Vulnerabilities > Microsoft > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-02-05 CVE-2018-6461 Untrusted Search Path vulnerability in March-Hare Wincvs
March Hare WINCVS before 2.8.01 build 6610, and CVS Suite before 2009R2 build 6610, contains an Insecure Library Loading vulnerability in the wincvs2.exe or wincvs.exe file, which may allow local users to gain privileges via a Trojan horse Python or TCL DLL file in the current working directory.
network
march-hare microsoft CWE-426
critical
 9.3
9.3
2018-01-22 CVE-2018-0862 Unspecified vulnerability in Microsoft Office, Office Compatibility Pack and Word
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability".
network
microsoft
critical
 9.3
9.3
2018-01-22 CVE-2018-0849 Unspecified vulnerability in Microsoft Office, Office Compatibility Pack and Word
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability".
network
microsoft
critical
 9.3
9.3
2018-01-22 CVE-2018-0848 Unspecified vulnerability in Microsoft Office, Office Compatibility Pack and Word
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability".
network
microsoft
critical
 9.3
9.3
2018-01-22 CVE-2018-0845 Unspecified vulnerability in Microsoft Office, Office Compatibility Pack and Word
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability".
network
microsoft
critical
 9.3
9.3
2018-01-10 CVE-2018-0812 Out-of-bounds Write vulnerability in Microsoft Office, Office Compatibility Pack and Word
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Memory Corruption Vulnerability".
network
microsoft CWE-787
critical
 9.3
9.3
2018-01-10 CVE-2018-0807 Unspecified vulnerability in Microsoft Office, Office Compatibility Pack and Word
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability".
network
microsoft
critical
 9.3
9.3
2018-01-10 CVE-2018-0806 Unspecified vulnerability in Microsoft Office, Office Compatibility Pack and Word
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability".
network
microsoft
critical
 9.3
9.3
2018-01-10 CVE-2018-0805 Unspecified vulnerability in Microsoft Office, Office Compatibility Pack and Word
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability".
network
microsoft
critical
 9.3
9.3
2018-01-10 CVE-2018-0804 Unspecified vulnerability in Microsoft Office, Office Compatibility Pack and Word
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability".
network
microsoft
critical
 9.3
9.3