Vulnerabilities > Microsoft > Office

DATE CVE VULNERABILITY TITLE RISK
2020-11-11 CVE-2020-17019 Double Free vulnerability in Microsoft Office 2010
Microsoft Excel Remote Code Execution Vulnerability
local
low complexity
microsoft CWE-415
7.8
2020-10-16 CVE-2020-16957 Unspecified vulnerability in Microsoft 365 Apps and Office
<p>A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory.
local
low complexity
microsoft
7.8
2020-10-16 CVE-2020-16955 Unspecified vulnerability in Microsoft 365 Apps and Office
<p>An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files.
local
low complexity
microsoft
7.8
2020-10-16 CVE-2020-16954 Unspecified vulnerability in Microsoft 365 Apps and Office
<p>A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory.
local
low complexity
microsoft
7.8
2020-10-16 CVE-2020-16949 Memory Leak vulnerability in Microsoft products
<p>A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory.
local
high complexity
microsoft CWE-401
4.7
2020-10-16 CVE-2020-16947 Out-of-bounds Write vulnerability in Microsoft 365 Apps, Office and Outlook
<p>A remote code execution vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory.
network
high complexity
microsoft CWE-787
7.5
2020-10-16 CVE-2020-16934 Unspecified vulnerability in Microsoft 365 Apps, Office and Office 2013 Click-To-Run
<p>An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files.
local
high complexity
microsoft
7.0
2020-10-16 CVE-2020-16933 Unspecified vulnerability in Microsoft products
<p>A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files.
local
high complexity
microsoft
7.0
2020-10-16 CVE-2020-16932 Missing Initialization of Resource vulnerability in Microsoft products
<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory.
local
low complexity
microsoft CWE-909
7.8
2020-10-16 CVE-2020-16931 Use of Uninitialized Resource vulnerability in Microsoft products
<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory.
local
low complexity
microsoft CWE-908
7.8