Office@2019 Security Vulnerabilities and Issues — Page 6 of Office@2019 CVE List

Lucene search

MicrosoftOffice2019

408 matches found

CVE•added 2020/09/11 5:15 p.m.•94 views

CVE-2020-1332

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ...

8.8CVSS7.8AI score0.07867EPSS

CVE•added 2020/07/14 11:15 p.m.•94 views

CVE-2020-1445

An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka 'Microsoft Office Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1342.

5.5CVSS6.1AI score0.28299EPSS

CVE•added 2023/07/11 6:15 p.m.•94 views

CVE-2023-33152

Microsoft ActiveX Remote Code Execution Vulnerability

7.8CVSS7.3AI score0.00957EPSS

CVE•added 2025/02/11 6:15 p.m.•94 views

CVE-2025-21387

Microsoft Excel Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.00168EPSS

CVE•added 2019/01/08 9:29 p.m.•93 views

CVE-2019-0560

An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka "Microsoft Office Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office.

5.5CVSS5.1AI score0.26918EPSS

CVE•added 2021/03/11 4:15 p.m.•93 views

CVE-2021-27057

Microsoft Office Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.04203EPSS

CVE•added 2021/12/15 3:15 p.m.•93 views

CVE-2021-43875

Microsoft Office Graphics Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.00914EPSS

CVE•added 2025/01/14 6:16 p.m.•93 views

CVE-2025-21346

Microsoft Office Security Feature Bypass Vulnerability

7.8CVSS6.8AI score0.00204EPSS

CVE•added 2025/04/08 6:16 p.m.•93 views

CVE-2025-29792

Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.

7.3CVSS7.5AI score0.00178EPSS

CVE•added 2019/04/09 9:29 p.m.•92 views

CVE-2019-0822

A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'.

9.3CVSS7.8AI score0.25636EPSS

CVE•added 2020/08/17 7:15 p.m.•92 views

CVE-2020-1497

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data.To exploit the vulnerability, an attacker could craft a special docume...

5.5CVSS6.3AI score0.25763EPSS

CVE•added 2021/03/11 4:15 p.m.•92 views

CVE-2021-27053

Microsoft Excel Remote Code Execution Vulnerability

7.8CVSS7.6AI score0.0356EPSS

CVE•added 2022/12/13 7:15 p.m.•92 views

CVE-2022-44692

Microsoft Office Graphics Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.00392EPSS

CVE•added 2024/12/12 2:4 a.m.•92 views

CVE-2024-49142

Microsoft Access Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.0012EPSS

CVE•added 2025/01/14 6:15 p.m.•92 views

CVE-2025-21186

Microsoft Access Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.00265EPSS

CVE•added 2019/04/09 9:29 p.m.•91 views

CVE-2019-0801

A remote code execution vulnerability exists when Microsoft Office fails to properly handle certain files.To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted URL file that points to an Excel or PowerPoint file that was also downloaded.The update addre...

7.8CVSS7.7AI score0.23271EPSS

CVE•added 2019/05/16 7:29 p.m.•91 views

CVE-2019-0946

A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0945, CVE-2019-0947.

9.3CVSS7.9AI score0.24224EPSS

CVE•added 2020/02/11 10:15 p.m.•91 views

CVE-2020-0696

A security feature bypass vulnerability exists in Microsoft Outlook software when it improperly handles the parsing of URI formats, aka 'Microsoft Outlook Security Feature Bypass Vulnerability'.

6.5CVSS6.4AI score0.06593EPSS

CVE•added 2022/11/09 10:15 p.m.•91 views

CVE-2022-41060

Microsoft Word Information Disclosure Vulnerability

5.5CVSS6.1AI score0.00285EPSS

CVE•added 2024/08/13 6:15 p.m.•91 views

CVE-2024-38173

Microsoft Outlook Remote Code Execution Vulnerability

6.7CVSS6.7AI score0.01084EPSS

CVE•added 2025/04/08 6:16 p.m.•91 views

CVE-2025-27751

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS7.8AI score0.0041EPSS

CVE•added 2019/03/06 12:0 a.m.•90 views

CVE-2019-0673

9.3CVSS7.9AI score0.31336EPSS

CVE•added 2020/03/12 4:15 p.m.•90 views

CVE-2020-0855

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0850, CVE-2020-0851, CVE-2020-0852, CVE-2020-0892.

