Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Outlook
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 113 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-07-29 | CVE-2019-1105 | A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages. An authenticated attacker could exploit the vulnerability by sending a specially crafted email message to a victim. The attacker who successfully exploited this vulnerability could then perform cross-site scripting attacks on the affected systems and run scripts in the security context of the current user. The security update addresses the vulnerability by correcting... | Outlook | 5.4 | ||
| 2023-03-14 | CVE-2023-23397 | Microsoft Outlook Elevation of Privilege Vulnerability | 365_apps, Office, Office_long_term_servicing_channel, Outlook | 9.8 | ||
| 2021-06-08 | CVE-2021-31949 | Microsoft Outlook Remote Code Execution Vulnerability | 365_apps, Office, Outlook | N/A | ||
| 2023-06-14 | CVE-2023-33131 | Microsoft Outlook Remote Code Execution Vulnerability | Office, Office_long_term_servicing_channel, Outlook, Outlook_rt | N/A | ||
| 2025-02-11 | CVE-2025-21259 | Microsoft Outlook Spoofing Vulnerability | Outlook | 5.3 | ||
| 2023-07-11 | CVE-2023-35311 | Microsoft Outlook Security Feature Bypass Vulnerability | 365_apps, Office, Office_long_term_servicing_channel, Outlook | 8.8 | ||
| 2017-10-13 | CVE-2017-11774 | Microsoft Outlook 2010 SP2, Outlook 2013 SP1 and RT SP1, and Outlook 2016 allow an attacker to execute arbitrary commands, due to how Microsoft Office handles objects in memory, aka "Microsoft Outlook Security Feature Bypass Vulnerability." | Outlook | 7.8 | ||
| 2015-04-14 | CVE-2015-1641 | Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, and Office Web Apps Server 2010 SP2 and 2013 SP1 allow remote attackers to execute arbitrary code via a crafted RTF document, aka "Microsoft Office Memory Corruption Vulnerability." | Office, Office_compatibility_pack, Office_web_apps, Outlook, Sharepoint_server, Word | 7.8 | ||
| 2025-01-14 | CVE-2025-21357 | Microsoft Outlook Remote Code Execution Vulnerability | 365_apps, Office, Outlook | 6.7 | ||
| 2025-01-14 | CVE-2025-21361 | Microsoft Outlook Remote Code Execution Vulnerability | Office, Outlook | 7.8 |