13 results (0.009 seconds)

CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0

Microsoft OneNote Spoofing Vulnerability Vulnerabilidad de suplantación de identidad en Microsoft OneNote • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36769 •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

Microsoft OneNote Spoofing Vulnerability Microsoft OneNote version 2305 Build 16.0.16501.20074 suffers from a spoofing vulnerability. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33140 •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

Microsoft OneNote Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21721 • CWE-287: Improper Authentication •

CVSS: 9.3EPSS: 9%CPEs: 17EXPL: 0

A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, CVE-2017-0260, and CVE-2017-8506. Se presenta una vulnerabilidad de ejecución de código remota en Microsoft Office cuando el software no maneja apropiadamente los objetos en la memoria, también se conoce como "Office Remote Code Execution Vulnerability". El ID de este CVE es diferente de CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, CVE-2017-0260 y CVE-2017-8506. • http://www.securityfocus.com/bid/98812 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8509 •

CVSS: 9.3EPSS: 15%CPEs: 2EXPL: 0

Microsoft OneNote 2007 SP3 and Microsoft OneNote 2010 SP2 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office DLL Loading Vulnerability." Microsoft OneNote 2007 SP3 y Microsoft OneNote 2010 SP2 permiten a los atacantes remotos ejecutar código arbitrario a través de un documento manipulado, vulnerabilidad también conocida como "Microsoft Office DLL Loading Vulnerability". • http://www.securityfocus.com/bid/97411 http://www.securitytracker.com/id/1038241 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0197 https://twitter.com/buffaloverflow/status/852937040480149505 • CWE-20: Improper Input Validation •