cbcvebase.

Microsoft Office vulnerabilities

85 known vulnerabilities affecting microsoft/microsoft_office.

Total CVEs
85
CISA KEV
2
actively exploited
Public exploits
1
Exploited in wild
3
Severity breakdown
CRITICAL3HIGH54MEDIUM28

Vulnerabilities

Page 1 of 5
CVE-2020-1349HIGHCVSS 7.8v2019 for 32-bit editionsv2019 for 64-bit editions2020-07-14
CVE-2020-1349 [HIGH] CVE-2020-1349: A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka 'Microsoft Outlook Remote Code Execution Vulnerability'.
nvd
CVE-2020-1446HIGHCVSS 8.8v2019 for 32-bit editionsv2019 for 64-bit editions2020-07-14
CVE-2020-1446 [HIGH] CVE-2020-1446: A remote code execution vulnerability exists in Microsoft Word software when it fails to properly ha A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1447, CVE-2020-1448.
nvd
CVE-2020-1409HIGHCVSS 7.8v2019 for Macv2016 for Mac2020-07-14
CVE-2020-1409 [HIGH] CVE-2020-1409: A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'.
nvd
CVE-2020-1449HIGHCVSS 7.8v2019 for 32-bit editionsv2019 for 64-bit editions2020-07-14
CVE-2020-1449 [HIGH] CWE-346 CVE-2020-1449: A remote code execution vulnerability exists in Microsoft Project software when the software fails t A remote code execution vulnerability exists in Microsoft Project software when the software fails to check the source markup of a file, aka 'Microsoft Project Remote Code Execution Vulnerability'.
nvd
CVE-2020-1342MEDIUMCVSS 5.5v2019 for 32-bit editionsv2019 for 64-bit editions+4 more2020-07-14
CVE-2020-1342 [MEDIUM] CWE-125 CVE-2020-1342: An information disclosure vulnerability exists when Microsoft Office software reads out of bound mem An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka 'Microsoft Office Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1445.
nvd
CVE-2020-1225HIGHCVSS 8.8v2019 for 32-bit editionsv2019 for 64-bit editions+2 more2020-06-09
CVE-2020-1225 [HIGH] CWE-416 CVE-2020-1225: A remote code execution vulnerability exists in Microsoft Excel software when the software fails to A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1226.
nvd
CVE-2020-1321HIGHCVSS 8.8v2019 for 32-bit editionsv2019 for 64-bit editions+2 more2020-06-09
CVE-2020-1321 [HIGH] CVE-2020-1321: A remote code execution vulnerability exists in Microsoft Office software when it fails to properly A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory, aka 'Microsoft Office Remote Code Execution Vulnerability'.
nvd
CVE-2020-1229MEDIUMCVSS 4.3v2019 for 32-bit editionsv2019 for 64-bit editions+9 more2020-06-09
CVE-2020-1229 [MEDIUM] CVE-2020-1229: A security feature bypass vulnerability exists in Microsoft Outlook when Office fails to enforce sec A security feature bypass vulnerability exists in Microsoft Outlook when Office fails to enforce security settings configured on a system, aka 'Microsoft Outlook Security Feature Bypass Vulnerability'.
nvd
CVE-2020-1322MEDIUMCVSS 6.5v2019 for 32-bit editionsv2019 for 64-bit editions2020-06-09
CVE-2020-1322 [MEDIUM] CWE-125 CVE-2020-1322: An information disclosure vulnerability exists when Microsoft Project reads out of bound memory due An information disclosure vulnerability exists when Microsoft Project reads out of bound memory due to an uninitialized variable, aka 'Microsoft Project Information Disclosure Vulnerability'.
nvd
CVE-2020-0901CRITICALCVSS 9.8v2019 for 32-bit editionsv2019 for 64-bit editions+2 more2020-05-21
CVE-2020-0901 [CRITICAL] CVE-2020-0901: A remote code execution vulnerability exists in Microsoft Excel software when the software fails to A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.
nvd
CVE-2020-0760HIGHCVSS 8.8v2019 for 32-bit editionsv2019 for 64-bit editions+7 more2020-04-15
CVE-2020-0760 [HIGH] CVE-2020-0760: A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type l A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991.
nvd
CVE-2020-0980HIGHCVSS 7.8v2019 for 32-bit editionsv2019 for 64-bit editions+4 more2020-04-15
CVE-2020-0980 [HIGH] CVE-2020-0980: A remote code execution vulnerability exists in Microsoft Word software when it fails to properly ha A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'.
nvd
CVE-2020-0961HIGHCVSS 7.8v2019 for 32-bit editionsv2019 for 64-bit editions+7 more2020-04-15
CVE-2020-0961 [HIGH] CVE-2020-0961: A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine im A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'.
nvd
CVE-2020-0850HIGHCVSS 8.8v2019 for 32-bit editionsv2019 for 64-bit editions+4 more2020-03-12
CVE-2020-0850 [HIGH] CVE-2020-0850: A remote code execution vulnerability exists in Microsoft Word software when it fails to properly ha A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0851, CVE-2020-0852, CVE-2020-0855, CVE-2020-0892.
nvd
CVE-2020-0759HIGHCVSS 8.8v2019 for 32-bit editionsv2019 for 64-bit editions+2 more2020-02-11
CVE-2020-0759 [HIGH] CVE-2020-0759: A remote code execution vulnerability exists in Microsoft Excel software when the software fails to A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.
nvd
CVE-2020-0696MEDIUMCVSS 6.5v2019 for 32-bit editionsv2019 for 64-bit editions2020-02-11
CVE-2020-0696 [MEDIUM] CVE-2020-0696: A security feature bypass vulnerability exists in Microsoft Outlook software when it improperly hand A security feature bypass vulnerability exists in Microsoft Outlook software when it improperly handles the parsing of URI formats, aka 'Microsoft Outlook Security Feature Bypass Vulnerability'.
nvd
CVE-2020-0652HIGHCVSS 7.8v2019 for 32-bit editionsv2019 for 64-bit editions+7 more2020-01-14
CVE-2020-0652 [HIGH] CWE-787 CVE-2020-0652: A remote code execution vulnerability exists in Microsoft Office software when the software fails to A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka 'Microsoft Office Memory Corruption Vulnerability'.
nvd
CVE-2019-1462HIGHCVSS 7.8v2019 for 32-bit editionsv2019 for 64-bit editions+2 more2019-12-10
CVE-2019-1462 [HIGH] CWE-908 CVE-2019-1462: A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fail A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka 'Microsoft PowerPoint Remote Code Execution Vulnerability'.
nvd
CVE-2019-1464MEDIUMCVSS 5.5v2019 for 32-bit editionsv2019 for 64-bit editions+9 more2019-12-10
CVE-2019-1464 [MEDIUM] CWE-200 CVE-2019-1464: An information disclosure vulnerability exists when Microsoft Excel improperly discloses the content An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.
nvd
CVE-2019-1400MEDIUMCVSS 5.5v2019 for 32-bit editionsv2019 for 64-bit editions+7 more2019-12-10
CVE-2019-1400 [MEDIUM] CWE-200 CVE-2019-1400: An information disclosure vulnerability exists in Microsoft Access software when the software fails An information disclosure vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory, aka 'Microsoft Access Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1463.
nvd
1 / 5Next →