Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
outlook vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2018-12381
Manually dragging and dropping an Outlook email message into the browser will trigger a page navigation when the message's mail columns are incorrectly interpreted as a URL. *Note: this issue only affects Windows operating systems with Outlook installed. Other operating syst...
Mozilla Firefox Esr
Mozilla Firefox
516
VMScore
CVE-2018-8448
An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.
Microsoft Exchange Server 2013
Microsoft Exchange Server 2016
445
VMScore
CVE-2018-16793
Rollup 18 for Microsoft Exchange Server 2010 SP3 and previous versions has an SSRF vulnerability via the username parameter in /owa/auth/logon.aspx in the OWA (Outlook Web Access) login page.
Microsoft Exchange Server 2010
445
VMScore
CVE-2018-8310
A tampering vulnerability exists when Microsoft Outlook does not properly handle specific attachment types when rendering HTML emails, aka "Microsoft Office Tampering Vulnerability." This affects Microsoft Word, Microsoft Office.
Microsoft Office 2010
Microsoft Office 2016
Microsoft Word 2013
Microsoft Word 2016
Microsoft Word 2010
1 Article
383
VMScore
CVE-2018-8244
An elevation of privilege vulnerability exists when Microsoft Outlook does not validate attachment headers properly, aka "Microsoft Outlook Elevation of Privilege Vulnerability." This affects Microsoft Office, Microsoft Outlook.
Microsoft Outlook Rt 2013
Microsoft Outlook 2016
Microsoft Office 2016
Microsoft Outlook 2010
Microsoft Outlook 2013
1 Article
383
VMScore
CVE-2017-17688
The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code (MDC) feature o...
Microsoft Outlook 2007
Horde Horde Imp -
Flipdogsolutions Maildroid -
R2mail2 R2mail2 -
Apple Mail -
Bloop Airmail -
Freron Mailmate -
Mozilla Thunderbird -
Emclient Emclient -
Postbox-inc Postbox -
Roundcube Webmail -
1 Github repository
1 Article
383
VMScore
CVE-2017-17689
The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.
Gnome Evolution -
Mozilla Thunderbird -
Ibm Notes -
Emclient Emclient -
Horde Horde Imp -
9folders Nine -
Freron Mailmate -
Kde Kmail -
Ritlabs The Bat -
Microsoft Outlook 2013
Flipdogsolutions Maildroid -
R2mail2 R2mail2 -
Apple Mail -
Bloop Airmail -
Microsoft Outlook 2010
Microsoft Outlook 2007
Google Gmail -
Kde Trojita -
Postbox-inc Postbox -
Microsoft Outlook 2016
1 Github repository
1 Article
516
VMScore
CVE-2018-8153
A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests, aka "Microsoft Exchange Spoofing Vulnerability." This affects Microsoft Exchange Server.
Microsoft Exchange Server 2016
1 Article
383
VMScore
CVE-2018-8160
An information disclosure vulnerability exists in Outlook when a message is opened, aka "Microsoft Outlook Information Disclosure Vulnerability." This affects Word, Microsoft Office.
Microsoft Office 2010
Microsoft Office Compatibility Pack -
Microsoft Web Applications 2010
Microsoft Sharepoint Server 2010
383
VMScore
CVE-2018-8150
A security feature bypass vulnerability exists when the Microsoft Outlook attachment block filter does not properly handle attachments, aka "Microsoft Outlook Security Feature Bypass Vulnerability." This affects Microsoft Office.
Microsoft Office 2016
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »