240 results (0.012 seconds)

CVSS: 7.0EPSS: 0%CPEs: 4EXPL: 0

Microsoft Office Graphics Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Microsoft Office Graphics • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36565 • CWE-416: Use After Free •

CVSS: 5.5EPSS: 0%CPEs: 44EXPL: 0

Rich Text Edit Control Information Disclosure Vulnerability Una vulnerabilidad de Divulgación de Información en Rich Text Edit Control • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40454 • CWE-312: Cleartext Storage of Sensitive Information •

CVSS: 8.8EPSS: 1%CPEs: 23EXPL: 0

Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota de Microsoft Jet Red Database Engine y Access Connectivity Engine • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28455 •

CVSS: 7.5EPSS: 0%CPEs: 26EXPL: 0

<p>A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could cause a remote denial of service against a system.</p> <p>Exploitation of the vulnerability requires that a specially crafted email be sent to a vulnerable Outlook server.</p> <p>The security update addresses the vulnerability by correcting how Microsoft Outlook handles objects in memory.</p> Se presenta una vulnerabilidad de denegación de servicio en el software Microsoft Outlook cuando el software presenta un fallo al manejar apropiadamente objetos en memoria, también se conoce como "Microsoft Outlook Denial of Service Vulnerability" • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16949 • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 8.8EPSS: 0%CPEs: 28EXPL: 0

<p>A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user.</p> <p>To exploit the vulnerability, a user must open a specially crafted file with an affected version of Microsoft Word software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16933 •