Microsoft » Office : Security Vulnerabilities (CVSS score between 2 and 2.99)

CVSS Scores Greater Than: 0 1 2 3 4 5 6 7 8 9

Sort Results By : CVE Number Descending CVE Number Ascending CVSS Score Descending Number Of Exploits Descending

#	CVE ID	CWE ID	Vulnerability Type(s)	Publish Date	Update Date	Score	Gained Access Level	Access	Complexity	Authentication	Conf.	Integ.	Avail.
1	CVE-2022-23252	668		2022-02-09	2022-02-15	2.1	None	Local	Low	Not required	Partial	None	None
Microsoft Office Information Disclosure Vulnerability.
2	CVE-2021-40472			2021-10-13	2021-10-19	2.1	None	Local	Low	Not required	Partial	None	None
Microsoft Excel Information Disclosure Vulnerability
3	CVE-2021-40454	312		2021-10-13	2021-10-19	2.1	None	Local	Low	Not required	Partial	None	None
Rich Text Edit Control Information Disclosure Vulnerability
4	CVE-2021-31174	200	+Info	2021-05-11	2021-05-18	2.1	None	Local	Low	Not required	Partial	None	None
Microsoft Excel Information Disclosure Vulnerability
5	CVE-2020-17126			2020-12-10	2021-03-04	2.1	None	Local	Low	Not required	Partial	None	None
Microsoft Excel Information Disclosure Vulnerability
6	CVE-2020-17020	287	Bypass	2020-11-11	2021-07-21	2.1	None	Local	Low	Not required	Partial	None	None
Microsoft Word Security Feature Bypass Vulnerability
7	CVE-2019-1463	200	+Info	2019-12-10	2019-12-16	2.1	None	Local	Low	Not required	Partial	None	None
An information disclosure vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory, aka 'Microsoft Access Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1400.
8	CVE-2019-1402	200	+Info	2019-11-12	2019-11-14	2.1	None	Local	Low	Not required	Partial	None	None
An information disclosure vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka 'Microsoft Office Information Disclosure Vulnerability'.
9	CVE-2019-1400	200	+Info	2019-12-10	2019-12-13	2.1	None	Local	Low	Not required	Partial	None	None
An information disclosure vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory, aka 'Microsoft Access Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1463.
10	CVE-2019-1153	125		2019-08-14	2020-08-24	2.1	None	Local	Low	Not required	Partial	None	None
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1078, CVE-2019-1148.
11	CVE-2019-1148	125		2019-08-14	2020-08-24	2.1	None	Local	Low	Not required	Partial	None	None
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1078, CVE-2019-1153.
12	CVE-2018-8598			2018-12-12	2020-08-24	2.6	None	Remote	High	Not required	Partial	None	None
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8627.
13	CVE-2018-8427	200	+Info	2018-10-10	2018-11-27	2.1	None	Local	Low	Not required	Partial	None	None
An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka "Microsoft Graphics Components Information Disclosure Vulnerability." This affects Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Windows Server 2008, Microsoft PowerPoint Viewer, Microsoft Excel Viewer.
14	CVE-2018-1007			2018-04-12	2020-08-24	2.6	None	Remote	High	Not required	Partial	None	None
An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka "Microsoft Office Information Disclosure Vulnerability." This affects Microsoft Office. This CVE ID is unique from CVE-2018-0950.
15	CVE-2017-8695	200	+Info	2017-09-13	2017-09-21	2.6	None	Remote	High	Not required	Partial	None	None
Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, 1607, 1703, and Server 2016; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for Mac 2011 and 2016; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Add-in and Console allows an attacker to obtain information to further compromise a user's system via a specially crafted document or an untrusted webpage, aka "Graphics Component Information Disclosure Vulnerability."
16	CVE-2017-8676	200	+Info	2017-09-13	2017-09-21	2.1	None	Local	Low	Not required	Partial	None	None
The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, 1607, 1703, and Server 2016; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for Mac 2011 and 2016; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Add-in and Console allows an authenticated attacker to retrieve information from a targeted system via a specially crafted application, aka "Windows GDI+ Information Disclosure Vulnerability."
17	CVE-1999-1259		+Info	1999-12-31	2017-10-10	2.1	None	Local	Low	Not required	Partial	None	None
Microsoft Office 98, Macintosh Edition, does not properly initialize the disk space used by Office 98 files and effectively inserts data from previously deleted files into the Office file, which could allow attackers to obtain sensitive information.

Total number of vulnerabilities : 17 Page : 1 (This Page)