Outlook Security Vulnerabilities and Issues — Outlook CVE List

Lucene search

MicrosoftOutlook

16 matches found

CVE•added 2019/07/15 7:15 p.m.•253 views

CVE-2019-1084

An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. An authenticated attacker could exploit this vulnerability by creating entities with invalid display names, which, when added to conversations, remain invisib...

6.5CVSS5.3AI score0.07824EPSS

CVE•added 2022/12/13 7:15 p.m.•143 views

CVE-2022-24480

Outlook for Android Elevation of Privilege Vulnerability

6.3CVSS6.6AI score0.0016EPSS

CVE•added 2024/07/09 5:15 p.m.•132 views

CVE-2024-38020

Microsoft Outlook Spoofing Vulnerability

6.5CVSS6.8AI score0.00661EPSS

CVE•added 2023/08/08 6:15 p.m.•130 views

CVE-2023-36893

Microsoft Outlook Spoofing Vulnerability

6.5CVSS6.5AI score0.0084EPSS

CVE•added 2025/01/14 6:16 p.m.•128 views

CVE-2025-21357

Microsoft Outlook Remote Code Execution Vulnerability

6.7CVSS6.7AI score0.00106EPSS

CVE•added 2023/07/11 6:15 p.m.•102 views

CVE-2023-33151

Microsoft Outlook Spoofing Vulnerability

6.5CVSS6.8AI score0.00543EPSS

CVE•added 2019/01/08 9:29 p.m.•94 views

CVE-2019-0559

An information disclosure vulnerability exists when Microsoft Outlook improperly handles certain types of messages, aka "Microsoft Outlook Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook.

6.5CVSS5.9AI score0.25751EPSS

CVE•added 2020/02/11 10:15 p.m.•91 views

CVE-2020-0696

A security feature bypass vulnerability exists in Microsoft Outlook software when it improperly handles the parsing of URI formats, aka 'Microsoft Outlook Security Feature Bypass Vulnerability'.

6.5CVSS6.4AI score0.05593EPSS

CVE•added 2024/08/13 6:15 p.m.•91 views

CVE-2024-38173

Microsoft Outlook Remote Code Execution Vulnerability

6.7CVSS6.7AI score0.01084EPSS

CVE•added 2018/02/15 2:29 a.m.•83 views

CVE-2018-0850

Microsoft Outlook 2007, Microsoft Outlook 2010, Microsoft Outlook 2013, Microsoft Outlook 2016, and Microsoft Office 2016 Click-to-Run allow an elevation of privilege vulnerability due to how the format of incoming message is validated, aka "Microsoft Outlook Elevation of Privilege Vulnerability".

6.5CVSS7.3AI score0.13239EPSS

CVE•added 2018/06/14 12:29 p.m.•83 views

CVE-2018-8244

An elevation of privilege vulnerability exists when Microsoft Outlook does not validate attachment headers properly, aka "Microsoft Outlook Elevation of Privilege Vulnerability." This affects Microsoft Office, Microsoft Outlook.

6.5CVSS6.4AI score0.1023EPSS

CVE•added 2017/04/12 2:59 p.m.•77 views

CVE-2017-0207

Microsoft Outlook for Mac 2011 allows remote attackers to spoof web content via a crafted email with specific HTML tags, aka "Microsoft Browser Spoofing Vulnerability."

6.5CVSS6.1AI score0.11655EPSS

CVE•added 2016/09/14 10:59 a.m.•66 views

CVE-2016-3366

Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outlook 2013 RT SP1, Outlook 2016, and Outlook 2016 for Mac do not properly implement RFC 2046, which allows remote attackers to bypass virus or spam detection via crafted MIME data in an e-mail attachment, aka "Microsoft Office Spoofi...

6.5CVSS6.6AI score0.15125EPSS

CVE•added 2017/06/15 1:29 a.m.•56 views

CVE-2017-8545

A spoofing vulnerability exists in when Microsoft Outlook for Mac does not sanitize html properly, aka "Microsoft Outlook for Mac Spoofing Vulnerability".

6.5CVSS5.7AI score0.13057EPSS

CVE•added 2025/06/10 5:23 p.m.•49 views

CVE-2025-47171

Improper input validation in Microsoft Office Outlook allows an authorized attacker to execute code locally.

6.7CVSS6.6AI score0.01646EPSS

CVE•added 2024/09/10 5:15 p.m.•48 views

CVE-2024-43482

Microsoft Outlook for iOS Information Disclosure Vulnerability

6.5CVSS6.3AI score0.02098EPSS