threat
engine
.sh
Back
·
··:··
Home
/
Product
/
microsoft office 365 proplus
Product
microsoft office 365 proplus
84 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2020-0991
all versions
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in me
7.8
HIGH
CVE-2020-0980
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'M
7.8
HIGH
CVE-2020-0979
all versions
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in mem
8.8
HIGH
CVE-2020-0961
all versions
A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in me
7.8
HIGH
CVE-2020-0906
all versions
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in mem
8.8
HIGH
CVE-2020-0760
all versions
A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Offic
8.8
HIGH
CVE-2020-0892
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'M
7.8
HIGH
CVE-2020-0855
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'M
7.8
HIGH
CVE-2020-0851
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'M
7.8
HIGH
CVE-2020-0850
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'M
8.8
HIGH
CVE-2020-0759
all versions
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in mem
8.8
HIGH
CVE-2020-0697
all versions
An elevation of privilege vulnerability exists in Microsoft Office OLicenseHeartbeat task, where an attacker who successfully expl
7.8
HIGH
CVE-2020-0696
all versions
A security feature bypass vulnerability exists in Microsoft Outlook software when it improperly handles the parsing of URI formats
6.5
MEDIUM
CVE-2020-0653
all versions
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in mem
7.8
HIGH
CVE-2020-0652
all versions
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in me
7.8
HIGH
CVE-2020-0651
all versions
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in mem
7.8
HIGH
CVE-2020-0650
all versions
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in mem
7.8
HIGH
CVE-2019-1464
all versions
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsof
5.5
MEDIUM
CVE-2019-1463
all versions
An information disclosure vulnerability exists in Microsoft Access software when the software fails to properly handle objects in
5.5
MEDIUM
CVE-2019-1462
all versions
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects i
7.8
HIGH
CVE-2019-1461
all versions
A denial of service vulnerability exists in Microsoft Word software when the software fails to properly handle objects in memory,
6.5
MEDIUM
CVE-2019-1400
all versions
An information disclosure vulnerability exists in Microsoft Access software when the software fails to properly handle objects in
5.5
MEDIUM
CVE-2019-1449
all versions
A security feature bypass vulnerability exists in the way that Office Click-to-Run (C2R) components handle a specially crafted fil
9.8
CRITICAL
CVE-2019-1448
all versions
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in mem
7.8
HIGH
CVE-2019-1331
all versions
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in mem
8.8
HIGH
CVE-2019-1327
all versions
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in mem
8.8
HIGH
CVE-2019-1297
all versions
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in mem
8.8
HIGH
CVE-2019-1264
all versions
A security feature bypass vulnerability exists when Microsoft Office improperly handles input, aka 'Microsoft Office Security Feat
7.8
HIGH
CVE-2019-1263
all versions
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsof
5.5
MEDIUM
CVE-2019-1246
all versions
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet D
7.8
HIGH
CVE-2019-1205
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An att
9.8
CRITICAL
CVE-2019-1204
all versions
An elevation of privilege vulnerability exists when Microsoft Outlook initiates processing of incoming messages without sufficient
4.3
MEDIUM
CVE-2019-1201
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An att
7.8
HIGH
CVE-2019-1200
all versions
A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory. An
7.8
HIGH
CVE-2019-1199
all versions
A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory. An
7.8
HIGH
CVE-2019-1155
all versions
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacke
7.8
HIGH
CVE-2019-1112
all versions
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsof
5.5
MEDIUM
CVE-2019-1111
all versions
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in mem
8.8
HIGH
CVE-2019-1110
all versions
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in mem
8.8
HIGH
CVE-2019-1084
all versions
An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable c
6.5
MEDIUM
CVE-2019-1035
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An att
7.8
HIGH
CVE-2019-1034
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An att
7.8
HIGH
CVE-2019-0953
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'M
7.8
HIGH
