servicing Channel
NVD
CVSS 3.1
7.8
EPSS
2.2%
CVE-2021-40454 MEDIUM PATCH This Month

Rich Text Edit Control Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure 365 Apps Office Windows 10 Windows 11 +7
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2021-38658 HIGH PATCH This Week

Microsoft Office Graphics Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Microsoft Memory Corruption RCE Office
NVD
CVSS 3.1
7.8
EPSS
4.9%
CVE-2021-38655 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft Memory Corruption RCE 365 Apps +4
NVD
CVSS 3.1
7.8
EPSS
4.9%
CVE-2021-38654 HIGH PATCH This Week

Microsoft Office Visio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Office
NVD
CVSS 3.1
7.8
EPSS
4.9%
CVE-2021-38653 HIGH PATCH This Week

Microsoft Office Visio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft Memory Corruption RCE 365 Apps +1
NVD
CVSS 3.1
7.8
EPSS
4.9%
CVE-2021-38650 HIGH PATCH This Week

Microsoft Office Spoofing Vulnerability. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure 365 Apps Office
NVD
CVSS 3.1
7.6
EPSS
1.5%
CVE-2021-38646 HIGH KEV PATCH THREAT This Week

Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Office
NVD
CVSS 3.1
7.8
EPSS
4.4%
CVE-2021-36941 HIGH PATCH This Week

Microsoft Word Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Office
NVD
CVSS 3.1
7.8
EPSS
2.0%
CVE-2021-34478 HIGH PATCH This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Office
NVD
CVSS 3.1
7.8
EPSS
54.4%
CVE-2021-34452 HIGH PATCH This Week

Microsoft Word Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Office Word
NVD
CVSS 3.1
7.8
EPSS
2.0%
CVE-2021-34501 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Excel Office +1
NVD
CVSS 3.1
7.8
EPSS
53.2%
CVE-2021-34469 HIGH PATCH This Week

Microsoft Office Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Authentication Bypass 365 Apps Office
NVD
CVSS 3.1
8.2
EPSS
3.3%
CVE-2021-31949 HIGH PATCH This Week

Microsoft Outlook Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Microsoft 365 Apps Office +1
NVD
CVSS 3.1
7.3
EPSS
2.6%
CVE-2021-31941 HIGH PATCH This Week

Microsoft Office Graphics Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Office Outlook
NVD
CVSS 3.1
7.8
EPSS
2.9%
CVE-2021-31940 HIGH PATCH This Week

Microsoft Office Graphics Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Office
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2021-31939 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Excel Office +2
NVD
CVSS 3.1
7.8
EPSS
13.3%
CVE-2021-31180 HIGH PATCH This Week

Microsoft Office Graphics Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Office Word
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2021-31179 HIGH PATCH This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Excel Office +2
NVD
CVSS 3.1
7.8
EPSS
13.5%
CVE-2021-31178 MEDIUM PATCH This Month

Microsoft Office Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Information Disclosure Microsoft 365 Apps Excel +4
NVD
CVSS 3.1
5.5
EPSS
16.0%
CVE-2021-31177 HIGH PATCH This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft Memory Corruption RCE 365 Apps +5
NVD
CVSS 3.1
7.8
EPSS
3.1%
CVE-2021-31176 HIGH PATCH This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft Memory Corruption RCE 365 Apps +3
NVD
CVSS 3.1
7.8
EPSS
3.0%
CVE-2021-31175 HIGH PATCH This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft Memory Corruption RCE 365 Apps +4
NVD
CVSS 3.1
7.8
EPSS
3.2%
CVE-2021-31174 MEDIUM PATCH This Month

Microsoft Excel Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Microsoft Information Disclosure 365 Apps Excel +3
NVD
CVSS 3.1
5.5
EPSS
2.9%
CVE-2021-28455 HIGH PATCH This Week

Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Microsoft RCE 365 Apps Office Windows 10 +7
NVD
CVSS 3.1
8.8
EPSS
2.1%
CVE-2021-28456 MEDIUM PATCH This Month

Microsoft Excel Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure 365 Apps Excel Office +2
NVD
CVSS 3.1
5.5
EPSS
3.7%
CVE-2021-28454 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft Memory Corruption RCE 365 Apps +3
NVD
CVSS 3.1
7.8
EPSS
3.1%
CVE-2021-28453 HIGH PATCH This Week

Microsoft Word Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Office Office Online Server +4
NVD
CVSS 3.1
7.8
EPSS
4.1%
CVE-2021-28452 HIGH PATCH This Week

Microsoft Outlook Memory Corruption Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft Memory Corruption 365 Apps Office +1
NVD
CVSS 3.1
7.1
EPSS
1.3%
CVE-2021-28451 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Excel Office +2
NVD
CVSS 3.1
7.8
EPSS
2.4%
CVE-2021-28449 HIGH PATCH This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Excel Office
NVD
CVSS 3.1
7.8
EPSS
2.5%
CVE-2021-20634 MEDIUM This Month

Improper access control vulnerability in Custom App of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass access restriction and obtain the date of Custom App via unspecified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Office
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2021-20633 MEDIUM This Month

Improper access control vulnerability in Cabinet of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass access restriction and obtain the date of Cabinet via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Office
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2021-20632 MEDIUM This Month

Improper access control vulnerability in Bulletin Board of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass access restriction and obtain the data of Bulletin Board via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Office
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2021-20631 MEDIUM This Month

Improper input validation vulnerability in Custom App of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attacker to alter the data of Custom App via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Office
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2021-20630 MEDIUM This Month

Improper access control vulnerability in Phone Messages of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass access restriction and obtain the data of Phone Messages via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Office
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2021-20629 MEDIUM This Month

Cross-site scripting vulnerability in E-mail of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrary script via unspecified vectors. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft XSS Office
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-20628 MEDIUM This Month

Cross-site scripting vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrary script via unspecified vectors. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Mozilla Microsoft XSS Office
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-20627 MEDIUM This Month

Cross-site scripting vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrary script via unspecified vectors. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft XSS Office
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-20626 MEDIUM This Month

Improper access control vulnerability in Workflow of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass access restriction and alter the data of Workflow via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Office
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2021-20625 MEDIUM This Month

Improper access control vulnerability in Bulletin Board of Cybozu Office 10.0.0 to 10.8.4 allows an authenticated attacker to bypass access restriction and alter the data of Bulletin Board via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Office
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2021-20624 MEDIUM This Month

Improper access control vulnerability in Scheduler of Cybozu Office 10.0.0 to 10.8.4 allows an authenticated attacker to bypass access restriction and alter the data of Scheduler via unspecified. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Office
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2021-27059 HIGH KEV PATCH THREAT This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable.

Microsoft RCE Office
NVD
CVSS 3.1
7.6
EPSS
3.2%
CVE-2021-27057 HIGH PATCH This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Excel Office +2
NVD
CVSS 3.1
7.8
EPSS
3.1%
CVE-2021-27056 HIGH PATCH This Week

Microsoft PowerPoint Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Office Powerpoint
NVD
CVSS 3.1
7.8
EPSS
3.1%
CVE-2021-27055 HIGH PATCH This Week

Microsoft Visio Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Microsoft Authentication Bypass 365 Apps Office Visio
NVD
CVSS 3.1
7.0
EPSS
2.2%
CVE-2021-27054 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Excel Office +2
NVD
CVSS 3.1
7.8
EPSS
3.1%
CVE-2021-27053 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Excel Office +2
NVD
CVSS 3.1
7.8
EPSS
3.6%
CVE-2021-24108 HIGH PATCH This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Office
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2021-24070 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft Memory Corruption RCE 365 Apps +4
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2021-24069 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Excel Office +2
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2021-24067 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft Memory Corruption RCE 365 Apps +4
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2021-1716 HIGH This Week

