Lucene search
K
MicrosoftExcel

415 matches found

CVE
CVE
added 2011/09/15 10:0 a.m.159 views

CVE-2011-1988

Microsoft Excel heap memory corruption vulnerability (MS11-072) tied to parsing BIFF2 records in Excel files can allow remote code execution. Affected products include Excel 2003 SP3, 2007 SP2, Office 2007 SP2, Office for Mac variants, Open XML Converter for Mac, Excel Viewer SP2, and related Mac...

9.3CVSS7.4AI score0.18609EPSS
CVE
CVE
added 2013/09/11 10:0 a.m.158 views

CVE-2013-1315

CVE-2013-1315 is a remote code execution/memory corruption vulnerability affecting Microsoft Office components. The public records identify affected products as Microsoft SharePoint Server 2007 SP3, 2010 SP1/SP2, 2013; Office Web Apps 2010; Excel 2003 SP3/2007 SP3/2010 SP1/SP2/2013/2013 RT; Offic...

9.3CVSS7.6AI score0.28702EPSS
CVE
CVE
added 2020/01/14 11:11 p.m.157 views

CVE-2020-0652

CVE-2020-0652 is a remote code execution vulnerability in Microsoft Office caused by improper handling of memory objects. The NVD entry lists a CVSSv3.1 vector of CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H with a base score of 7.8 (HIGH), indicating a local exploit requiring user interaction an...

7.8CVSS7.8AI score0.16962EPSS
CVE
CVE
added 2021/05/11 7:11 p.m.156 views

CVE-2021-31175

CVE-2021-31175 is a Microsoft Office/Excel remote code execution vulnerability described as a Microsoft Office Remote Code Execution Vulnerability. Connection documents confirm it is part of a set of Office/Excel remote code execution vulnerabilities addressed by May 2021 security updates (e.g., ...

7.8CVSS7.8AI score0.03156EPSS
CVE
CVE
added 2019/09/11 9:24 p.m.155 views

CVE-2019-1263

CVE-2019-1263 — Microsoft Excel Information Disclosure . The connected Nessus/Office update docs confirm an information disclosure in Excel where memory contents may be exposed. The vulnerability is tied to Excel's handling of in-memory objects, enabling potential leakage of sensitive data. The O...

5.5CVSS6AI score0.07768EPSS
CVE
CVE
added 2023/11/14 5:57 p.m.155 views

CVE-2023-36037

CVE-2023-36037 is a Microsoft Excel security feature bypass vulnerability. Public sources label it as a high-severity, local-access issue with high impact to confidentiality, integrity, and availability (CVSSv3.1: AV=L, AC=L, PR=None, UI=Required, S=U, C/H/I/A=H). Exploitation status is not discl...

7.8CVSS7.5AI score0.01161EPSS
CVE
CVE
added 2004/09/17 4:0 a.m.154 views

CVE-2004-0200

CVE-2004-0200 is a buffer-overflow vulnerability in the JPEG parsing engine of Microsoft GDI+ (GDIPlus.dll). The flaw allows remote code execution when a specially crafted JPEG image is processed, with the attack vector involving JPEG data that is mis-sized during a memory copy. The vulnerability...

9.3CVSS7.6AI score0.49024EPSS
CVE
CVE
added 2012/11/14 12:0 a.m.154 views

CVE-2012-2543

CVE-2012-2543 is a stack-based buffer overflow in Microsoft Excel components (Windows: Excel 2007 SP2/SP3, Excel 2010 SP1; Mac: Office 2011; Excel Viewer; Office Compatibility Pack SP2/SP3). The vulnerability arises while handling crafted spreadsheets, enabling remote code execution. Connected so...

9.3CVSS7.9AI score0.26204EPSS
CVE
CVE
added 2020/08/17 7:13 p.m.151 views

CVE-2020-1496

CVE-2020-1496 is a Microsoft Excel remote code execution vulnerability where the app fails to properly handle objects in memory. The issue allows an attacker to run arbitrary code in the context of the current user, with higher impact if the user has administrative rights. Exploitation requires a...

9.3CVSS9AI score0.04212EPSS
CVE
CVE
added 2020/12/09 11:36 p.m.151 views

CVE-2020-17125

CVE-2020-17125 is a Microsoft Excel Remote Code Execution vulnerability. The connected Nessus/Excel update references confirm: exploit requires a user, local access, and a specially crafted Excel file can trigger arbitrary code execution on affected Office/Excel builds. Remediation is available v...

9.3CVSS7.8AI score0.03308EPSS
CVE
CVE
added 2009/11/11 8:0 p.m.150 views

CVE-2009-3130

CVE-2009-3130 corresponds to the Excel Document Parsing Heap Overflow vulnerability. Affected software includes Microsoft Office Excel 2002 SP3, Excel 2003 and newer on Windows via BIFF parsing, and Office for Mac variants plus the Open XML File Format Converter for Mac. The root cause is imprope...

