| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability |
| Windows Graphics Component Remote Code Execution Vulnerability |
| Microsoft Word Information Disclosure Vulnerability |
| Microsoft Word Remote Code Execution Vulnerability |
| Microsoft Outlook Information Disclosure Vulnerability |
| Microsoft Office Spoofing Vulnerability |
| Microsoft Office Elevation of Privilege Vulnerability |
| Microsoft Excel Information Disclosure Vulnerability |
| Microsoft Office Security Feature Bypass Vulnerability |
| Trend Micro OfficeScan versions 11.0 and XG (12.0) could be exploited by an attacker utilizing a directory traversal vulnerability to extract files from an arbitrary zip file to a specific folder on the OfficeScan server, which could potentially lead to remote code execution (RCE). The remote process execution is bound to a web service account, which depending on the web platform used may have restricted permissions. An attempted attack requires user authentication. |
| A remote code execution vulnerability exists in the way that the MSHTML engine inproperly validates input, aka "MSHTML Engine Remote Code Execution Vulnerability." This affects Microsoft Office, Microsoft Office Word Viewer, Internet Explorer 9, Internet Explorer 11, Microsoft Excel Viewer, Internet Explorer 10, Office 365 ProPlus. |
| A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. |
| Microsoft Publisher Security Feature Bypass Vulnerability |
| Microsoft Outlook Remote Code Execution Vulnerability |
| Microsoft Project Remote Code Execution Vulnerability |
| Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". |
| Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797 and CVE-2018-0812. |
| Microsoft Outlook Security Feature Bypass Vulnerability |
| Microsoft Outlook Elevation of Privilege Vulnerability |
| Microsoft Excel Security Feature Bypass Vulnerability |
