Web Applications Security Vulnerabilities and Issues — Web Applications CVE List

MicrosoftWeb Applications

8 matches found

CVE•added 2017/07/11 9:0 p.m.•232 views

CVE-2017-0243

CVE-2017-0243 is a Microsoft Office remote code execution vulnerability caused by how Office handles objects in memory. An attacker could trigger RCE by convincing a user to open a crafted document. The entry notes this CVE is distinct from CVE-2017-8570. From the metrics, the CVSS v3 base score ...

9.3CVSS8AI score0.94216EPSS

In wild

CVE•added 2014/05/14 10:0 a.m.•92 views

CVE-2014-0251

CVE-2014-0251 affects Microsoft SharePoint products including Windows SharePoint Services 3.0 SP3, SharePoint Server 2007 SP3, 2010 SP1/SP2, 2013 Gold/SP1, SharePoint Foundation 2010 SP1/SP2/2013 Gold/SP1, Project Server 2010 SP1/SP2/2013 Gold/SP1, Web Applications 2010 SP1/SP2, Office Web Apps S...

9CVSS7.2AI score0.19647EPSS

CVE•added 2015/03/11 10:0 a.m.•92 views

CVE-2015-0085

CVE-2015-0085 is a use-after-free vulnerability in Microsoft Office components (including Office 2007/2010/2013 suites and related SharePoint/Viewer components) that enables remote code execution via a crafted Office document. The issue affects a broad set of Office applications and SharePoint-re...

9.3CVSS7.4AI score0.46289EPSS

CVE•added 2018/05/09 7:0 p.m.•85 views

CVE-2018-8160

CVE-2018-8160 is an information-disclosure vulnerability in Microsoft Outlook (Office suite). The vulnerability is triggered when a user opens a malicious message, which could lead to disclosure of sensitive information. The attacker’s capability path involves sending a crafted email that lures t...

6.5CVSS6.1AI score0.2302EPSS

CVE•added 2014/05/14 10:0 a.m.•82 views

CVE-2014-1813

CVE-2014-1813 affects Microsoft Office Web Apps / Web Applications 2010 (SP1 and SP2). The vulnerability allows remote authenticated attackers to execute arbitrary code via crafted page content in the vulnerable Web Applications component, with network-based access and single authentication requi...

8.5CVSS7.3AI score0.20167EPSS

CVE•added 2015/02/11 2:0 a.m.•75 views

CVE-2015-0064

CVE-2015-0064 corresponds to a memory-corruption remote-code-execution vulnerability in Microsoft Word 2007 SP3, Office 2010 SP2, Word Automation Services in SharePoint Server 2010, Web Applications 2010 SP2, Word Viewer and Office Compatibility Pack SP3. The issue arises when processing a crafte...

9.3CVSS8AI score0.71222EPSS

CVE•added 2014/12/11 12:0 a.m.•72 views

CVE-2014-6357

CVE-2014-6357 is a use-after-free remote code execution vulnerability reported in Microsoft Office products (Office 2010 SP2, Office 2013 SP1/Gold, Office for Mac 2011, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2/2013) and related Office Web ...

9.3CVSS8.8AI score0.47995EPSS

CVE•added 2015/03/11 10:0 a.m.•66 views

CVE-2015-0086

CVE-2015-0086 affects Microsoft Office/Word products including Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 Gold/SP1, Word 2013 RT Gold/SP1, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Serve...

9.3CVSS7.6AI score0.38232EPSS