CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

743 matches found

Microsoft Outlook and Word Remote Code Execution Vulnerability

Access of resource using incompatible type 'type confusion' in Microsoft Office allows an unauthorized attacker to execute code locally...

8.4CVSS7.3AI score0.00073EPSS

Exploits0

OSV•added 2026/02/10 6:16 p.m.•4 views

CVE-2026-21511

Deserialization of untrusted data in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network...

7.5CVSS5.8AI score0.00422EPSS

Exploits0References1

CVE•added 2026/02/10 5:51 p.m.•42 views

CVE-2026-21260

CVE-2026-21260 affects Microsoft Office Outlook, where exposure of sensitive information to an unauthorized actor enables network-based spoofing. The entry cites a CVSSv3.1 base score of 7.5 (HIGH) with an attack vector of NETWORK and no privileges required, but has no exploitation details in the...

7.5CVSS5.5AI score0.00089EPSS

Exploits0References1Affected Software5

RedhatCVE•added 2026/01/09 11:2 a.m.•9 views

CVE-2007-4040

Argument injection vulnerability involving Microsoft Outlook and Outlook Express, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in an unspecified URI, which are inserted into the command...

8.8CVSS7.8AI score0.56595EPSS

Exploits4References1

OSV•added 2025/10/16 9:15 p.m.•2 views

CVE-2024-42192

HCL Traveler for Microsoft Outlook HTMO is susceptible to a credential leakage which could allow an attacker to access other computers or applications...

5.5CVSS5.8AI score0.00017EPSS

Exploits0References1