Microsoft Word Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE 365 Apps Office Office Online Server +5
NVD
CVSS 3.1
7.8
EPSS
3.6%
CVE-2021-1715 HIGH This Week

Microsoft Word Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Memory Corruption RCE 365 Apps +7
NVD
CVSS 3.1
7.8
EPSS
3.6%
CVE-2021-1714 HIGH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE Excel Services 365 Apps Excel +4
NVD
CVSS 3.1
7.8
EPSS
3.1%
CVE-2021-1713 HIGH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft RCE 365 Apps Excel +3
NVD
CVSS 3.1
7.8
EPSS
3.1%
CVE-2021-1711 HIGH This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE 365 Apps Office
NVD
CVSS 3.1
7.8
EPSS
3.6%
CVE-2020-17129 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Excel Office +2
NVD
CVSS 3.1
7.8
EPSS
3.3%
CVE-2020-17128 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Excel Office +2
NVD
CVSS 3.1
7.8
EPSS
2.6%
CVE-2020-17126 MEDIUM PATCH This Month

Microsoft Excel Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure 365 Apps Excel Office +2
NVD
CVSS 3.1
5.5
EPSS
1.1%
CVE-2020-17125 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Excel Office +2
NVD
CVSS 3.1
7.8
EPSS
3.3%
CVE-2020-17124 HIGH PATCH This Week

Microsoft PowerPoint Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Office Powerpoint
NVD
CVSS 3.1
7.8
EPSS
3.3%
CVE-2020-17122 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Office Office Web Apps Sharepoint Server
NVD
CVSS 3.1
7.8
EPSS
3.3%
CVE-2020-17119 MEDIUM PATCH This Month

Microsoft Outlook Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure 365 Apps Office Outlook
NVD
CVSS 3.1
6.5
EPSS
4.1%
CVE-2020-17067 HIGH PATCH This Week

Microsoft Excel Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft Authentication Bypass 365 Apps Excel Office
NVD
CVSS 3.1
7.8
EPSS
3.0%
CVE-2020-17065 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Excel Office +2
NVD
CVSS 3.1
7.8
EPSS
3.8%
CVE-2020-17064 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Excel Office +1
NVD
CVSS 3.1
7.8
EPSS
3.2%
CVE-2020-17063 MEDIUM PATCH This Month

Microsoft Office Online Spoofing Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.

Microsoft Information Disclosure 365 Apps Office
NVD
CVSS 3.1
6.8
EPSS
1.5%
CVE-2020-17062 HIGH PATCH This Week

Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Office
NVD
CVSS 3.1
7.8
EPSS
3.8%
CVE-2020-17020 LOW PATCH Monitor

Microsoft Word Security Feature Bypass Vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity.

Microsoft Authentication Bypass 365 Apps Office Word
NVD
CVSS 3.1
3.3
EPSS
1.2%
CVE-2020-17019 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Office
NVD
CVSS 3.1
7.8
EPSS
3.3%
CVE-2020-16957 HIGH PATCH This Week

<p>A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Office
NVD
CVSS 3.1
7.8
EPSS
3.9%
CVE-2020-16955 HIGH PATCH This Week

<p>An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure 365 Apps Office
NVD
CVSS 3.1
7.8
EPSS
3.5%
CVE-2020-16954 HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Office
NVD
CVSS 3.1
7.8
EPSS
3.3%
CVE-2020-16949 MEDIUM PATCH This Month

<p>A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. Rated medium severity (CVSS 4.7). This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Denial Of Service Microsoft Windows 10 Windows 7 Windows 8 1 +8
NVD
CVSS 3.1
4.7
EPSS
3.0%
CVE-2020-16947 HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow RCE Microsoft Information Disclosure 365 Apps +2
NVD
CVSS 3.1
7.5
EPSS
33.6%
CVE-2020-16934 HIGH PATCH This Week

