| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 (v15) consumer family of products could allow an attacker to combine this vulnerability with another attack to trick an affected client into downloading a malicious update instead of the expected one. CWE-295: Improper server certificate verification in the communication with the update server. |
| A vulnerability in Trend Micro Apex One, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services on macOS may allow an attacker to manipulate a certain binary to load and run a script from a user-writable folder, which then would allow them to execute arbitrary code as root. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
| A remote code execution vulnerability exists in Microsoft Project software when the software fails to check the source markup of a file, aka 'Microsoft Project Remote Code Execution Vulnerability'. |
| A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1446, CVE-2020-1447. |
| A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1446, CVE-2020-1448. |
| A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1447, CVE-2020-1448. |
| An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka 'Microsoft Office Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1342. |
| A spoofing vulnerability exists when an Office Web Apps server does not properly sanitize a specially crafted request, aka 'Office Web Apps XSS Vulnerability'. |
| A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka 'Microsoft Outlook Remote Code Execution Vulnerability'. |
| An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka 'Microsoft Office Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1445. |
| An information disclosure vulnerability exists when Microsoft Project reads out of bound memory due to an uninitialized variable, aka 'Microsoft Project Information Disclosure Vulnerability'. |
| A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory, aka 'Microsoft Office Remote Code Execution Vulnerability'. |
| A security feature bypass vulnerability exists in Microsoft Outlook when Office fails to enforce security settings configured on a system, aka 'Microsoft Outlook Security Feature Bypass Vulnerability'. |
| A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1225. |
| A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1226. |
| Microsoft Excel Security Feature Bypass Vulnerability |
| Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft Office Online Spoofing Vulnerability |
| Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability |
