CVE-2021-42292

CVE-2021-42292 is a Microsoft Excel Security Feature Bypass vulnerability in Microsoft Excel that enables local privilege bypass (local access required). The vulnerability is documented across multiple feeds, with patched fixes provided by Microsoft via Patch Tuesday advisories. Connected sources...

CVE-2016-7262

CVE-2016-7262 is a Microsoft Office vulnerability (Microsoft Excel family) described as a Security Feature Bypass: a crafted cell mishandled on click can allow user-assisted remote command execution. Affected products include Excel 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, Office Compatibi...

CVE-2019-1297

CVE-2019-1297 is a Microsoft Excel remote code execution vulnerability caused by improper handling of memory objects. An attacker can exploit it by convincing a user to open a specially crafted file, executing arbitrary code in the user’s context (higher impact if admin). The vulnerability is add...

CVE-2009-3129

CVE-2009-3129 concerns a remote-code-execution vulnerability in Microsoft Office Excel and related components caused by a FEATHEADER record with an invalid cbHdrData size that affects a pointer offset. Affected products include Excel 2002 SP3, 2003 SP3, 2007 SP1/SP2, Open XML File Format Converte...

CVE-2025-59240

CVE-2025-59240 is an information-disclosure vulnerability in Microsoft Excel (Office) due to improper authorization validation that can allow a local attacker to obtain sensitive data. Connected sources confirm impact across Microsoft Excel products (including various Office/Excel editions and 20...

CVE-2023-36766

CVE-2023-36766 is a Microsoft Excel information-disclosure vulnerability, affecting Excel/Office components. The vulnerability enables information disclosure with a local attack surface and requires user interaction. Public details in connected documents confirm affected products (Microsoft Excel...

CVE-2024-20673

CVE-2024-20673 is a Microsoft Office remote code execution vulnerability tracked across multiple office-product advisories. Public docs show high-severity risk (CVSS v3.1: 7.8), with exploitation described as a remote code execution requiring local access and user interaction in some vectors. Con...

CVE-2017-11884

Technical details about CVE-2017-11884 are not publicly provided in the connected documents; no specific affected products, versions, exploit vectors, or remediation are disclosed here. Monitor for updates.

CVE-2022-29110

CVE-2022-29110 refers to a Microsoft Excel remote code execution vulnerability documented in the NVD entry. Available connected documents provide concrete remediation: for Excel 2016, the May 10, 2022 security update KB5002196 addresses this issue (and KB5002196 notes Excel 2016 install requireme...

CVE-2025-21381

CVE-2025-21381 is a Microsoft Excel remote code execution vulnerability affecting Excel 2016 (KB5002687) and related Office Excel components. Public references indicate an RCE path via Excel, with the initial entry listing Excel as the affected product and the security update KB5002687 fixing it....

CVE-2023-23399

The CVE-2023-23399 vulnerability affects Microsoft Excel (Office/Excel) and is described as a remote code execution vulnerability. Exploit-DB reports a case for Microsoft Excel 365 MSO (64-bit) v2302 build 16.0.16130.20186 with RCE via a specially crafted file, illustrating a crafted-file attack ...

CVE-2022-26903

Technical details about CVE-2022-26903 (affected components, root cause, impact, and fixes) are not provided in the supplied documents. Monitor for updates from Microsoft and CVE databases for official disclosures and remediation information.

CVE-2022-26901

Technical details are not provided in the supplied documents. No affected products, versions, root cause, impact, or fixes are listed here. Monitor official advisories for updates.

CVE-2023-24953

CVE-2023-24953 corresponds to a Microsoft Excel remote code execution vulnerability. Public documents describe impact as the ability to execute arbitrary code in Excel, enabling local or user-initiated exploitation. The vulnerability is addressed by Microsoft security updates for Excel (e.g., KB5...

CVE-2021-40442

CVE-2021-40442 is a Microsoft Excel remote code execution vulnerability. The connected Nessus/NVIDIA sources reiterate that Excel can be exploited to run arbitrary code (RCE) on the target, with exploitation possible via Microsoft Excel/Office components. The vulnerability is addressed by Microso...

CVE-2019-1111

CVE-2019-1111 describes a remote code execution vulnerability in Microsoft Excel due to improper handling of in-memory objects. Exploitation could allow arbitrary code execution in the context of the current user; with administrative rights, control of the system is possible. The vulnerability is...

CVE-2020-0650

CVE-2020-0650 : A remote code execution vulnerability in Microsoft Excel/VBA objects handling in memory. Connected documents (Nessus/OpenVAS plugins) tie this CVE to multiple Office/Excel vulnerabilities discovered in January 2020, affecting Excel components across various Office suites (includin...

CVE-2020-0760

CVE-2020-0760 is a remote code execution vulnerability affecting Microsoft Office products (Word/Excel/PowerPoint/Visio) via improper loading of arbitrary type libraries. The root cause is how Office loads type libraries, which could allow an attacker to execute arbitrary code in the context of t...

