CVSS: 5.5EPSS: 12%CPEs: 12EXPL: 0CVE-2019-0561
https://notcve.org/view.php?id=CVE-2019-0561
08 Jan 2019 — An information disclosure vulnerability exists when Microsoft Word macro buttons are used improperly, aka "Microsoft Word Information Disclosure Vulnerability." This affects Microsoft Word, Office 365 ProPlus, Microsoft Office, Word. Existe una vulnerabilidad de divulgación de información cuando se utilizan los botones de macros de Microsoft Word de manera indebida. Esto también se conoce como "Microsoft Edge Information Disclosure Vulnerability". Esto afecta a Microsoft Word, Office 365 ProPlus, Microsoft ... • http://www.securityfocus.com/bid/106399 •
CVSS: 9.3EPSS: 37%CPEs: 16EXPL: 0CVE-2019-0585 – Microsoft Office Word wwlib Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-0585
08 Jan 2019 — A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft SharePoint, Microsoft Office Online Server, Microsoft Word, Microsoft SharePoint Server. Existe una vulnerabilidad de ejecución remota de código en el software de Microsoft Word cuando no gestiona correctamente objetos en la memoria.... • http://www.securityfocus.com/bid/106392 •
CVSS: 5.5EPSS: 23%CPEs: 15EXPL: 0CVE-2018-8378
https://notcve.org/view.php?id=CVE-2018-8378
15 Aug 2018 — An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Office Information Disclosure Vulnerability." This affects Word, Microsoft SharePoint Server, Microsoft Office Word Viewer, Microsoft Excel Viewer, Microsoft SharePoint, Microsoft Office. Existe una vulnerabilidad de divulgación de información cuando el software de Microsoft Office lee memoria fuera de límites de... • http://www.securityfocus.com/bid/104996 • CWE-125: Out-of-bounds Read CWE-908: Use of Uninitialized Resource •
CVSS: 9.3EPSS: 19%CPEs: 10EXPL: 0CVE-2018-1028
https://notcve.org/view.php?id=CVE-2018-1028
12 Apr 2018 — A remote code execution vulnerability exists when the Office graphics component improperly handles specially crafted embedded fonts, aka "Microsoft Office Graphics Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft SharePoint, Excel, Microsoft SharePoint Server. Existe una vulnerabilidad de ejecución remota de código cuando el componente de gráficos de Office gestiona fuentes embebidas especialmente manipuladas. Esto también se conoce como "Microsoft Office Graphics Remote ... • http://www.securityfocus.com/bid/103641 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 7%CPEs: 12EXPL: 0CVE-2017-8512
https://notcve.org/view.php?id=CVE-2017-8512
15 Jun 2017 — A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8511, CVE-2017-0260, and CVE-2017-8506. Se presenta una vulnerabilidad de ejecución de código remota en Microsoft Office cuando el programa no puede manejar apropiadamente los objetos en la memoria, también se conoce como "Office Remote Code Execution Vulnerability". E... • http://www.securityfocus.com/bid/98816 •
CVSS: 5.5EPSS: 36%CPEs: 7EXPL: 0CVE-2017-0105
https://notcve.org/view.php?id=CVE-2017-0105
17 Mar 2017 — Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from out-of-bound memory via a crafted Office document, aka "Microsoft Office Information Disclosure Vulnerability." Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services en SharePoint Se... • http://www.securityfocus.com/bid/96746 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.1EPSS: 9%CPEs: 8EXPL: 0CVE-2016-7290
https://notcve.org/view.php?id=CVE-2016-7290
20 Dec 2016 — Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word for Mac 2011, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka "Microsoft Office Information Disclosure Vulnerability," a different vulnerability than CVE-2016-7291. Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office ... • http://www.securityfocus.com/bid/94670 • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 9%CPEs: 8EXPL: 0CVE-2016-7291
https://notcve.org/view.php?id=CVE-2016-7291
20 Dec 2016 — Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word for Mac 2011, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka "Microsoft Office Information Disclosure Vulnerability," a different vulnerability than CVE-2016-7290. Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office ... • http://www.securityfocus.com/bid/94671 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 13%CPEs: 10EXPL: 0CVE-2016-7233
https://notcve.org/view.php?id=CVE-2016-7233
10 Nov 2016 — Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Excel for Mac 2011, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2013 SP1, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted Office document, aka "Microsoft Office Information Disclosure Vulnerability." Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word para Mac 2011, E... • http://www.securityfocus.com/bid/94031 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 66%CPEs: 9EXPL: 2CVE-2015-0064 – Microsoft Office 2007 - Malformed Document Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2015-0064
11 Feb 2015 — Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word Automation Services in SharePoint Server 2010, Web Applications 2010 SP2, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Office Remote Code Execution Vulnerability." Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word Automation Services en SharePoint Server 2010, Web Applications 2010 SP2, Word Viewer, y... • https://packetstorm.news/files/id/133311 • CWE-399: Resource Management Errors •