Vulnerabilities > Microsoft > Outlook > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-03-14 CVE-2023-23397 Authentication Bypass by Capture-replay vulnerability in Microsoft products
Microsoft Outlook Elevation of Privilege Vulnerability
network
low complexity
microsoft CWE-294
critical
 9.8
9.8
2018-11-14 CVE-2018-8522 Unspecified vulnerability in Microsoft products
A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook.
network
microsoft
critical
 9.3
9.3
2018-11-14 CVE-2018-8524 Unspecified vulnerability in Microsoft products
A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook.
network
microsoft
critical
 9.3
9.3
2018-11-14 CVE-2018-8576 Unspecified vulnerability in Microsoft Office, Office 365 Proplus and Outlook
A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook.
network
microsoft
critical
 9.3
9.3
2018-11-14 CVE-2018-8582 Unspecified vulnerability in Microsoft products
A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially modified rule export files, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook.
network
microsoft
critical
 9.3
9.3
2018-02-15 CVE-2018-0851 Out-of-bounds Write vulnerability in Microsoft Office, Office Word Viewer and Outlook
Microsoft Office 2007 SP2, Microsoft Office Word Viewer, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1 and RT SP1, Microsoft Office 2016, and Microsoft Office 2016 Click-to-Run (C2R) allow a remote code execution vulnerability, due to how Office handles objects in memory, aka "Microsoft Office Memory Corruption Vulnerability".
network
microsoft CWE-787
critical
 9.3
9.3
2018-02-15 CVE-2018-0852 Out-of-bounds Write vulnerability in Microsoft Office and Outlook
Microsoft Outlook 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1 and RT SP1, Microsoft Outlook 2016, and Microsoft Office 2016 Click-to-Run (C2R) allow a remote code execution vulnerability, due to how Outlook handles objects in memory, aka "Microsoft Office Memory Corruption Vulnerability".
network
microsoft CWE-787
critical
 9.3
9.3
2018-01-10 CVE-2018-0791 Unspecified vulnerability in Microsoft Office and Outlook
Microsoft Outlook 2007, Microsoft Outlook 2010, Microsoft Outlook 2013, and Microsoft Outlook 2016 allow a remote code execution vulnerability due to the way email messages are parsed, aka "Microsoft Outlook Remote Code Execution Vulnerability".
network
microsoft
critical
 9.3
9.3
2017-08-01 CVE-2017-8663 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Outlook
Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outlook 2013 RT SP1, and Outlook 2016 as packaged in Microsoft Office allows a remote code execution vulnerability due to the way Microsoft Outlook parses specially crafted email messages, aka "Microsoft Office Outlook Memory Corruption Vulnerability"
network
microsoft CWE-119
critical
 9.3
9.3
2017-06-15 CVE-2017-8506 DLL Loading Remote Code Execution vulnerability in Microsoft Outlook 2010/2013/2016
A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability".
network
microsoft
critical
 9.3
9.3