CVSS: 7.8EPSS: 2%CPEs: 4EXPL: 0CVE-2024-20677 – Microsoft Office Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-20677
09 Jan 2024 — A security vulnerability exists in FBX that could lead to remote code execution. To mitigate this vulnerability, the ability to insert FBX files has been disabled in Word, Excel, PowerPoint and Outlook for Windows and Mac. Versions of Office that had this feature enabled will no longer have access to it. This includes Office 2019, Office 2021, Office LTSC for Mac 2021, and Microsoft 365. As of February 13, 2024, the ability to insert FBX files has also been disabled in 3D Viewer. 3D models in Office documen... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20677 • CWE-122: Heap-based Buffer Overflow •
CVSS: 5.3EPSS: 6%CPEs: 1EXPL: 0CVE-2023-35619 – Microsoft Outlook for Mac Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2023-35619
12 Dec 2023 — Microsoft Outlook for Mac Spoofing Vulnerability Vulnerabilidad de suplantación de identidad en Microsoft Outlook para Mac • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35619 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 32%CPEs: 4EXPL: 1CVE-2023-35636 – Microsoft Outlook Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-35636
12 Dec 2023 — Microsoft Outlook Information Disclosure Vulnerability Vulnerabilidad de divulgación de información de Microsoft Outlook • https://github.com/duy-31/CVE-2023-35636 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-36037 – Microsoft Excel Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-36037
14 Nov 2023 — Microsoft Excel Security Feature Bypass Vulnerability Vulnerabilidad de omisión de la función de seguridad de Microsoft Excel. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36037 •
CVSS: 7.8EPSS: 1%CPEs: 7EXPL: 0CVE-2023-36045 – Microsoft Office Graphics Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-36045
14 Nov 2023 — Microsoft Office Graphics Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de gráficos de Microsoft Office. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FBX files. The issue results from the lack of proper validation of user-... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36045 • CWE-822: Untrusted Pointer Dereference •
CVSS: 7.8EPSS: 20%CPEs: 9EXPL: 1CVE-2023-36041 – Microsoft Excel Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-36041
14 Nov 2023 — Microsoft Excel Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Microsoft Excel. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36041 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-36413 – Microsoft Office Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-36413
14 Nov 2023 — Microsoft Office Security Feature Bypass Vulnerability Vulnerabilidad de omisión de la característica de seguridad de Microsoft Office. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36413 •
CVSS: 7.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-36565 – Microsoft Office Graphics Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-36565
10 Oct 2023 — Microsoft Office Graphics Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Microsoft Office Graphics • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36565 • CWE-416: Use After Free •
CVSS: 7.0EPSS: 0%CPEs: 3EXPL: 0CVE-2023-36568 – Microsoft Office Click-To-Run Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-36568
10 Oct 2023 — Microsoft Office Click-To-Run Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Microsoft Office Click-To-Run • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36568 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0CVE-2023-36569 – Microsoft Office Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-36569
10 Oct 2023 — Microsoft Office Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Microsoft Office • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36569 • CWE-269: Improper Privilege Management •