Microsoft Office vulnerabilities
85 known vulnerabilities affecting microsoft/microsoft_office.
Total CVEs
85
CISA KEV
2
actively exploited
Public exploits
1
Exploited in wild
3
Severity breakdown
CRITICAL3HIGH54MEDIUM28
Vulnerabilities
Page 5 of 5
CVE-2018-8150MEDIUMCVSS 6.5v2016 Click-to-Run (C2R) for 32-bit editionsv2016 Click-to-Run (C2R) for 64-bit editions2018-05-09
CVE-2018-8150 [MEDIUM] CVE-2018-8150: A security feature bypass vulnerability exists when the Microsoft Outlook attachment block filter do
A security feature bypass vulnerability exists when the Microsoft Outlook attachment block filter does not properly handle attachments, aka "Microsoft Outlook Security Feature Bypass Vulnerability." This affects Microsoft Office.
nvd
CVE-2018-0920HIGHCVSS 7.8v2016 for MacvCompatibility Pack Service Pack 32018-04-12
CVE-2018-0920 [HIGH] CVE-2018-0920: A remote code execution vulnerability exists in Microsoft Excel software when the software fails to
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel. This CVE ID is unique from CVE-2018-1011, CVE-2018-1027, CVE-2018-1029.
nvd
CVE-2018-1028HIGHCVSS 8.8v2010 Service Pack 2 (32-bit editions)v2010 Service Pack 2 (64-bit editions)+7 more2018-04-12
CVE-2018-1028 [HIGH] CWE-94 CVE-2018-1028: A remote code execution vulnerability exists when the Office graphics component improperly handles s
A remote code execution vulnerability exists when the Office graphics component improperly handles specially crafted embedded fonts, aka "Microsoft Office Graphics Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft SharePoint, Excel, Microsoft SharePoint Server.
nvd
CVE-2018-1026HIGHCVSS 8.8v2013 RT Service Pack 1v2013 Service Pack 1 (32-bit editions)+5 more2018-04-12
CVE-2018-1026 [HIGH] CVE-2018-1026: A remote code execution vulnerability exists in Microsoft Office software when the software fails to
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Office. This CVE ID is unique from CVE-2018-1030.
nvd
CVE-2018-0950MEDIUMCVSS 6.5v2016 (32-bit edition)v2016 (64-bit edition)2018-04-12
CVE-2018-0950 [MEDIUM] CVE-2018-0950: An information disclosure vulnerability exists when Office renders Rich Text Format (RTF) email mess
An information disclosure vulnerability exists when Office renders Rich Text Format (RTF) email messages containing OLE objects when a message is opened or previewed, aka "Microsoft Office Information Disclosure Vulnerability." This affects Microsoft Word, Microsoft Office. This CVE ID is unique from CVE-2018-1007.
nvd
← Previous5 / 5