9.3CVSS8AI score0.33652EPSS

CVE•added 2020/11/11 7:15 a.m.•90 views

CVE-2020-17065

Microsoft Excel Remote Code Execution Vulnerability

9.3CVSS7.8AI score0.04588EPSS

CVE•added 2022/10/11 7:15 p.m.•90 views

CVE-2022-41043

Microsoft Office Information Disclosure Vulnerability

3.3CVSS5.3AI score0.00917EPSS

CVE•added 2025/04/08 6:16 p.m.•90 views

CVE-2025-29791

Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.

7.8CVSS7.5AI score0.0143EPSS

CVE•added 2019/01/08 9:29 p.m.•89 views

CVE-2019-0561

An information disclosure vulnerability exists when Microsoft Word macro buttons are used improperly, aka "Microsoft Word Information Disclosure Vulnerability." This affects Microsoft Word, Office 365 ProPlus, Microsoft Office, Word.

5.5CVSS6.1AI score0.13337EPSS

CVE•added 2019/05/16 7:29 p.m.•89 views

CVE-2019-0945

9.3CVSS7.9AI score0.24224EPSS

CVE•added 2020/03/12 4:15 p.m.•89 views

CVE-2020-0851

9.3CVSS8AI score0.33652EPSS

CVE•added 2020/11/11 7:15 a.m.•89 views

CVE-2020-17064

Microsoft Excel Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.06172EPSS

CVE•added 2021/02/25 11:15 p.m.•89 views

CVE-2021-24067

Microsoft Excel Remote Code Execution Vulnerability

7.8CVSS7.6AI score0.02597EPSS

CVE•added 2023/07/11 6:15 p.m.•89 views

CVE-2023-33149

Microsoft Office Graphics Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.00766EPSS

CVE•added 2018/10/10 1:29 p.m.•88 views

CVE-2018-8502

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in Protected View, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel.

9.3CVSS8.8AI score0.20562EPSS

CVE•added 2018/11/14 1:29 a.m.•88 views

CVE-2018-8574

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8...

9.3CVSS7.9AI score0.19365EPSS

CVE•added 2018/12/12 12:29 a.m.•88 views

CVE-2018-8587

A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook.

9.3CVSS6.1AI score0.46569EPSS

CVE•added 2019/03/06 12:0 a.m.•88 views

CVE-2019-0671

9.3CVSS7.9AI score0.31336EPSS

CVE•added 2020/06/09 8:15 p.m.•88 views

CVE-2020-1322

An information disclosure vulnerability exists when Microsoft Project reads out of bound memory due to an uninitialized variable, aka 'Microsoft Project Information Disclosure Vulnerability'.

6.5CVSS5.9AI score0.25134EPSS

CVE•added 2021/03/11 4:15 p.m.•88 views

CVE-2021-27056

Microsoft PowerPoint Remote Code Execution Vulnerability

7.8CVSS7.6AI score0.12755EPSS

CVE•added 2025/04/08 6:16 p.m.•88 views

CVE-2025-27750

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS7.8AI score0.00079EPSS

CVE•added 2018/11/14 1:29 a.m.•87 views

CVE-2018-8546

A denial of service vulnerability exists in Skype for Business, aka "Microsoft Skype for Business Denial of Service Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Lync, Skype.

5.9CVSS6.1AI score0.11131EPSS

CVE•added 2019/04/09 9:29 p.m.•87 views

CVE-2019-0824

7.8CVSS7.8AI score0.19127EPSS

CVE•added 2019/08/14 9:15 p.m.•87 views

CVE-2019-1200

A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the...

9.3CVSS7.7AI score0.07373EPSS

CVE•added 2019/11/12 7:15 p.m.•87 views

CVE-2019-1457

A security feature bypass vulnerability exists in Microsoft Office software by not enforcing macro settings on an Excel document, aka 'Microsoft Office Excel Security Feature Bypass'.

7.8CVSS7.4AI score0.05719EPSS

CVE•added 2021/02/25 11:15 p.m.•87 views

CVE-2021-24069

Microsoft Excel Remote Code Execution Vulnerability

7.8CVSS7.6AI score0.01129EPSS

CVE•added 2022/12/13 7:15 p.m.•87 views

CVE-2022-44691

Microsoft Office OneNote Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.01624EPSS

CVE•added 2022/12/13 7:15 p.m.•87 views

CVE-2022-44695

Microsoft Office Visio Remote Code Execution Vulnerability