cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2021-28455,https://securityvulnerability.io/vulnerability/CVE-2021-28455,Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability,Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability,Microsoft,"Microsoft Access 2013 Service Pack 1 (32-bit Editions),Microsoft Access 2013 Service Pack 1 (64-bit Editions),Microsoft Office 2019,Microsoft 365 Apps For Enterprise,Microsoft Office 2016,Microsoft Access 2016 (32-bit Edition),Microsoft Access 2016 (64-bit Edition),Microsoft Office 2013 Service Pack 1,Windows 10 Version 1803,Windows 10 Version 1809,Windows Server 2019,Windows Server 2019 (server Core Installation),Windows 10 Version 1909,Windows Server, Version 1909 (server Core Installation),Windows 10 Version 2004,Windows Server Version 2004,Windows 10 Version 20h2,Windows Server Version 20h2,Windows 10 Version 1507,Windows 10 Version 1607,Windows Server 2016,Windows Server 2016 (server Core Installation),Windows 7,Windows 7 Service Pack 1,Windows 8.1,Windows Server 2008 Service Pack 2,Windows Server 2008 Service Pack 2 (server Core Installation),Windows Server 2008  Service Pack 2,Windows Server 2008 R2 Service Pack 1,Windows Server 2008 R2 Service Pack 1 (server Core Installation),Windows Server 2012,Windows Server 2012 (server Core Installation),Windows Server 2012 R2,Windows Server 2012 R2 (server Core Installation)",8.8,HIGH,0.01874000020325184,false,false,false,false,,false,false,2021-05-11T19:11:14.000Z,0
CVE-2020-1582,https://securityvulnerability.io/vulnerability/CVE-2020-1582,Microsoft Access Remote Code Execution Vulnerability,"A remote code execution vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Access. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file.
The security update addresses the vulnerability by correcting how Microsoft Access handles objects in memory.
",Microsoft,"Microsoft Access 2013 Service Pack 1 (32-bit Editions),Microsoft Access 2013 Service Pack 1 (64-bit Editions),Microsoft Office 2019,Microsoft 365 Apps For Enterprise,Microsoft Access 2016 (32-bit Edition),Microsoft Access 2016 (64-bit Edition),Microsoft Access 2010 Service Pack 2",7.8,HIGH,0.029650000855326653,false,false,false,false,,false,false,2020-08-17T19:15:00.000Z,0
CVE-2020-0760,https://securityvulnerability.io/vulnerability/CVE-2020-0760,,"A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991.",Microsoft,"Microsoft Project,Microsoft Office,Office 365 Proplus,Microsoft Excel,Microsoft Powerpoint,Microsoft Visio,Microsoft Word,Microsoft Publisher 2016 (32-bit Edition),Microsoft Publisher 2016 (64-bit Edition),Microsoft Access,Microsoft Outlook,Microsoft Publisher 2013 Service Pack 1 (32-bit Editions),Microsoft Publisher 2013 Service Pack 1 (64-bit Editions),Microsoft Publisher",8.8,HIGH,0.06233999878168106,false,false,false,false,,false,false,2020-04-15T15:12:40.000Z,0