<p>An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Microsoft Information Disclosure 365 Apps Office Office 2013 Click To Run
NVD
CVSS 3.1
7.0
EPSS
2.7%
CVE-2020-16933 HIGH PATCH This Week

<p>A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Microsoft Authentication Bypass Windows 10 Windows 7 Windows 8 1 +8
NVD
CVSS 3.1
7.0
EPSS
2.7%
CVE-2020-16932 HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

RCE Microsoft 365 Apps Excel Office +2
NVD
CVSS 3.1
7.8
EPSS
4.8%
CVE-2020-16931 HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

RCE Microsoft 365 Apps Excel Office +2
NVD
CVSS 3.1
7.8
EPSS
4.8%
CVE-2020-16930 HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft RCE Memory Corruption 365 Apps +1
NVD
CVSS 3.1
7.8
EPSS
4.7%
EPSS 2% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps +6
NVD
EPSS 6% CVSS 7.8
HIGH PATCH This Week

Microsoft Word Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Office +5
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Microsoft +6
NVD
EPSS 6% CVSS 7.1
HIGH PATCH This Week

Microsoft Office Visio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps +2
NVD
EPSS 5% CVSS 7.8
HIGH PATCH This Week

Microsoft Office Visio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps +2
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps +2
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps +5
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps +2
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Microsoft Excel Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure 365 Apps +5
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Rich Text Edit Control Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure 365 Apps Office +9
NVD
EPSS 5% CVSS 7.8
HIGH PATCH This Week

Microsoft Office Graphics Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Microsoft Memory Corruption RCE +1
NVD
EPSS 5% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft Memory Corruption +6
NVD
EPSS 5% CVSS 7.8
HIGH PATCH This Week

Microsoft Office Visio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps +1
NVD
EPSS 5% CVSS 7.8
HIGH PATCH This Week

Microsoft Office Visio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft Memory Corruption +3
NVD
EPSS 1% CVSS 7.6
HIGH PATCH This Week

Microsoft Office Spoofing Vulnerability. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure 365 Apps +1
NVD
EPSS 4% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps +1
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

Microsoft Word Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps +1
NVD
EPSS 54% CVSS 7.8
HIGH PATCH This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps +1
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

Microsoft Word Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps +2
NVD
EPSS 53% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps +3
NVD
EPSS 3% CVSS 8.2
HIGH PATCH This Week

Microsoft Office Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Authentication Bypass 365 Apps +1
NVD
EPSS 3% CVSS 7.3
HIGH PATCH This Week

Microsoft Outlook Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Microsoft +3
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Microsoft Office Graphics Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps +2
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

Microsoft Office Graphics Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps +1
NVD
EPSS 13% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps +4
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

Microsoft Office Graphics Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps +2
NVD
EPSS 13% CVSS 7.8
HIGH PATCH This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps +4
NVD
EPSS 16% CVSS 5.5
MEDIUM PATCH This Month

Microsoft Office Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Information Disclosure Microsoft +6
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft Memory Corruption +7
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft Memory Corruption +5
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft Memory Corruption +6
NVD
EPSS 3% CVSS 5.5
MEDIUM PATCH This Month

Microsoft Excel Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Microsoft Information Disclosure +5
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Microsoft RCE 365 Apps +9
NVD
EPSS 4% CVSS 5.5
MEDIUM PATCH This Month

Microsoft Excel Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure 365 Apps +4
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft Memory Corruption +5
NVD
EPSS 4% CVSS 7.8
HIGH PATCH This Week

Microsoft Word Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps +6
NVD
EPSS 1% CVSS 7.1
HIGH PATCH This Week

