VDB
GCVE-110-NCSC-2024-337
GCVE-110-NCSC-2024-337
Advisory PublishedCVSS 7.8/10
Microsoft heeft kwetsbaarheden verholpen in diverse Office producten.
Weaknesses (CWE)
CWE-122Heap-based Buffer OverflowCWE-416Use After FreeCWE-73External Control of File Name or PathCWE-20Improper Input ValidationCWE-200Exposure of Sensitive Information to an Unauthorized ActorCWE-451User Interface (UI) Misrepresentation of Critical InformationCWE-59Improper Link Resolution Before File Access ('Link Following')CWE-918Server-Side Request Forgery (SSRF)
Risk Scores
CVSS 3.1
7.8/10
High · CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| microsoft | microsoft_project_2016 | — | — |
| microsoft | 365_apps | — | — |
| microsoft | microsoft_365_apps_for_enterprise | — | — |
| microsoft | office | — | — |
| microsoft | microsoft_office_2019 | — | — |
| microsoft | copilot_studio | — | — |
| microsoft | microsoft_office_ltsc_2021 | — | — |
| microsoft | microsoft_copilot_studio | — | — |
| microsoft | microsoft_outlook_2016 | — | — |
| microsoft | outlook | — | — |
| microsoft | microsoft_teams_for_ios | — | — |
| microsoft | office_2016 | — | — |
| microsoft | microsoft_office_2016 | — | — |
| microsoft | microsoft_officeplus | — | — |
| microsoft | microsoft_office_ltsc_for_mac_2021 | — | — |
| microsoft | microsoft_powerpoint_2016 | — | — |
| microsoft | office_long_term_servicing_channel | — | — |
| microsoft | office_2019 | — | — |
Browse GCVE Records
73,443 records in the GCVE database · Updated July 18, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.