CVE-2019-0946
all versions
A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in me
7.8
HIGH
CVE-2019-0828
all versions
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in mem
7.8
HIGH
CVE-2019-0827
all versions
A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in me
7.8
HIGH
CVE-2019-0826
all versions
A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in me
7.8
HIGH
CVE-2019-0825
all versions
A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in me
7.8
HIGH
CVE-2019-0824
all versions
A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in me
7.8
HIGH
CVE-2019-0822
all versions
A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsof
7.8
HIGH
CVE-2019-0801
all versions
A remote code execution vulnerability exists when Microsoft Office fails to properly handle certain files.To exploit the vulnerabi
7.8
HIGH
CVE-2019-0674
all versions
A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in me
7.8
HIGH
CVE-2019-0673
all versions
A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in me
7.8
HIGH
CVE-2019-0672
all versions
A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in me
7.8
HIGH
CVE-2019-0671
all versions
A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in me
7.8
HIGH
CVE-2019-0669
all versions
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsof
6.5
MEDIUM
CVE-2019-0540
all versions
A security feature bypass vulnerability exists when Microsoft Office does not validate URLs.An attacker could send a victim a spec
5.5
MEDIUM
CVE-2019-0585
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "M
8.8
HIGH
CVE-2019-0582
all versions
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet D
7.8
HIGH
CVE-2019-0561
all versions
An information disclosure vulnerability exists when Microsoft Word macro buttons are used improperly, aka "Microsoft Word Informat
5.5
MEDIUM
CVE-2019-0560
all versions
An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka "Microso
5.5
MEDIUM
CVE-2019-0559
all versions
An information disclosure vulnerability exists when Microsoft Outlook improperly handles certain types of messages, aka "Microsoft
6.5
MEDIUM
CVE-2019-0541
all versions
A remote code execution vulnerability exists in the way that the MSHTML engine inproperly validates input, aka "MSHTML Engine Remo
8.8
HIGH
CVE-2018-8636
all versions
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in mem
7.8
HIGH
CVE-2018-8628
all versions
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects i
7.8
HIGH
CVE-2018-8627
all versions
An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized var
5.5
MEDIUM
CVE-2018-8598
all versions
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsof
4.7
MEDIUM
CVE-2018-8587
all versions
A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka
7.8
HIGH
CVE-2018-8582
all versions
A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially modified rule export files, aka "M
8.8
HIGH
CVE-2018-8579
all versions
An information disclosure vulnerability exists when attaching files to Outlook messages, aka "Microsoft Outlook Information Disclo
6.5
MEDIUM
CVE-2018-8577
all versions
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in mem
7.8
HIGH
CVE-2018-8576
all versions
A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka
7.8
HIGH
CVE-2018-8575
all versions
A remote code execution vulnerability exists in Microsoft Project software when it fails to properly handle objects in memory, aka
7.8
HIGH
CVE-2018-8574
all versions
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in mem
7.8
HIGH
CVE-2018-8573
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "M
7.8
HIGH
CVE-2018-8558
all versions
An information disclosure vulnerability exists when Microsoft Outlook fails to respect "Default link type" settings configured via
6.5
MEDIUM
CVE-2018-8546
all versions
A denial of service vulnerability exists in Skype for Business, aka "Microsoft Skype for Business Denial of Service Vulnerability.
5.9
MEDIUM
CVE-2018-8524
all versions
A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka
7.8
HIGH
CVE-2018-8522
all versions
A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka
7.8
HIGH
CVE-2018-8504
all versions
A remote code execution vulnerability exists in Microsoft Word software when the software fails to properly handle objects in Prot
8.8
HIGH
CVE-2018-8502
all versions
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in Pro
8.8
HIGH
CVE-2018-8501
all versions
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects i
8.8
HIGH
CVE-2018-8432
all versions
A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka "Microsof
7.8
HIGH
CVE-2018-8427
all versions
An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka "Micros
5.5
MEDIUM
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin