Vulnerabilities > Microsoft > 365 Apps

DATE CVE VULNERABILITY TITLE RISK
2020-10-16 CVE-2020-16933 Unspecified vulnerability in Microsoft products
<p>A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files.
local
high complexity
microsoft
7.0
2020-10-16 CVE-2020-16932 Missing Initialization of Resource vulnerability in Microsoft products
<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory.
local
low complexity
microsoft CWE-909
7.8
2020-10-16 CVE-2020-16931 Use of Uninitialized Resource vulnerability in Microsoft products
<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory.
local
low complexity
microsoft CWE-908
7.8
2020-10-16 CVE-2020-16930 Out-of-bounds Write vulnerability in Microsoft 365 Apps and Office
<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory.
local
low complexity
microsoft CWE-787
7.8
2020-10-16 CVE-2020-16929 Use After Free vulnerability in Microsoft products
<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory.
local
low complexity
microsoft CWE-416
7.8
2020-10-16 CVE-2020-16928 Unspecified vulnerability in Microsoft 365 Apps and Office
<p>An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files.
local
low complexity
microsoft
7.8
2020-10-16 CVE-2020-16918 Unspecified vulnerability in Microsoft 365 Apps and 3D Viewer
<p>A remote code execution vulnerability exists when the Base3D rendering engine improperly handles memory.</p> <p>An attacker who successfully exploited the vulnerability would gain execution on a victim system.</p> <p>The security update addresses the vulnerability by correcting how the Base3D rendering engine handles memory.</p>
local
low complexity
microsoft
7.8
2020-09-11 CVE-2020-1594 Unspecified vulnerability in Microsoft 365 Apps, Excel and Office
<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory.
local
low complexity
microsoft
7.8
2020-09-11 CVE-2020-1338 Unspecified vulnerability in Microsoft products
<p>A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory.
local
low complexity
microsoft
7.8
2020-09-11 CVE-2020-1335 Unspecified vulnerability in Microsoft products
<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory.
local
low complexity
microsoft
7.8