CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Microsoft » Office 365 Proplus » * * * : Security Vulnerabilities

Cpe Name:cpe:2.3:a:microsoft:office_365_proplus:-:*:*:*:*:*:*:*
CVSS Scores Greater Than: 0   1   2   3   4   5   6   7   8   9  
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2020-0991 119 Exec Code Overflow 2020-04-15 2021-07-21
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0760.
2 CVE-2020-0980 119 Exec Code Overflow 2020-04-15 2021-07-21
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'.
3 CVE-2020-0979 119 Exec Code Overflow 2020-04-15 2021-07-21
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0906.
4 CVE-2020-0961 119 Exec Code Overflow 2020-04-15 2021-07-21
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'.
5 CVE-2020-0906 119 Exec Code Overflow 2020-04-15 2021-07-21
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0979.
6 CVE-2020-0892 119 Exec Code Overflow 2020-03-12 2021-07-21
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0850, CVE-2020-0851, CVE-2020-0852, CVE-2020-0855.
7 CVE-2020-0855 119 Exec Code Overflow 2020-03-12 2021-07-21
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0850, CVE-2020-0851, CVE-2020-0852, CVE-2020-0892.
8 CVE-2020-0851 119 Exec Code Overflow 2020-03-12 2021-07-21
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0850, CVE-2020-0852, CVE-2020-0855, CVE-2020-0892.
9 CVE-2020-0850 119 Exec Code Overflow 2020-03-12 2021-07-21
6.8
 None Remote Medium Not required Partial Partial Partial
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0851, CVE-2020-0852, CVE-2020-0855, CVE-2020-0892.
10 CVE-2020-0760 20 Exec Code 2020-04-15 2021-07-21
6.8
 None Remote Medium Not required Partial Partial Partial
A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991.
11 CVE-2020-0759 119 Exec Code Overflow 2020-02-11 2021-07-21
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.
12 CVE-2020-0697 269 2020-02-11 2021-07-21
7.2
 None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in Microsoft Office OLicenseHeartbeat task, where an attacker who successfully exploited this vulnerability could run this task as SYSTEM.To exploit the vulnerability, an authenticated attacker would need to place a specially crafted file in a specific location, thereby allowing arbitrary file corruption.The security update addresses the vulnerability by correcting how the process validates the log file., aka 'Microsoft Office Tampering Vulnerability'.
13 CVE-2020-0696 Bypass 2020-02-11 2020-02-13
4.3
 None Remote Medium Not required None Partial None
A security feature bypass vulnerability exists in Microsoft Outlook software when it improperly handles the parsing of URI formats, aka 'Microsoft Outlook Security Feature Bypass Vulnerability'.
14 CVE-2020-0653 119 Exec Code Overflow 2020-01-14 2021-07-21
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0650, CVE-2020-0651.
15 CVE-2020-0652 119 Exec Code Overflow Mem. Corr. 2020-01-14 2021-07-21
6.8
 None Remote Medium Not required Partial Partial Partial
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka 'Microsoft Office Memory Corruption Vulnerability'.
16 CVE-2020-0651 119 Exec Code Overflow 2020-01-14 2021-07-21
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0650, CVE-2020-0653.
17 CVE-2020-0650 119 Exec Code Overflow 2020-01-14 2021-07-21
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0651, CVE-2020-0653.
18 CVE-2019-1464 200 +Info 2019-12-10 2019-12-11
4.3
 None Remote Medium Not required Partial None None
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.
19 CVE-2019-1463 200 +Info 2019-12-10 2019-12-16
2.1
 None Local Low Not required Partial None None
An information disclosure vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory, aka 'Microsoft Access Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1400.
20 CVE-2019-1462 908 Exec Code 2019-12-10 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka 'Microsoft PowerPoint Remote Code Execution Vulnerability'.
21 CVE-2019-1461 DoS 2019-12-10 2020-08-24
7.1
 None Remote Medium Not required None None Complete
A denial of service vulnerability exists in Microsoft Word software when the software fails to properly handle objects in memory, aka 'Microsoft Word Denial of Service Vulnerability'.
22 CVE-2019-1449 Bypass 2019-11-12 2020-08-24
10.0
 None Remote Low Not required Complete Complete Complete
A security feature bypass vulnerability exists in the way that Office Click-to-Run (C2R) components handle a specially crafted file, which could lead to a standard user, any AppContainer sandbox, and Office LPAC Protected View to escalate privileges to SYSTEM.To exploit this bug, an attacker would have to run a specially crafted file, aka 'Microsoft Office ClickToRun Security Feature Bypass Vulnerability'.
