Microsoft Web Applications — known CVE vulnerabilities
Every CVE whose affected-product data names Microsoft Web Applications, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2015-0085 — CVSS 9.3 (critical): Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010…
CVE-2015-0086 — CVSS 9.3 (critical): Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 Gold and SP1, Word 2013 RT Gold and SP1, Word Viewer, Office…
CVE-2014-6357 — CVSS 9.3 (critical): Use-after-free vulnerability in Microsoft Office 2010 SP2, Office 2013 Gold and SP1, Office 2013 RT Gold and SP1, Office for Mac 2011, Word…
CVE-2015-0064 — CVSS 9.3 (critical): Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word Automation Services in SharePoint Server 2010, Web Applications 2010 SP2…
CVE-2014-0251 — CVSS 9.0 (critical): Microsoft Windows SharePoint Services 3.0 SP3; SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 Gold and SP1; SharePoint Foundation…
CVE-2014-1813 — CVSS 8.5 (high): Microsoft Web Applications 2010 SP1 and SP2 allows remote authenticated users to execute arbitrary code via crafted page content, aka "Web…
CVE-2017-0243 — CVSS 7.8 (high): Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office…
CVE-2018-8160 — CVSS 6.5 (medium): An information disclosure vulnerability exists in Outlook when a message is opened, aka "Microsoft Outlook Information Disclosure…