CVE-2021-34501

CVE-2021-34501 is described as a Microsoft Excel remote code execution vulnerability. Connected materials identify affected products as Excel in multiple Office suites (including 2013/2016 and Office Online Server variants) and indicate that exploitation could allow remote code execution. Public ...

CVE-2019-1110

CVE-2019-1110 affects Microsoft Excel; a remote code execution vulnerability exists when Excel fails to properly handle objects in memory. Exploitation could allow running arbitrary code in the user’s context; impact is high. The issue is addressed by Microsoft Office security updates in the July...

CVE-2022-30173

CVE-2022-30173 is identified as a Microsoft Excel Remote Code Execution vulnerability. Connected sources confirm an Excel-related RCE in Office/Excel 2016 and reference security update KB5002208 as the remediation path. The documents do not disclose the exact root cause, vulnerable component/vers...

CVE-2012-1847

CVE-2012-1847 affects Microsoft Office Excel and related components (Excel 2003 SP3; Excel 2007 SP2/SP3; Excel 2010 SP1; Office for Mac 2008/2011; Excel Viewer; Office Compatibility Pack SP2/SP3). The vulnerability stems from memory handling when opening specially crafted spreadsheets, enabling r...

CVE-2020-16929

CVE-2020-16929 (Microsoft Excel RCE) is a remote code execution vulnerability caused by improper handling of in-memory objects. Successful exploitation requires a user to open a specially crafted Excel file, via email or web-hosted lure. If the user runs with administrative rights, an attacker co...

CVE-2024-49069

CVE-2024-49069 is an Excel remote code execution vulnerability in Microsoft Office. The issue targets Excel components and can let an attacker execute arbitrary code by tricking a user into opening a maliciously crafted file. The entry lists a CVSS v3.1 base score of 7.8 (High) with LOCAL attack ...

CVE-2023-23398

Technical details about CVE-2023-23398 are not provided in the supplied documents. Public information in these sources is limited; monitor for updates from official advisories (MSRC) and vendors.

CVE-2020-17128

CVE-2020-17128 is a Microsoft Excel remote code execution vulnerability that is cited across multiple Nessus plugins as part of the December 2020 Office security updates. Technical details in the connected documents show Excel-related RCE vulnerabilities addressed together with other CVEs (e.g., ...

CVE-2022-33631

Technical details about CVE-2022-33631 are not publicly available in the provided documents. Monitor for updates from official sources for affected products, vulnerable components, and fixes.

CVE-2022-21840

CVE-2022-21840 is a Microsoft Office remote code execution vulnerability. Public documentation notes an Office RCE that can be exploited via social engineering (e.g., opening a malicious attachment or visiting a malicious site) and may require user interaction. The CVSS details indicate high impa...

CVE-2020-17123

CVE-2020-17123 is a Microsoft Excel Remote Code Execution vulnerability. Public documents confirm an RCE exists in Excel when processing specially crafted Office files, with the underlying issue tied to Excel components/file handling (the CVE is listed among Excel-related updates for December 202...

CVE-2024-43504

CVE-2024-43504 – Microsoft Excel RCE : Public sources confirm a remote code execution vulnerability in Microsoft Excel (Office suite). The vulnerability affects Excel components (including Excel 2016 via KB5002643 and newer Office updates) and can be triggered by user interaction when a crafted f...

CVE-2021-38655

CVE-2021-38655 is a Microsoft Excel remote code execution vulnerability referenced across multiple catalogs. The CVE entry, tied to Excel/Office components, is confirmed in the NVD entry and is cited by various advisories and Nessus plugins as affecting Excel remote code execution, with related C...

CVE-2021-31179

Technical details about CVE-2021-31179 are not provided in the supplied documents. Monitor for updates from Microsoft and vulnerability databases for affected products, root cause, and remediation.

CVE-2023-32029

CVE-2023-32029 is a Microsoft Excel/Office remote code execution vulnerability. The CVSSv3.1 metrics indicate a HIGH impact (C/H, I/H, A/H) with a LOCAL attack vector, LOW attack complexity, no privileges required, but USER INTERACTION is required. Several connected scanner entries (Nessus/OpenVA...

CVE-2020-1225

CVE-2020-1225 and CVE-2020-1226 are remote code execution vulnerabilities in Microsoft Excel related to improper handling of objects in memory. Public sources in the provided documents identify Excel (Office) as affected and explicitly reference the vulnerability family as Excel RCE. The connecte...

CVE-2021-28449

CVE-2021-28449 is described as a Microsoft Office remote code execution vulnerability affecting the Office suite (Office/Word/Excel). Connected documents confirm the CVE is part of April 2021 Office updates and is listed alongside other Office RCE CVEs (e.g., CVE-2021-28453, CVE-2021-28454, CVE-2...

