Vulnerabilities > Microsoft > Office > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-08-14 CVE-2019-1204 Improper Input Validation vulnerability in Microsoft Office, Office 365 Proplus and Outlook
An elevation of privilege vulnerability exists when Microsoft Outlook initiates processing of incoming messages without sufficient validation of the formatting of the messages.
network
low complexity
microsoft CWE-20
4.3
4.3
2019-08-14 CVE-2019-1153 Out-of-bounds Read vulnerability in Microsoft products
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory.
local
low complexity
microsoft CWE-125
5.5
5.5
2019-08-14 CVE-2019-1148 Out-of-bounds Read vulnerability in Microsoft products
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory.
local
low complexity
microsoft CWE-125
5.5
5.5
2019-07-15 CVE-2019-1112 Information Exposure vulnerability in Microsoft Office and Office 365 Proplus
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.
local
low complexity
microsoft CWE-200
5.5
5.5
2019-07-15 CVE-2019-1084 Information Exposure vulnerability in Microsoft products
An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters.
network
low complexity
microsoft CWE-200
6.5
6.5
2019-03-05 CVE-2019-0669 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.
network
low complexity
microsoft
6.5
6.5
2019-03-05 CVE-2019-0540 Open Redirect vulnerability in Microsoft products
A security feature bypass vulnerability exists when Microsoft Office does not validate URLs.An attacker could send a victim a specially crafted file, which could trick the victim into entering credentials, aka 'Microsoft Office Security Feature Bypass Vulnerability'.
local
low complexity
microsoft CWE-601
5.5
5.5
2019-01-08 CVE-2019-0561 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists when Microsoft Word macro buttons are used improperly, aka "Microsoft Word Information Disclosure Vulnerability." This affects Microsoft Word, Office 365 ProPlus, Microsoft Office, Word.
local
low complexity
microsoft
5.5
5.5
2019-01-08 CVE-2019-0560 Unspecified vulnerability in Microsoft Office, Office 365 Proplus and Outlook
An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka "Microsoft Office Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office.
local
low complexity
microsoft
5.5
5.5
2019-01-08 CVE-2019-0559 Unspecified vulnerability in Microsoft Office, Office 365 Proplus and Outlook
An information disclosure vulnerability exists when Microsoft Outlook improperly handles certain types of messages, aka "Microsoft Outlook Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook.
network
low complexity
microsoft
6.5
6.5