Outlook

DATE	CVE	VULNERABILITY TITLE	RISK
2018-11-14	CVE-2018-8576	Unspecified vulnerability in Microsoft Office, Office 365 Proplus and Outlook A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook. local low complexity microsoft	7.8
2018-11-14	CVE-2018-8524	Unspecified vulnerability in Microsoft products A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook. local low complexity microsoft	7.8
2018-11-14	CVE-2018-8522	Unspecified vulnerability in Microsoft products A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook. local low complexity microsoft	7.8
2018-06-14	CVE-2018-8244	Improper Input Validation vulnerability in Microsoft Office, Outlook and Outlook RT An elevation of privilege vulnerability exists when Microsoft Outlook does not validate attachment headers properly, aka "Microsoft Outlook Elevation of Privilege Vulnerability." This affects Microsoft Office, Microsoft Outlook. network low complexity microsoft CWE-20	6.5
2018-05-16	CVE-2017-17689	The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. network high complexity microsoft horde google 9folders flipdogsolutions r2mail2 apple bloop freron kde gnome mozilla ibm emclient postbox-inc ritlabs	5.9
2018-05-16	CVE-2017-17688	The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. network high complexity microsoft horde flipdogsolutions r2mail2 apple bloop freron mozilla emclient postbox-inc roundcube	5.9
2018-02-15	CVE-2018-0852	Out-of-bounds Write vulnerability in Microsoft Office and Outlook Microsoft Outlook 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1 and RT SP1, Microsoft Outlook 2016, and Microsoft Office 2016 Click-to-Run (C2R) allow a remote code execution vulnerability, due to how Outlook handles objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". network low complexity microsoft CWE-787	8.8
2018-02-15	CVE-2018-0851	Out-of-bounds Write vulnerability in Microsoft Office, Office Word Viewer and Outlook Microsoft Office 2007 SP2, Microsoft Office Word Viewer, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1 and RT SP1, Microsoft Office 2016, and Microsoft Office 2016 Click-to-Run (C2R) allow a remote code execution vulnerability, due to how Office handles objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". network low complexity microsoft CWE-787	8.8
2018-02-15	CVE-2018-0850	Unspecified vulnerability in Microsoft Office and Outlook Microsoft Outlook 2007, Microsoft Outlook 2010, Microsoft Outlook 2013, Microsoft Outlook 2016, and Microsoft Office 2016 Click-to-Run allow an elevation of privilege vulnerability due to how the format of incoming message is validated, aka "Microsoft Outlook Elevation of Privilege Vulnerability". network low complexity microsoft	6.5
2018-01-10	CVE-2018-0791	Unspecified vulnerability in Microsoft Office and Outlook Microsoft Outlook 2007, Microsoft Outlook 2010, Microsoft Outlook 2013, and Microsoft Outlook 2016 allow a remote code execution vulnerability due to the way email messages are parsed, aka "Microsoft Outlook Remote Code Execution Vulnerability". local low complexity microsoft	7.8