cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-20670,https://securityvulnerability.io/vulnerability/CVE-2024-20670,Windows Spoofing Vulnerability Affects Outlook Users,"The Windows Spoofing Vulnerability, tagged as CVE-2024-20670, affects Outlook for Windows users. It is part of a record-breaking Patch Tuesday release from Microsoft, which includes fixes for 147 vulnerabilities. The impact and potential exploitation of this vulnerability are not specified, and there is no indication of any exploitation by ransomware groups.",Microsoft,Outlook For Windows,8.1,HIGH,0.0004299999854993075,false,true,false,false,,false,false,2024-04-09T17:01:24.844Z,0
CVE-2010-3147,https://securityvulnerability.io/vulnerability/CVE-2010-3147,,"Untrusted search path vulnerability in wab.exe 6.00.2900.5512 in Windows Address Book in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a Trojan horse wab32res.dll file in the current working directory, as demonstrated by a directory that contains a Windows Address Book (WAB), VCF (aka vCard), or P7C file, aka ""Insecure Library Loading Vulnerability.""  NOTE: the codebase for this product may overlap the codebase for the product referenced in CVE-2010-3143.",Microsoft,"Outlook Express,Windows 2003 Server,Windows 7,Windows Server 2003,Windows Server 2008,Windows Vista,Windows Xp",,,0.4502600133419037,false,false,false,false,,false,false,2010-08-27T18:10:00.000Z,0
CVE-2008-1448,https://securityvulnerability.io/vulnerability/CVE-2008-1448,,"The MHTML protocol handler in a component of Microsoft Outlook Express 5.5 SP2 and 6 through SP1, and Windows Mail, does not assign the correct Internet Explorer Security Zone to UNC share pathnames, which allows remote attackers to bypass intended access restrictions and read arbitrary files via an mhtml: URI in conjunction with a redirection, aka ""URL Parsing Cross-Domain Information Disclosure Vulnerability.""",Microsoft,"Outlook Express,Windows Mail",,,0.5492500066757202,false,false,false,false,,false,false,2008-08-13T00:00:00.000Z,0
CVE-2008-3068,https://securityvulnerability.io/vulnerability/CVE-2008-3068,,"Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail message or (2) signed document, which allows remote attackers to obtain reading times and IP addresses of recipients, and port-scan results, via a crafted certificate with an Authority Information Access (AIA) extension.",Microsoft,"Frontpage,Sharepoint Designer,Office Communicator,Access,Visio Professional,Outlook,Project Standard,Powerpoint,Infopath,Visio Standard,Windows Live Mail,Publisher,Onenote,Excel,Project Professional,Office,Groove",,,0.05584000051021576,false,false,false,false,,false,false,2008-07-07T23:41:00.000Z,0
CVE-2007-3897,https://securityvulnerability.io/vulnerability/CVE-2007-3897,,"Heap-based buffer overflow in Microsoft Outlook Express 6 and earlier, and Windows Mail for Vista, allows remote Network News Transfer Protocol (NNTP) servers to execute arbitrary code via long NNTP responses that trigger memory corruption.",Microsoft,"Outlook Express,Windows Mail",,,0.9571400284767151,false,false,false,false,,false,false,2007-10-09T22:00:00.000Z,0
CVE-2000-0216,https://securityvulnerability.io/vulnerability/CVE-2000-0216,,"Microsoft email clients in Outlook, Exchange, and Windows Messaging automatically respond to Read Receipt and Delivery Receipt tags, which could allow an attacker to flood a mail system with responses by forging a Read Receipt request that is redirected to a large distribution list.",Microsoft,"Outlook,Exchange Server,Windows Messaging",,,0.006709999870508909,false,false,false,false,,false,false,2000-02-29T05:00:00.000Z,0
CVE-1999-0967,https://securityvulnerability.io/vulnerability/CVE-1999-0967,,"Buffer overflow in the HTML library used by Internet Explorer, Outlook Express, and Windows Explorer via the res: local resource protocol.",Microsoft,"Outlook Express,Windows Explorer,Internet Explorer",,,0.003490000031888485,false,false,false,false,,false,false,1997-11-01T05:00:00.000Z,0