23 CVE-2019-1448 Exec Code 2019-11-12 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.
24 CVE-2019-1400 200 +Info 2019-12-10 2019-12-13
2.1
 None Local Low Not required Partial None None
An information disclosure vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory, aka 'Microsoft Access Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1463.
25 CVE-2019-1331 Exec Code 2019-10-10 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1327.
26 CVE-2019-1297 Exec Code 2019-09-11 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.
27 CVE-2019-1264 20 Bypass 2019-09-11 2019-09-12
6.8
 None Remote Medium Not required Partial Partial Partial
A security feature bypass vulnerability exists when Microsoft Office improperly handles input, aka 'Microsoft Office Security Feature Bypass Vulnerability'.
28 CVE-2019-1263 200 +Info 2019-09-11 2020-05-11
4.3
 None Remote Medium Not required Partial None None
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.
29 CVE-2019-1246 Exec Code 2019-09-11 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1240, CVE-2019-1241, CVE-2019-1242, CVE-2019-1243, CVE-2019-1247, CVE-2019-1248, CVE-2019-1249, CVE-2019-1250.
30 CVE-2019-1205 Exec Code 2019-08-14 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1201.
31 CVE-2019-1204 20 2019-08-14 2020-08-24
4.3
 None Remote Medium Not required Partial None None
An elevation of privilege vulnerability exists when Microsoft Outlook initiates processing of incoming messages without sufficient validation of the formatting of the messages, aka 'Microsoft Outlook Elevation of Privilege Vulnerability'.
32 CVE-2019-1201 Exec Code 2019-08-14 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1205.
33 CVE-2019-1200 Exec Code 2019-08-14 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka 'Microsoft Outlook Remote Code Execution Vulnerability'.
34 CVE-2019-1199 787 Exec Code Mem. Corr. 2019-08-14 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory, aka 'Microsoft Outlook Memory Corruption Vulnerability'.
35 CVE-2019-1155 Exec Code 2019-08-14 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1146, CVE-2019-1147, CVE-2019-1156, CVE-2019-1157.
36 CVE-2019-1112 200 +Info 2019-07-15 2019-07-17
4.3
 None Remote Medium Not required Partial None None
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.
37 CVE-2019-1111 Exec Code 2019-07-15 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1110.
38 CVE-2019-1110 Exec Code 2019-07-15 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1111.
39 CVE-2019-1084 200 +Info 2019-07-15 2020-05-04
4.0
 None Remote Low ??? Partial None None
An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. An authenticated attacker could exploit this vulnerability by creating entities with invalid display names, which, when added to conversations, remain invisible. This security update addresses the issue by validating display names upon creation in Microsoft Exchange, and by rendering invalid display names correctly in Microsoft Outlook clients., aka 'Microsoft Exchange Information Disclosure Vulnerability'.
40 CVE-2019-1035 Exec Code 2019-06-12 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1034.
41 CVE-2019-1034 Exec Code 2019-06-12 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1035.
42 CVE-2019-0953 Exec Code 2019-05-16 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'.
43 CVE-2019-0828 Exec Code 2019-04-09 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.
44 CVE-2019-0674 Exec Code 2019-03-05 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0671, CVE-2019-0672, CVE-2019-0673, CVE-2019-0675.
45 CVE-2019-0673 Exec Code 2019-03-05 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0671, CVE-2019-0672, CVE-2019-0674, CVE-2019-0675.
46 CVE-2019-0672 Exec Code 2019-03-05 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0671, CVE-2019-0673, CVE-2019-0674, CVE-2019-0675.
47 CVE-2019-0671 Exec Code 2019-03-05 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0672, CVE-2019-0673, CVE-2019-0674, CVE-2019-0675.
48 CVE-2019-0669 2019-03-05 2020-08-24
4.3
 None Remote Medium Not required Partial None None
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.
49 CVE-2019-0585 Exec Code 2019-01-08 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft SharePoint, Microsoft Office Online Server, Microsoft Word, Microsoft SharePoint Server.
50 CVE-2019-0561 2019-01-08 2020-08-24
4.3
 None Remote Medium Not required Partial None None
An information disclosure vulnerability exists when Microsoft Word macro buttons are used improperly, aka "Microsoft Word Information Disclosure Vulnerability." This affects Microsoft Word, Office 365 ProPlus, Microsoft Office, Word.
Total number of vulnerabilities : 75   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.