CVE-2012-0142

CVE-2012-0142 involves a memory corruption vulnerability in Microsoft Excel/file format handling (OBJECTLINK record) that can be triggered by opening a crafted spreadsheet, leading to remote code execution. Affected products include Excel 2003 SP3, 2007 SP2/SP3, 2010 SP1, Office for Mac 2008, Exc...

CVE-2021-31177

CVE-2021-31177 is a Microsoft Office/Excel remote code execution vulnerability. Connected sources confirm affected products include Microsoft Office and Excel (C2R and MSI variants) with the issue originating from Office/Excel handling crafted content. Patches released May 11, 2021 (KB5001918 for...

CVE-2019-1448

CVE-2019-1448 is a Microsoft Excel remote code execution vulnerability. The connected documents describe that Excel fails to properly handle objects in memory, leading to the execution of arbitrary code when a user opens a specially crafted file (as seen in Office/Excel advisories and Nessus entr...

CVE-2021-40474

CVE-2021-40474 : Microsoft Excel remote code execution vulnerability. According to the sources, it affects Office/Excel components and has a CVSSv3.1 base score of 7.8 (vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). The issue is described as a local vulnerability that requires user intera...

CVE-2012-0184

CVE-2012-0184 affects Microsoft Excel and related Office components: Excel 2003 SP3, 2007 SP2/SP3, 2010 Gold/SP1; Office for Mac 2008/2011; Excel Viewer; Office Compatibility Pack SP2/SP3. The issue is a memory handling error when opening a crafted spreadsheet, enabling remote code execution. Thi...

CVE-2021-1714

CVE-2021-1714 is an Excel remote code execution vulnerability affecting Microsoft Excel (Office). The connected sources indicate a vulnerability in Excel with a CVSS v3.1 base score of 7.8 (HIGH) and an attack vector LOCAL requiring user interaction, with confidentiality, integrity, and availabil...

CVE-2020-16932

CVE-2020-16932 is a Microsoft Excel remote code execution vulnerability. The issue stems from how Excel handles objects in memory, allowing an attacker to run arbitrary code in the context of the current user when a specially crafted Excel file is opened. Exploitation can occur via email (malicio...

CVE-2020-16931

CVE-2020-16931 affects Microsoft Excel. A remote code execution flaw arises from improper handling of in-memory objects, allowing arbitrary code execution in the attacker’s context if a user opens a specially crafted Excel file. Exploitation scenarios include email attachments or hosting a crafte...

CVE-2023-36041

CVE-2023-36041 : Microsoft Excel Remote Code Execution vulnerability. The CVE affects Microsoft Excel with a published PoC and is cited in Microsoft Patch Tuesday coverage as a vulnerability with PoCs for Excel. Affected product is Excel (Office suite); CVSS v3.1 base score 7.8 (HIGH) with LOCAL ...

CVE-2011-1986

CVE-2011-1986 is a use-after-free vulnerability in Microsoft Excel 2003 SP3 triggered by parsing a crafted spreadsheet, enabling remote code execution. The issue stems from memory handling during Excel’s record parsing (Excel Record Parsing Use After Free). Several advisories reference this as a ...

CVE-2011-1988

Microsoft Excel heap memory corruption vulnerability (MS11-072) tied to parsing BIFF2 records in Excel files can allow remote code execution. Affected products include Excel 2003 SP3, 2007 SP2, Office 2007 SP2, Office for Mac variants, Open XML Converter for Mac, Excel Viewer SP2, and related Mac...

CVE-2020-0652

CVE-2020-0652 is a remote code execution vulnerability in Microsoft Office caused by improper handling of memory objects. The NVD entry lists a CVSSv3.1 vector of CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H with a base score of 7.8 (HIGH), indicating a local exploit requiring user interaction an...

CVE-2024-49026

CVE-2024-49026 is a Microsoft Excel remote code execution vulnerability disclosed for Excel in the Office suite. The initial description and connected documents confirm it affects Excel and was addressed by November 2024 security updates (e.g., KB5002648 for Office Online Server/Month 11 2024 and...

CVE-2021-40485

CVE-2021-40485 is described as a Microsoft Excel Remote Code Execution vulnerability. The provided data cites a CVSSv3.1 base score of 7.8 (HIGH), with LOCAL attack vector, LOW attack complexity, NONE privileges required, and user interaction required; impact is HIGH for confidentiality, integrit...

CVE-2012-2543

CVE-2012-2543 is a stack-based buffer overflow in Microsoft Excel components (Windows: Excel 2007 SP2/SP3, Excel 2010 SP1; Mac: Office 2011; Excel Viewer; Office Compatibility Pack SP2/SP3). The vulnerability arises while handling crafted spreadsheets, enabling remote code execution. Connected so...