Microsoft Outlook Memory Corruption Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft Memory Corruption +3
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps +4
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps +2
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Improper access control vulnerability in Custom App of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass access restriction and obtain the date of Custom App via unspecified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Office
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Improper access control vulnerability in Cabinet of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass access restriction and obtain the date of Cabinet via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Office
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Improper access control vulnerability in Bulletin Board of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass access restriction and obtain the data of Bulletin Board via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Office
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Improper input validation vulnerability in Custom App of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attacker to alter the data of Custom App via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Office
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Improper access control vulnerability in Phone Messages of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass access restriction and obtain the data of Phone Messages via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Office
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Cross-site scripting vulnerability in E-mail of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrary script via unspecified vectors. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft XSS Office
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Cross-site scripting vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrary script via unspecified vectors. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Mozilla Microsoft XSS +1
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Cross-site scripting vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrary script via unspecified vectors. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft XSS Office
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Improper access control vulnerability in Workflow of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass access restriction and alter the data of Workflow via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Office
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Improper access control vulnerability in Bulletin Board of Cybozu Office 10.0.0 to 10.8.4 allows an authenticated attacker to bypass access restriction and alter the data of Bulletin Board via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Office
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Improper access control vulnerability in Scheduler of Cybozu Office 10.0.0 to 10.8.4 allows an authenticated attacker to bypass access restriction and alter the data of Scheduler via unspecified. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Office
NVD
EPSS 3% CVSS 7.6
HIGH KEV PATCH THREAT This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable.

Microsoft RCE Office
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps +4
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Microsoft PowerPoint Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps +2
NVD
EPSS 2% CVSS 7.0
HIGH PATCH This Week

Microsoft Visio Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Microsoft Authentication Bypass 365 Apps +2
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps +4
NVD
EPSS 4% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps +4
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps +1
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft Memory Corruption +6
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps +4
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft Memory Corruption +6
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Microsoft Word Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE 365 Apps +7
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Microsoft Word Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Memory Corruption +9
NVD
EPSS 3% CVSS 7.8
HIGH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE Excel Services +6
NVD
EPSS 3% CVSS 7.8
HIGH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft RCE +5
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE 365 Apps +1
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps +4
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps +4
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Microsoft Excel Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure 365 Apps +4
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps +4
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Microsoft PowerPoint Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps +2
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Office +2
NVD
EPSS 4% CVSS 6.5
MEDIUM PATCH This Month

Microsoft Outlook Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure 365 Apps +2
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft Authentication Bypass 365 Apps +2
NVD
EPSS 4% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps +4
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps +3
NVD
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

Microsoft Office Online Spoofing Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.

Microsoft Information Disclosure 365 Apps +1
NVD
EPSS 4% CVSS 7.8
HIGH PATCH This Week

Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps +1
NVD
EPSS 1% CVSS 3.3
LOW PATCH Monitor

Microsoft Word Security Feature Bypass Vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity.

Microsoft Authentication Bypass 365 Apps +2
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Office
NVD
EPSS 4% CVSS 7.8
HIGH PATCH This Week

<p>A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps +1
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

<p>An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure 365 Apps +1
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps +1
NVD
EPSS 3% CVSS 4.7
MEDIUM PATCH This Month

<p>A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. Rated medium severity (CVSS 4.7). This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Denial Of Service Microsoft Windows 10 +10
NVD
EPSS 34% CVSS 7.5
HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow RCE Microsoft +4
NVD
EPSS 3% CVSS 7.0
HIGH PATCH This Week

<p>An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Microsoft Information Disclosure 365 Apps +2
NVD
EPSS 3% CVSS 7.0
HIGH PATCH This Week

<p>A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Microsoft Authentication Bypass Windows 10 +10
NVD
EPSS 5% CVSS 7.8
HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

RCE Microsoft 365 Apps +4
NVD
EPSS 5% CVSS 7.8
HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

RCE Microsoft 365 Apps +4
NVD
EPSS 5% CVSS 7.8
HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft RCE +3
NVD
Prev Page 4 of 9 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy