Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Outlook
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 112 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-09-12 | CVE-2023-36763 | Microsoft Outlook Information Disclosure Vulnerability | 365_apps, Office, Office_long_term_servicing_channel, Outlook | N/A | ||
| 2024-02-13 | CVE-2024-21378 | Microsoft Outlook Remote Code Execution Vulnerability | 365_apps, Office, Office_long_term_servicing_channel, Outlook | N/A | ||
| 2024-06-11 | CVE-2024-30103 | Microsoft Outlook Remote Code Execution Vulnerability | 365_apps, Office, Outlook | N/A | ||
| 2024-07-09 | CVE-2024-38020 | Microsoft Outlook Spoofing Vulnerability | 365_apps, Office, Office_long_term_servicing_channel, Outlook | N/A | ||
| 2024-10-08 | CVE-2024-43604 | Outlook for Android Elevation of Privilege Vulnerability | Outlook | 8.0 | ||
| 2024-09-10 | CVE-2024-43482 | Microsoft Outlook for iOS Information Disclosure Vulnerability | Outlook | 6.5 | ||
| 2024-08-13 | CVE-2024-38173 | Microsoft Outlook Remote Code Execution Vulnerability | 365_apps, Office, Office_long_term_servicing_channel, Outlook | 6.7 | ||
| 2018-05-16 | CVE-2017-17688 | The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code (MDC) feature or accept an obsolete packet type, not a problem in the OpenPGP specification | Mail, Airmail, Emclient, Maildroid, Mailmate, Horde_imp, Outlook, Thunderbird, Postbox, R2mail2, Webmail | 5.9 | ||
| 2017-10-13 | CVE-2017-11774 | Microsoft Outlook 2010 SP2, Outlook 2013 SP1 and RT SP1, and Outlook 2016 allow an attacker to execute arbitrary commands, due to how Microsoft Office handles objects in memory, aka "Microsoft Outlook Security Feature Bypass Vulnerability." | Outlook | 7.8 | ||
| 2019-08-14 | CVE-2019-1204 | An elevation of privilege vulnerability exists when Microsoft Outlook initiates processing of incoming messages without sufficient validation of the formatting of the messages. An attacker who successfully exploited the vulnerability could attempt to force Outlook to load a local or remote message store (over SMB). To exploit the vulnerability, the attacker could send a specially crafted email to a victim. Outlook would then attempt to open a pre-configured message store contained in the... | Office, Office_365_proplus, Outlook | 4.3 |