CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Microsoft » Office » 2019 * * * : Security Vulnerabilities

Cpe Name:cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
CVSS Scores Greater Than: 0   1   2   3   4   5   6   7   8   9  
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2022-24511 2022-03-09 2022-03-16
1.9
 None Local Medium Not required Partial None None
Microsoft Office Word Tampering Vulnerability.
2 CVE-2022-24510 Exec Code 2022-03-09 2022-03-16
6.8
 None Remote Medium Not required Partial Partial Partial
Microsoft Office Visio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24461, CVE-2022-24509.
3 CVE-2022-24509 Exec Code 2022-03-09 2022-03-16
6.8
 None Remote Medium Not required Partial Partial Partial
Microsoft Office Visio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24461, CVE-2022-24510.
4 CVE-2022-24461 Exec Code 2022-03-09 2022-03-14
6.8
 None Remote Medium Not required Partial Partial Partial
Microsoft Office Visio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24509, CVE-2022-24510.
5 CVE-2022-21988 Exec Code 2022-02-09 2022-03-01
6.8
 None Remote Medium Not required Partial Partial Partial
Microsoft Office Visio Remote Code Execution Vulnerability.
6 CVE-2021-41368 Exec Code 2021-11-10 2021-11-12
6.8
 None Remote Medium Not required Partial Partial Partial
Microsoft Access Remote Code Execution Vulnerability
7 CVE-2021-40486 Exec Code 2021-10-13 2021-10-19
6.8
 None Remote Medium Not required Partial Partial Partial
Microsoft Word Remote Code Execution Vulnerability
8 CVE-2021-40485 Exec Code 2021-10-13 2021-10-19
6.8
 None Remote Medium Not required Partial Partial Partial
Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-40471, CVE-2021-40473, CVE-2021-40474, CVE-2021-40479.
9 CVE-2021-40481 Exec Code 2021-10-13 2021-10-19
6.8
 None Remote Medium Not required Partial Partial Partial
Microsoft Office Visio Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-40480.
10 CVE-2021-40480 Exec Code 2021-10-13 2021-10-19
6.8
 None Remote Medium Not required Partial Partial Partial
Microsoft Office Visio Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-40481.
11 CVE-2021-40479 Exec Code 2021-10-13 2021-10-19
6.8
 None Remote Medium Not required Partial Partial Partial
Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-40471, CVE-2021-40473, CVE-2021-40474, CVE-2021-40485.
12 CVE-2021-40474 Exec Code 2021-10-13 2021-10-19
6.8
 None Remote Medium Not required Partial Partial Partial
Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-40471, CVE-2021-40473, CVE-2021-40479, CVE-2021-40485.
13 CVE-2021-40473 Exec Code 2021-10-13 2021-10-19
6.8
 None Remote Medium Not required Partial Partial Partial
Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-40471, CVE-2021-40474, CVE-2021-40479, CVE-2021-40485.
14 CVE-2021-40472 2021-10-13 2021-10-19
2.1
 None Local Low Not required Partial None None
Microsoft Excel Information Disclosure Vulnerability
15 CVE-2021-40471 Exec Code 2021-10-13 2021-10-19
6.8
 None Remote Medium Not required Partial Partial Partial
Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-40473, CVE-2021-40474, CVE-2021-40479, CVE-2021-40485.
16 CVE-2021-38658 843 Exec Code 2021-09-15 2021-09-24
6.8
 None Remote Medium Not required Partial Partial Partial
Microsoft Office Graphics Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-38660.
17 CVE-2021-38655 416 Exec Code 2021-09-15 2021-09-24
6.8
 None Remote Medium Not required Partial Partial Partial
Microsoft Excel Remote Code Execution Vulnerability
18 CVE-2021-38654 129 Exec Code 2021-09-15 2021-09-24
6.8
 None Remote Medium Not required Partial Partial Partial
Microsoft Office Visio Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-38653.
19 CVE-2021-38653 787 Exec Code 2021-09-15 2021-09-24
6.8
 None Remote Medium Not required Partial Partial Partial
Microsoft Office Visio Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-38654.
20 CVE-2021-38650 2021-09-15 2021-09-27
4.3
 None Remote Medium Not required None Partial None
Microsoft Office Spoofing Vulnerability
21 CVE-2021-38646 119 Exec Code Overflow 2021-09-15 2022-07-12
6.8
 None Remote Medium Not required Partial Partial Partial
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
22 CVE-2021-34478 Exec Code 2021-08-12 2021-09-21
6.8
 None Remote Medium Not required Partial Partial Partial
Microsoft Office Remote Code Execution Vulnerability
23 CVE-2021-34469 Bypass 2021-07-14 2022-07-12
5.8
 None Remote Medium Not required Partial Partial None
Microsoft Office Security Feature Bypass Vulnerability
24 CVE-2021-31949 Exec Code 2021-06-08 2021-06-15
6.8
 None Remote Medium Not required Partial Partial Partial
Microsoft Outlook Remote Code Execution Vulnerability
25 CVE-2021-31939 Exec Code 2021-06-08 2021-06-14
6.8
 None Remote Medium Not required Partial Partial Partial
Microsoft Excel Remote Code Execution Vulnerability
26 CVE-2021-28455 77 Exec Code 2021-05-11 2021-05-18
6.5
 None Remote Low ??? Partial Partial Partial
Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability
27 CVE-2020-1594 119 Exec Code Overflow 2020-09-11 2021-07-21
6.8
 None Remote Medium Not required Partial Partial Partial
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1193, CVE-2020-1332, CVE-2020-1335.
