Vulnerabilities > Microsoft > Office Online Server

DATE CVE VULNERABILITY TITLE RISK
2020-03-12 CVE-2020-0850 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'.
network
microsoft CWE-119
6.8
6.8
2020-02-11 CVE-2020-0695 Improper Input Validation vulnerability in Microsoft Office Online Server
A spoofing vulnerability exists when Office Online Server does not validate origin in cross-origin communications correctly, aka 'Microsoft Office Online Server Spoofing Vulnerability'.
network
microsoft CWE-20
5.8
5.8
2020-01-14 CVE-2020-0647 Improper Input Validation vulnerability in Microsoft Office Online Server
A spoofing vulnerability exists when Office Online does not validate origin in cross-origin communications correctly, aka 'Microsoft Office Online Spoofing Vulnerability'.
network
microsoft CWE-20
5.8
5.8
2019-11-12 CVE-2019-1447 Origin Validation Error vulnerability in Microsoft Office Online Server
A spoofing vulnerability exists when Office Online does not validate origin in cross-origin communications handlers correctly, aka 'Microsoft Office Online Spoofing Vulnerability'.
network
microsoft CWE-346
5.8
5.8
2019-11-12 CVE-2019-1446 Information Exposure vulnerability in Microsoft products
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.
network
microsoft CWE-200
4.3
4.3
2019-11-12 CVE-2019-1445 Origin Validation Error vulnerability in Microsoft Office Online Server
A spoofing vulnerability exists when Office Online does not validate origin in cross-origin communications handlers correctly, aka 'Microsoft Office Online Spoofing Vulnerability'.
network
microsoft CWE-346
5.8
5.8
2019-10-10 CVE-2019-1331 Unspecified vulnerability in Microsoft products
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.
network
microsoft
critical
 9.3
9.3
2019-08-14 CVE-2019-1205 Unspecified vulnerability in Microsoft products
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'.
network
microsoft
critical
 9.3
9.3
2019-08-14 CVE-2019-1201 Unspecified vulnerability in Microsoft products
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'.
network
microsoft
critical
 9.3
9.3
2019-06-12 CVE-2019-1035 Unspecified vulnerability in Microsoft products
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'.
local
low complexity
microsoft
7.8
7.8