Total
757 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-8430 | 1 Microsoft | 2 Office, Word | 2019-10-02 | 9.3 HIGH | 7.8 HIGH |
| A remote code execution vulnerability exists in Microsoft Word if a user opens a specially crafted PDF file, aka "Word PDF Remote Code Execution Vulnerability." This affects Microsoft Word, Microsoft Office. | |||||
| CVE-2018-8502 | 1 Microsoft | 3 Excel, Office, Office 365 Proplus | 2019-10-02 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in Protected View, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel. | |||||
| CVE-2018-8501 | 1 Microsoft | 4 Office, Office 365 Proplus, Powerpoint and 1 more | 2019-10-02 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in Protected View, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Office 365 ProPlus, PowerPoint Viewer, Microsoft Office, Microsoft PowerPoint. | |||||
| CVE-2018-8248 | 1 Microsoft | 1 Office | 2019-10-02 | 9.3 HIGH | 7.8 HIGH |
| A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Office. | |||||
| CVE-2018-8332 | 1 Microsoft | 6 Office, Office For Mac, Windows 10 and 3 more | 2019-10-02 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka "Win32k Graphics Remote Code Execution Vulnerability." This affects Windows 7, Microsoft Office, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. | |||||
| CVE-2018-8504 | 1 Microsoft | 5 Office, Office 365 Proplus, Office Web Apps and 2 more | 2019-10-02 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability exists in Microsoft Word software when the software fails to properly handle objects in Protected View, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Microsoft SharePoint Server, Office 365 ProPlus, Microsoft Office, Microsoft Word. | |||||
| CVE-2018-8150 | 1 Microsoft | 1 Office | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| A security feature bypass vulnerability exists when the Microsoft Outlook attachment block filter does not properly handle attachments, aka "Microsoft Outlook Security Feature Bypass Vulnerability." This affects Microsoft Office. | |||||
| CVE-2018-1030 | 1 Microsoft | 1 Office | 2019-10-02 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Office. This CVE ID is unique from CVE-2018-1026. | |||||
| CVE-2018-1026 | 1 Microsoft | 1 Office | 2019-10-02 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Office. This CVE ID is unique from CVE-2018-1030. | |||||
| CVE-2018-0907 | 1 Microsoft | 2 Excel, Office | 2019-10-02 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft Excel 2007 SP3, Microsoft Excel 2010 SP2, Microsoft Excel 2013 SP1, Microsoft Excel 2016, Microsoft Office 2016 Click-to-Run and Microsoft Office 2016 for Mac allow a security feature bypass vulnerability due to how macro settings are enforced, aka "Microsoft Office Excel Security Feature Bypass". | |||||
| CVE-2018-0819 | 1 Microsoft | 1 Office | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| Microsoft Office 2016 for Mac allows an attacker to send a specially crafted email attachment to a user in an attempt to launch a social engineering attack, such as phishing, due to how Outlook for Mac displays encoded email addresses, aka "Spoofing Vulnerability in Microsoft Office for Mac." | |||||
| CVE-2018-0841 | 1 Microsoft | 1 Office | 2019-10-02 | 9.3 HIGH | 8.8 HIGH |
| Microsoft Office 2016 Click-to-Run allows a remote code execution vulnerability due to how objects are handled in memory, aka "Office Remote Code Execution Vulnerability" | |||||
| CVE-2018-0850 | 1 Microsoft | 2 Office, Outlook | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| Microsoft Outlook 2007, Microsoft Outlook 2010, Microsoft Outlook 2013, Microsoft Outlook 2016, and Microsoft Office 2016 Click-to-Run allow an elevation of privilege vulnerability due to how the format of incoming message is validated, aka "Microsoft Outlook Elevation of Privilege Vulnerability". | |||||
| CVE-2018-0793 | 1 Microsoft | 3 Office, Office Compatibility Pack, Word | 2019-10-02 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Outlook 2007, Microsoft Outlook 2010 and Microsoft Outlook 2013 allow a remote code execution vulnerability due to the way email messages are parsed, aka "Microsoft Outlook Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0791. | |||||
| CVE-2018-0791 | 1 Microsoft | 2 Office, Outlook | 2019-10-02 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Outlook 2007, Microsoft Outlook 2010, Microsoft Outlook 2013, and Microsoft Outlook 2016 allow a remote code execution vulnerability due to the way email messages are parsed, aka "Microsoft Outlook Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0793. | |||||
| CVE-2017-8570 | 1 Microsoft | 1 Office | 2019-10-02 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0243. | |||||
| CVE-2017-8512 | 1 Microsoft | 7 Office, Office Online Server, Office Web Apps and 4 more | 2019-10-02 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8511, CVE-2017-0260, and CVE-2017-8506. | |||||
| CVE-2017-0283 | 1 Microsoft | 11 Lync, Office, Office Word Viewer and 8 more | 2019-10-02 | 9.3 HIGH | 8.8 HIGH |
| Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, Windows Server 2016, Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office Word Viewer, Microsoft Lync 2013 SP1, Skype for Business 2016, Microsoft Silverlight 5 Developer Runtime when installed on Microsoft Windows, and Microsoft Silverlight 5 when installed on Microsoft Windows allows a remote code execution vulnerability due to the way it handles objects in memory, aka "Windows Uniscribe Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8528. | |||||
| CVE-2017-0262 | 1 Microsoft | 1 Office | 2019-10-02 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0261 and CVE-2017-0281. | |||||
| CVE-2017-0260 | 1 Microsoft | 3 Office, Windows 7, Windows Server 2008 | 2019-10-02 | 9.3 HIGH | 7.8 HIGH |
| A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, and CVE-2017-8506. | |||||