Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Outlook
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 116 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-07-08 | CVE-2025-49699 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | 365_apps, Office, Office_long_term_servicing_channel, Outlook, Powerpoint, Word | 7.0 | ||
| 2025-04-08 | CVE-2025-29805 | Exposure of sensitive information to an unauthorized actor in Outlook for Android allows an unauthorized attacker to disclose information over a network. | Outlook | 7.5 | ||
| 2025-06-10 | CVE-2025-47171 | Improper input validation in Microsoft Office Outlook allows an authorized attacker to execute code locally. | 365_apps, Office, Office_long_term_servicing_channel, Outlook | N/A | ||
| 2025-01-14 | CVE-2025-21357 | Microsoft Outlook Remote Code Execution Vulnerability | 365_apps, Office, Office_long_term_servicing_channel, Outlook | 6.7 | ||
| 2019-07-29 | CVE-2019-1105 | A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages. An authenticated attacker could exploit the vulnerability by sending a specially crafted email message to a victim. The attacker who successfully exploited this vulnerability could then perform cross-site scripting attacks on the affected systems and run scripts in the security context of the current user. The security update addresses the vulnerability by correcting... | Outlook | 5.4 | ||
| 2023-03-14 | CVE-2023-23397 | Microsoft Outlook Elevation of Privilege Vulnerability | 365_apps, Office, Office_long_term_servicing_channel, Outlook | 9.8 |