Vulnerabilities > Microsoft > Office 365 Proplus > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-05 | CVE-2019-0540 | Open Redirect vulnerability in Microsoft products A security feature bypass vulnerability exists when Microsoft Office does not validate URLs.An attacker could send a victim a specially crafted file, which could trick the victim into entering credentials, aka 'Microsoft Office Security Feature Bypass Vulnerability'. | 5.5 |
| 2019-01-08 | CVE-2019-0561 | Unspecified vulnerability in Microsoft products An information disclosure vulnerability exists when Microsoft Word macro buttons are used improperly, aka "Microsoft Word Information Disclosure Vulnerability." This affects Microsoft Word, Office 365 ProPlus, Microsoft Office, Word. | 5.5 |
| 2019-01-08 | CVE-2019-0560 | Unspecified vulnerability in Microsoft Office, Office 365 Proplus and Outlook An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka "Microsoft Office Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office. | 5.5 |
| 2019-01-08 | CVE-2019-0559 | Unspecified vulnerability in Microsoft Office, Office 365 Proplus and Outlook An information disclosure vulnerability exists when Microsoft Outlook improperly handles certain types of messages, aka "Microsoft Outlook Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook. | 6.5 |
| 2018-12-12 | CVE-2018-8627 | Use of Uninitialized Resource vulnerability in Microsoft products An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel. | 5.5 |
| 2018-12-12 | CVE-2018-8598 | Unspecified vulnerability in Microsoft Excel, Office and Office 365 Proplus An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel. | 4.7 |
| 2018-11-14 | CVE-2018-8579 | Unspecified vulnerability in Microsoft Office and Office 365 Proplus An information disclosure vulnerability exists when attaching files to Outlook messages, aka "Microsoft Outlook Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office. | 6.5 |
| 2018-11-14 | CVE-2018-8558 | Information Exposure vulnerability in Microsoft Office and Office 365 Proplus An information disclosure vulnerability exists when Microsoft Outlook fails to respect "Default link type" settings configured via the SharePoint Online Admin Center, aka "Microsoft Outlook Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office. | 6.5 |
| 2018-11-14 | CVE-2018-8546 | Unspecified vulnerability in Microsoft products A denial of service vulnerability exists in Skype for Business, aka "Microsoft Skype for Business Denial of Service Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Lync, Skype. | 5.9 |
| 2018-10-10 | CVE-2018-8427 | Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka "Microsoft Graphics Components Information Disclosure Vulnerability." This affects Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Windows Server 2008, Microsoft PowerPoint Viewer, Microsoft Excel Viewer. | 5.5 |