365 Security Vulnerabilities
7.8CVSS
7.8AI Score
0.013EPSS
7.8CVSS
7.7AI Score
0.013EPSS
6.5CVSS
6AI Score
0.014EPSS
7.8CVSS
7.7AI Score
0.013EPSS
7.8CVSS
7.7AI Score
0.016EPSS
7.8CVSS
7.7AI Score
0.016EPSS
6.1CVSS
5.9AI Score
0.001EPSS
7.8CVSS
7.7AI Score
0.011EPSS
7.8CVSS
7.7AI Score
0.011EPSS
7.8CVSS
7.7AI Score
0.011EPSS
7.8CVSS
7.7AI Score
0.009EPSS
7.8CVSS
7.7AI Score
0.013EPSS
Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution...
8.8CVSS
8.8AI Score
0.013EPSS
8.7CVSS
8.3AI Score
0.001EPSS
Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution...
8.8CVSS
8.8AI Score
0.013EPSS
6.5CVSS
6.7AI Score
0.001EPSS
7.8CVSS
7.7AI Score
0.01EPSS
7.8CVSS
7.7AI Score
0.013EPSS
5.5CVSS
5.9AI Score
0.0004EPSS
7.8CVSS
7.7AI Score
0.013EPSS
7.8CVSS
7.7AI Score
0.01EPSS
7.8CVSS
7.7AI Score
0.01EPSS
6.5CVSS
6.2AI Score
0.801EPSS
There is a local denial of service vulnerability in Wise Care 365 5.5.4, attackers can cause computer crash...
5.5CVSS
5.4AI Score
0.0004EPSS
7.8CVSS
7.7AI Score
0.011EPSS
7.8CVSS
7.4AI Score
0.001EPSS
7.8CVSS
7.7AI Score
0.011EPSS
6.8CVSS
7AI Score
0.002EPSS
7.8CVSS
7.7AI Score
0.011EPSS
5.4CVSS
5.2AI Score
0.001EPSS
3.3CVSS
4AI Score
0.001EPSS
5.4CVSS
5.2AI Score
0.001EPSS
5.4CVSS
5.2AI Score
0.001EPSS
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics.....
5.4CVSS
5.2AI Score
0.001EPSS
An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. An attacker who successfully exploited the vulnerability could elevate privileges. To exploit this vulnerability, an attacker would need to convince a user to open a...
7.8CVSS
7.6AI Score
0.002EPSS
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics.....
5.4CVSS
5.2AI Score
0.001EPSS
A remote code execution vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the targeted user. If the targeted user is logged on with...
7.5CVSS
8.1AI Score
0.19EPSS
A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by...
7.8CVSS
7.9AI Score
0.015EPSS
A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could cause a remote denial of service against a system. Exploitation of the vulnerability requires that a...
4.7CVSS
5.2AI Score
0.003EPSS
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...
7.8CVSS
7.8AI Score
0.015EPSS
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...
7.8CVSS
7.8AI Score
0.014EPSS
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...
7.8CVSS
7.8AI Score
0.015EPSS
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...
7.8CVSS
7.8AI Score
0.015EPSS
A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file...
7CVSS
6.7AI Score
0.001EPSS
An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. An attacker who successfully exploited the vulnerability could elevate privileges. To exploit this vulnerability, an attacker would need to convince a user to open a...
7.8CVSS
7.6AI Score
0.002EPSS
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...
7.8CVSS
7.8AI Score
0.018EPSS
An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. An attacker who successfully exploited the vulnerability could elevate privileges. To exploit this vulnerability, an attacker would need to convince a user to open a...
7CVSS
7.1AI Score
0.002EPSS
An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Commerce. An unauthenticated attacker who successfully exploited this vulnerability could update data without proper authorization. To exploit the vulnerability, an attacker would need to send a specially crafted request to...
6.5CVSS
6.3AI Score
0.001EPSS
A remote code execution vulnerability exists when the Base3D rendering engine improperly handles memory. An attacker who successfully exploited the vulnerability would gain execution on a victim system. The security update addresses the vulnerability by correcting how the Base3D rendering engine...
7.8CVSS
8AI Score
0.011EPSS
The wpo365-login plugin before v11.7 for WordPress allows use of a symmetric algorithm to decrypt a JWT token. This leads to authentication...
7.5CVSS
7.6AI Score
0.001EPSS