# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2022-23252 |
668 |
|
|
2022-02-09 |
2022-02-15 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
Microsoft Office Information Disclosure Vulnerability. |
2 |
CVE-2021-40472 |
|
|
|
2021-10-13 |
2021-10-19 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
Microsoft Excel Information Disclosure Vulnerability |
3 |
CVE-2021-40454 |
312 |
|
|
2021-10-13 |
2021-10-19 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
Rich Text Edit Control Information Disclosure Vulnerability |
4 |
CVE-2021-31174 |
200 |
|
+Info |
2021-05-11 |
2021-05-18 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
Microsoft Excel Information Disclosure Vulnerability |
5 |
CVE-2020-17126 |
|
|
|
2020-12-10 |
2021-03-04 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
Microsoft Excel Information Disclosure Vulnerability |
6 |
CVE-2020-17020 |
287 |
|
Bypass |
2020-11-11 |
2021-07-21 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
Microsoft Word Security Feature Bypass Vulnerability |
7 |
CVE-2019-1463 |
200 |
|
+Info |
2019-12-10 |
2019-12-16 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory, aka 'Microsoft Access Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1400. |
8 |
CVE-2019-1402 |
200 |
|
+Info |
2019-11-12 |
2019-11-14 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka 'Microsoft Office Information Disclosure Vulnerability'. |
9 |
CVE-2019-1400 |
200 |
|
+Info |
2019-12-10 |
2019-12-13 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory, aka 'Microsoft Access Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1463. |
10 |
CVE-2019-1153 |
125 |
|
|
2019-08-14 |
2020-08-24 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1078, CVE-2019-1148. |
11 |
CVE-2019-1148 |
125 |
|
|
2019-08-14 |
2020-08-24 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1078, CVE-2019-1153. |
12 |
CVE-2018-8598 |
|
|
|
2018-12-12 |
2020-08-24 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8627. |
13 |
CVE-2018-8427 |
200 |
|
+Info |
2018-10-10 |
2018-11-27 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka "Microsoft Graphics Components Information Disclosure Vulnerability." This affects Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Windows Server 2008, Microsoft PowerPoint Viewer, Microsoft Excel Viewer. |
14 |
CVE-2018-1007 |
|
|
|
2018-04-12 |
2020-08-24 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka "Microsoft Office Information Disclosure Vulnerability." This affects Microsoft Office. This CVE ID is unique from CVE-2018-0950. |
15 |
CVE-2017-8695 |
200 |
|
+Info |
2017-09-13 |
2017-09-21 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, 1607, 1703, and Server 2016; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for Mac 2011 and 2016; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Add-in and Console allows an attacker to obtain information to further compromise a user's system via a specially crafted document or an untrusted webpage, aka "Graphics Component Information Disclosure Vulnerability." |
16 |
CVE-2017-8676 |
200 |
|
+Info |
2017-09-13 |
2017-09-21 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, 1607, 1703, and Server 2016; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for Mac 2011 and 2016; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Add-in and Console allows an authenticated attacker to retrieve information from a targeted system via a specially crafted application, aka "Windows GDI+ Information Disclosure Vulnerability." |
17 |
CVE-1999-1259 |
|
|
+Info |
1999-12-31 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
Microsoft Office 98, Macintosh Edition, does not properly initialize the disk space used by Office 98 files and effectively inserts data from previously deleted files into the Office file, which could allow attackers to obtain sensitive information. |