CVSS: 9.3EPSS: 26%CPEs: 11EXPL: 0CVE-2018-0807
https://notcve.org/view.php?id=CVE-2018-0807
10 Jan 2018 — Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0804, CVE-2018-0805, and CVE-2018-0806. Equation Editor en Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013 y Microsoft Office 2016 permite una vulnera... • http://www.securityfocus.com/bid/102461 •
CVSS: 9.3EPSS: 24%CPEs: 16EXPL: 0CVE-2018-0797
https://notcve.org/view.php?id=CVE-2018-0797
10 Jan 2018 — Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way RTF content is handled, aka "Microsoft Word Memory Corruption Vulnerability". Microsoft Office 2010, Microsoft Office 2013 y Microsoft Office 2016 permiten una vulnerabilidad de ejecución remota de código debido a la forma en la que se gestiona el contenido RTF. Esto también se conoce como "Microsoft Word Memory Corruption Vulnerability". • http://www.securityfocus.com/bid/102406 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 20%CPEs: 11EXPL: 0CVE-2018-0812
https://notcve.org/view.php?id=CVE-2018-0812
10 Jan 2018 — Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Memory Corruption Vulnerability". Equation Editor en Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013 y Microsoft Office 2016 permite una vulnerabilidad de ejecución remota de código debido a la forma en la que se gestiona... • http://www.securityfocus.com/bid/102463 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 90%CPEs: 13EXPL: 1CVE-2017-11826 – Microsoft Office Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-11826
13 Oct 2017 — Microsoft Office 2010, SharePoint Enterprise Server 2010, SharePoint Server 2010, Web Applications, Office Web Apps Server 2010 and 2013, Word Viewer, Word 2007, 2010, 2013 and 2016, Word Automation Services, and Office Online Server allow remote code execution when the software fails to properly handle objects in memory. Microsoft Office 2010, SharePoint Enterprise Server 2010, SharePoint Server 2010, Web Applications, Office Web Apps Server 2010 y 2013, Word Viewer, Word 2007, 2010, 2013 y 2016, Word Auto... • https://github.com/thatskriptkid/CVE-2017-11826 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.3EPSS: 20%CPEs: 21EXPL: 0CVE-2017-8695 – Microsoft Security Bulletin CVE Update for October, 2017
https://notcve.org/view.php?id=CVE-2017-8695
13 Sep 2017 — Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, 1607, 1703, and Server 2016; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for Mac 2011 and 2016; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Add-in and Console allows an attacker to obtain information to further compromise a user's system via a specially crafted document or an untrusted... • http://www.securityfocus.com/bid/100773 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.3EPSS: 2%CPEs: 22EXPL: 0CVE-2017-8676 – Microsoft Windows Bitmap Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2017-8676
12 Sep 2017 — The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, 1607, 1703, and Server 2016; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for Mac 2011 and 2016; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Add-in and Console allows an authenticated attacker to retrieve information from a targeted system via a specially craft... • http://www.securityfocus.com/bid/100755 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 7%CPEs: 17EXPL: 0CVE-2017-8509
https://notcve.org/view.php?id=CVE-2017-8509
15 Jun 2017 — A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, CVE-2017-0260, and CVE-2017-8506. Se presenta una vulnerabilidad de ejecución de código remota en Microsoft Office cuando el software no maneja apropiadamente los objetos en la memoria, también se conoce como "Office Remote Code Execution Vulnerability". El ID de... • http://www.securityfocus.com/bid/98812 •
CVSS: 9.3EPSS: 28%CPEs: 14EXPL: 0CVE-2017-0254
https://notcve.org/view.php?id=CVE-2017-0254
12 May 2017 — Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Office for Mac 2011, Office for Mac 2016, Microsoft Office Web Apps 2010 SP2, Office Web Apps Server 2013 SP1, Word 2013 RT SP1, Word 2013 SP1, Word Automation Services on Microsoft SharePoint Server 2013 SP1, Office Word Viewer, SharePoint Enterprise Server 2016, and Word 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vul... • http://www.securityfocus.com/bid/98101 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 22%CPEs: 4EXPL: 0CVE-2017-0029
https://notcve.org/view.php?id=CVE-2017-0029
17 Mar 2017 — Microsoft Office 2010 SP2, Word 2010 SP2, Word 2013 RT SP1, and Word 2016 allow remote attackers to cause a denial of service (application hang) via a crafted Office document, aka "Microsoft Office Denial of Service Vulnerability." Microsoft Office 2010 SP2, Word 2010 SP2, Word 2013 RT SP1 y Word 2016 permiten a atacantes remotos provocar una denegación de servicio (cuelgue de aplicación) a través de un documento Office manipulado, vulnerabilidad también conocida como "Microsoft Office Denial of Service Vul... • http://www.securityfocus.com/bid/96045 •
CVSS: 9.3EPSS: 23%CPEs: 8EXPL: 0CVE-2017-0053
https://notcve.org/view.php?id=CVE-2017-0053
17 Mar 2017 — Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Word 2007 SP3, Word 2010 SP2, Word 2013 SP1, Word 2013 R2 SP1, Word 2016, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0006, CVE-2017-0019, CVE-2017-0020, CVE-2017-0030, CVE-2017-0031, and CVE-2017-0052. Microsoft Office 2010 SP2, Office Co... • http://www.securityfocus.com/bid/96745 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •