Lucene search
K
MicrosoftAccess2016

14 matches found

CVE
CVE
added 2020/04/15 3:12 p.m.205 views

CVE-2020-0760

CVE-2020-0760 is a remote code execution vulnerability affecting Microsoft Office products (Word/Excel/PowerPoint/Visio) via improper loading of arbitrary type libraries. The root cause is how Office loads type libraries, which could allow an attacker to execute arbitrary code in the context of t...

8.8CVSS8.5AI score0.0861EPSS
CVE
CVE
added 2020/08/17 7:13 p.m.131 views

CVE-2020-1582

CVE-2020-1582 is a Microsoft Access remote code execution vulnerability caused by improper handling of in-memory objects. An attacker could run arbitrary code in the caller’s context by convincing a user to open a specially crafted Access file; if the user has administrative rights, system takeov...

7.8CVSS8.7AI score0.02678EPSS
CVE
CVE
added 2025/03/11 4:59 p.m.127 views

CVE-2025-26630

CVE-2025-26630 is a use-after-free vulnerability in Microsoft Office Access that can allow a local attacker to execute arbitrary code. The issue affects Microsoft Access/Office components and is rated CVSS v3.1 base score 7.8 (High) with Local attack vector, Privileges None, User Interaction requ...

7.8CVSS7.6AI score0.00916EPSS
CVE
CVE
added 2025/01/14 6:4 p.m.125 views

CVE-2025-21395

CVE-2025-21395 is a Microsoft Access remote code execution vulnerability. Documents indicate it affects Microsoft Access/Office components and is exploitable by convincing a target to download and run a malicious file via social engineering. CVSSv3.1 data shows Local attack vector, Privileges Req...

7.8CVSS7.8AI score0.00997EPSS
CVE
CVE
added 2025/01/14 6:4 p.m.123 views

CVE-2025-21186

CVE-2025-21186 is a Microsoft Access remote code execution vulnerability. Public details in connected sources indicate a heap-based buffer overflow in Microsoft Access (notably Access 2016, 32/64‑bit) that could allow arbitrary code execution when a user opens a crafted file or input. Exploitatio...

7.8CVSS7.8AI score0.01117EPSS
CVE
CVE
added 2025/04/08 5:23 p.m.123 views

CVE-2025-26642

CVE-2025-26642 is a Microsoft Office remote code execution vulnerability (out-of-bounds read) that allows a local attacker to run code on the victim’s machine. Public details in connected documents indicate the issue affects Office components (e.g., Excel) and can be triggered via crafted inputs ...

7.8CVSS7.4AI score0.00719EPSS
CVE
CVE
added 2015/11/11 11:0 a.m.114 views

CVE-2015-2503

CVE-2015-2503 is an Office Elevation of Privilege vulnerability that can be triggered via a crafted web site loaded in Internet Explorer to bypass sandbox protections and gain privileges. The initial CVE entry lists Microsoft Office 2007–2016 products (Word, Excel, PowerPoint, Access, InfoPath, V...

9.3CVSS6.8AI score0.1684EPSS
CVE
CVE
added 2025/01/14 6:4 p.m.114 views

CVE-2025-21366

CVE-2025-21366 is a Microsoft Access remote code execution vulnerability. Connected sources confirm an Access/Office component impact with a patch released in January 2025 (KB5002670) for Access 2016 (32- and 64-bit). Exploitation details in the provided documents indicate social‑engineering deli...

7.8CVSS7.8AI score0.01087EPSS
CVE
CVE
added 2024/12/10 5:49 p.m.113 views

CVE-2024-49142

CVE-2024-49142 is a Microsoft Access remote code execution vulnerability. Connected sources confirm a vulnerability in Microsoft Access that allows arbitrary code execution when a malicious file is opened or run, and Microsoft released a security update to address it (KB5002641 for Access 2016). ...

7.8CVSS7.8AI score0.0105EPSS
CVE
CVE
added 2018/07/11 12:0 a.m.92 views

CVE-2018-8312

CVE-2018-8312 targets Microsoft Access and Microsoft Office. The vulnerability is described as a remote code execution flaw caused by improper handling of objects in memory, allowing an attacker to run arbitrary code when a user opens a crafted file. In public connected materials, related advisor...

9.3CVSS7.9AI score0.19546EPSS
CVE
CVE
added 2018/03/14 5:0 p.m.81 views

CVE-2018-0903

CVE-2018-0903 affects Microsoft Access products: Access 2010 SP2, Access 2013 SP1, Access 2016, and Office 2016 Click-to-Run. The issue is a remote code execution vulnerability caused by how objects are handled in memory, allowing arbitrary code execution when a user opens a specially crafted fil...

7.8CVSS8AI score0.16575EPSS
CVE
CVE
added 2025/12/09 5:55 p.m.48 views

CVE-2025-62552

CVE-2025-62552 describes a relative path traversal in Microsoft Access that allows a local attacker to execute code. Affected products include Microsoft Office/Access components across Office 2016 and later suites; the root cause is path traversal in Access which can lead to remote code execution...

7.8CVSS6.9AI score0.00562EPSS
CVE
CVE
added 2025/10/14 5:0 p.m.37 views

CVE-2025-59235

CVE-2025-59235 is an information-disclosure vulnerability in Microsoft Excel (Office) caused by an out-of-bounds read. Public sources in the connected docs consistently identify the affected component as Excel within the Microsoft Office suite and link the issue to Excel information-disclosure mi...

7.1CVSS6AI score0.00596EPSS
CVE
CVE
added 2025/10/14 5:1 p.m.30 views

CVE-2025-59232

CVE-2025-59232 is an information-disclosure vulnerability in Microsoft Excel (part of Microsoft Office) caused by an out-of-bounds read that can disclose local data. The issue affects Excel components within Office; remediation is available via Microsoft Office security updates released October 2...

7.1CVSS6AI score0.00442EPSS