28 CVE-2020-1448 119 Exec Code Overflow 2020-07-14 2021-07-21
6.8
 None Remote Medium Not required Partial Partial Partial
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1446, CVE-2020-1447.
29 CVE-2020-1447 119 Exec Code Overflow 2020-07-14 2021-07-21
6.8
 None Remote Medium Not required Partial Partial Partial
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1446, CVE-2020-1448.
30 CVE-2020-1446 119 Exec Code Overflow 2020-07-14 2021-07-21
6.8
 None Remote Medium Not required Partial Partial Partial
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1447, CVE-2020-1448.
31 CVE-2020-1335 119 Exec Code Overflow 2020-09-11 2021-07-21
6.8
 None Remote Medium Not required Partial Partial Partial
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1193, CVE-2020-1332, CVE-2020-1594.
32 CVE-2020-1332 119 Exec Code Overflow 2020-09-11 2021-07-21
6.8
 None Remote Medium Not required Partial Partial Partial
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1193, CVE-2020-1335, CVE-2020-1594.
33 CVE-2020-1322 200 +Info 2020-06-09 2021-07-21
4.3
 None Remote Medium Not required Partial None None
An information disclosure vulnerability exists when Microsoft Project reads out of bound memory due to an uninitialized variable, aka 'Microsoft Project Information Disclosure Vulnerability'.
34 CVE-2020-1321 119 Exec Code Overflow 2020-06-09 2021-07-21
6.8
 None Remote Medium Not required Partial Partial Partial
A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory, aka 'Microsoft Office Remote Code Execution Vulnerability'.
35 CVE-2020-1193 119 Exec Code Overflow 2020-09-11 2021-07-21
6.8
 None Remote Medium Not required Partial Partial Partial
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1332, CVE-2020-1335, CVE-2020-1594.
36 CVE-2020-0991 119 Exec Code Overflow 2020-04-15 2021-07-21
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0760.
37 CVE-2020-0961 119 Exec Code Overflow 2020-04-15 2021-07-21
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'.
38 CVE-2020-0892 119 Exec Code Overflow 2020-03-12 2021-07-21
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0850, CVE-2020-0851, CVE-2020-0852, CVE-2020-0855.
39 CVE-2020-0852 119 Exec Code Overflow 2020-03-12 2021-07-21
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0850, CVE-2020-0851, CVE-2020-0855, CVE-2020-0892.
40 CVE-2020-0850 119 Exec Code Overflow 2020-03-12 2021-07-21
6.8
 None Remote Medium Not required Partial Partial Partial
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0851, CVE-2020-0852, CVE-2020-0855, CVE-2020-0892.
41 CVE-2019-1449 Bypass 2019-11-12 2020-08-24
10.0
 None Remote Low Not required Complete Complete Complete
A security feature bypass vulnerability exists in the way that Office Click-to-Run (C2R) components handle a specially crafted file, which could lead to a standard user, any AppContainer sandbox, and Office LPAC Protected View to escalate privileges to SYSTEM.To exploit this bug, an attacker would have to run a specially crafted file, aka 'Microsoft Office ClickToRun Security Feature Bypass Vulnerability'.
42 CVE-2019-1446 200 +Info 2019-11-12 2019-11-13
4.3
 None Remote Medium Not required Partial None None
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.
43 CVE-2019-1402 200 +Info 2019-11-12 2019-11-14
2.1
 None Local Low Not required Partial None None
An information disclosure vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka 'Microsoft Office Information Disclosure Vulnerability'.
44 CVE-2019-1331 Exec Code 2019-10-10 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1327.
45 CVE-2019-1297 Exec Code 2019-09-11 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.
46 CVE-2019-1264 20 Bypass 2019-09-11 2019-09-12
6.8
 None Remote Medium Not required Partial Partial Partial
A security feature bypass vulnerability exists when Microsoft Office improperly handles input, aka 'Microsoft Office Security Feature Bypass Vulnerability'.
47 CVE-2019-1246 Exec Code 2019-09-11 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1240, CVE-2019-1241, CVE-2019-1242, CVE-2019-1243, CVE-2019-1247, CVE-2019-1248, CVE-2019-1249, CVE-2019-1250.
48 CVE-2019-1205 Exec Code 2019-08-14 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1201.
49 CVE-2019-1204 20 2019-08-14 2020-08-24
4.3
 None Remote Medium Not required Partial None None
An elevation of privilege vulnerability exists when Microsoft Outlook initiates processing of incoming messages without sufficient validation of the formatting of the messages, aka 'Microsoft Outlook Elevation of Privilege Vulnerability'.
50 CVE-2019-1201 Exec Code 2019-08-14 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1205.
Total number of vulnerabilities : 98   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.