Microsoft Office Online Server vulnerabilities
86 known vulnerabilities affecting microsoft/microsoft_office_online_server.
Total CVEs
86
CISA KEV
0
Public exploits
2
Exploited in wild
1
Severity breakdown
CRITICAL2HIGH61MEDIUM23
Vulnerabilities
Page 5 of 5
CVE-2019-1034HIGHCVSS 7.8≥ 16.0.1, < publication2019-06-12
CVE-2019-1034 [HIGH] CVE-2019-1034: A remote code execution vulnerability exists in Microsoft Word software when it fails to properly ha
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with
cvelistv5nvd
CVE-2019-1035HIGHCVSS 7.8≥ 16.0.1, < publication2019-06-12
CVE-2019-1035 [HIGH] CVE-2019-1035: A remote code execution vulnerability exists in Microsoft Word software when it fails to properly ha
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with
cvelistv5nvd
CVE-2019-0953HIGHCVSS 7.8vunspecified2019-05-16
CVE-2019-0953 [HIGH] CVE-2019-0953: A remote code execution vulnerability exists in Microsoft Word software when it fails to properly ha
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'.
cvelistv5nvd
CVE-2019-0585HIGHCVSS 8.8vMicrosoft Office Online Server2019-01-08
CVE-2019-0585 [HIGH] CVE-2019-0585: A remote code execution vulnerability exists in Microsoft Word software when it fails to properly ha
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft SharePoint, Microsoft Office Online Server, Microsoft Word, Microsoft SharePoint Ser
cvelistv5nvd
CVE-2018-8245HIGHCVSS 7.8v20162018-06-14
CVE-2018-8245 [HIGH] CVE-2018-8245: A remote code execution vulnerability exists when Microsoft Publisher fails to utilize features that
A remote code execution vulnerability exists when Microsoft Publisher fails to utilize features that lock down the Local Machine zone when instantiating OLE objects, aka "Microsoft Publisher Remote Code Execution Vulnerability." This affects Microsoft Publisher.
nvd
CVE-2018-8247HIGHCVSS 7.8v20162018-06-14
CVE-2018-8247 [HIGH] CVE-2018-8247: An elevation of privilege vulnerability exists when Office Web Apps Server 2013 and Office Online Server fail to properly handle web requests, aka "Mi
An elevation of privilege vulnerability exists when Office Web Apps Server 2013 and Office Online Server fail to properly handle web requests, aka "Microsoft Office Elevation of Privilege Vulnerability." This affects Microsoft Office, Microsoft Office Online Server. This CVE ID is unique from CVE-2018-8245.
cvelistv5
← Previous5 / 5