CVSS: 7.8EPSS: 5%CPEs: 7EXPL: 0CVE-2020-17067 – Microsoft Excel Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2020-17067
11 Nov 2020 — Microsoft Excel Security Feature Bypass Vulnerability Vulnerabilidad de omisión de la función de Seguridad de Microsoft Excel • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17067 •
CVSS: 7.8EPSS: 6%CPEs: 11EXPL: 0CVE-2020-17064 – Microsoft Excel Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-17064
11 Nov 2020 — Microsoft Excel Remote Code Execution Vulnerability Vulnerabilidad de Ejecución Remota de Código de Microsoft Excel Este ID de CVE es diferente de CVE-2020-17019, CVE-2020-17065, CVE-2020-17066. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17064 •
CVSS: 9.3EPSS: 5%CPEs: 8EXPL: 0CVE-2020-17065 – Microsoft Excel Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-17065
11 Nov 2020 — Microsoft Excel Remote Code Execution Vulnerability Vulnerabilidad de Ejecución Remota de Código de Microsoft Excel Este ID de CVE es diferente de CVE-2020-17019, CVE-2020-17064, CVE-2020-17066. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17065 •
CVSS: 9.3EPSS: 5%CPEs: 6EXPL: 0CVE-2020-17062 – Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-17062
11 Nov 2020 — Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability Vulnerabilidad de Ejecución Remota de Código del Motor de Conectividad de Microsoft Office Access • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17062 •
CVSS: 5.5EPSS: 1%CPEs: 7EXPL: 0CVE-2020-17020 – Microsoft Word Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2020-17020
11 Nov 2020 — Microsoft Word Security Feature Bypass Vulnerability Vulnerabilidad de Omisión de la Característica de Seguridad de Microsoft Word Security • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17020 •
CVSS: 7.8EPSS: 4%CPEs: 1EXPL: 0CVE-2020-17019 – Microsoft Excel Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-17019
11 Nov 2020 — Microsoft Excel Remote Code Execution Vulnerability Vulnerabilidad de Ejecución Remota de Código de Microsoft Excel Este ID de CVE es diferente de CVE-2020-17064, CVE-2020-17065, CVE-2020-17066 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XLS files. The issue res... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17019 • CWE-415: Double Free •
CVSS: 7.8EPSS: 6%CPEs: 6EXPL: 0CVE-2020-16954 – Microsoft Office Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-16954
16 Oct 2020 —
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accou... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16954 •
CVSS: 7.5EPSS: 1%CPEs: 26EXPL: 0CVE-2020-16949 – Microsoft Outlook Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-16949
16 Oct 2020 —
A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could cause a remote denial of service against a system.
Exploitation of the vulnerability requires that a specially crafted email be sent to a vulnerable Outlook server.
The security update addresses the vulnerability by correcting how Microsoft Outlook handles objects in memory.
Se presenta una vul... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16949 • CWE-401: Missing Release of Memory after Effective Lifetime •CVSS: 7.8EPSS: 4%CPEs: 8EXPL: 0CVE-2020-16932 – Microsoft Excel Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-16932
16 Oct 2020 —
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accoun... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16932 • CWE-908: Use of Uninitialized Resource CWE-909: Missing Initialization of Resource •
CVSS: 8.8EPSS: 2%CPEs: 28EXPL: 0CVE-2020-16933 – Microsoft Word Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2020-16933
16 Oct 2020 —
A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user.
To exploit the vulnerability, a user must open a specially crafted file with an affected version of Mi... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16933 •