9.3CVSS7.7AI score0.28934EPSS
CVE
CVE
added 2020/12/09 11:36 p.m.150 views

CVE-2020-17129

CVE-2020-17129 is a Microsoft Excel remote code execution vulnerability documented in multiple sources linked to the December 2020 Excel security updates. The Nessus plugin groups this CVE with other Excel RCE flaws and notes that affected Office/Excel products were missing security updates, impl...

9.3CVSS7.8AI score0.03308EPSS
CVE
CVE
added 2022/02/09 4:37 p.m.150 views

CVE-2022-22716

CVE-2022-22716 affects Microsoft Excel (part of Office) with an information-disclosure vulnerability. Publicly documented impact is disclosure of potentially sensitive information. Microsoft and third-party advisories reference Excel-specific fixes in February 2022 security updates (e.g., KB50021...

5.5CVSS5.4AI score0.04642EPSS
CVE
CVE
added 2021/01/12 7:42 p.m.149 views

CVE-2021-1713

CVE-2021-1713 corresponds to a Microsoft Excel remote code execution vulnerability affecting Office/Excel products. The connected documents confirm multiple Office-related CVEs in January 2021 (CVE-2021-1713 among others) with Microsoft security updates issued in that period. The provided sources...

7.8CVSS7.6AI score0.03101EPSS
CVE
CVE
added 2021/05/11 7:11 p.m.148 views

CVE-2021-31178

CVE-2021-31178 is described in the connected documents as an information-disclosure vulnerability in Microsoft Office. The Nessus/OpenVAS entries reference this CVE as part of the Office May 2021 vulnerability set and note affected products (Office/Excel) and the need for security updates, listin...

5.5CVSS6.1AI score0.16012EPSS
CVE
CVE
added 2011/04/13 6:0 p.m.147 views

CVE-2011-0097

CVE-2011-0097 is a Microsoft Excel integer-overflow in the 400h substream parsing that can trigger a stack-based buffer overflow and remote code execution. Affected are Excel on Windows (2002 SP3/2003 SP3/2007 SP2/2010) and Mac variants, plus related File Format converters/viewers. The vulnerabil...

9.3CVSS7.6AI score0.38221EPSS
CVE
CVE
added 2012/05/09 12:0 a.m.147 views

CVE-2012-0141

CVE-2012-0141 affects Microsoft Excel and related Office components across Windows and Mac platforms (Excel 2003 SP3, 2007 SP2/SP3, 2010 SP1/Gold, Office 2011 for Mac, Excel Viewer, Office Compatibility Pack). The root cause is memory corruption during parsing/opening specially crafted Excel/RTF ...

9.3CVSS7.5AI score0.21769EPSS
CVE
CVE
added 2020/08/17 7:13 p.m.147 views

CVE-2020-1494

CVE-2020-1494 details (Excel RCE): Microsoft Excel contains a remote code execution vulnerability due to improper handling of in-memory objects. An attacker can run arbitrary code in the context of the current user, potentially taking control of the system if the user has administrative rights. E...

9.3CVSS9AI score0.04212EPSS
CVE
CVE
added 2025/01/14 6:4 p.m.147 views

CVE-2025-21362

CVE-2025-21362 is Microsoft Excel remote code execution vulnerability. Connected CNVD-2025-02966 describes it as a Microsoft Excel resource management error that could allow an attacker to remotely execute code. Public references indicate Microsoft released January 2025 security updates (KB500267...

8.4CVSS7.8AI score0.00934EPSS
CVE
CVE
added 2012/11/14 12:0 a.m.145 views

CVE-2012-1885

CVE-2012-1885 is a heap-based buffer overflow in Microsoft Excel components that affects Excel 2003 SP3, 2007 SP2/SP3, 2010 SP1, Office for Mac 2008/2011, and Office Compatibility Pack SP2/SP3. The root cause is a SerAuxErrBar heap overflow triggered by processing a crafted spreadsheet, enabling ...

9.3CVSS7.9AI score0.29287EPSS
CVE
CVE
added 2013/09/11 10:0 a.m.145 views

CVE-2013-3158

CVE-2013-3158 affects Microsoft Excel 2003 SP3 and 2007 SP3, where memory corruption in parsing crafted Office documents can lead to remote code execution or denial of service. Root cause is memory corruption within Excel’s handling of Office file content. Exploitation details are not provided in...

9.3CVSS7.6AI score0.18778EPSS
CVE
CVE
added 2020/04/15 3:12 p.m.145 views

CVE-2020-0906

Microsoft Excel contains a remote code execution vulnerability (CVE-2020-0906) where the application fails to properly handle objects in memory, allowing code to run in the attacker’s context. The Nessus updates describe Excel-specific RCEs and note that Office products were missing updates as of...

9.3CVSS8.8AI score0.11261EPSS
CVE
CVE
added 2020/12/09 11:36 p.m.144 views

CVE-2020-17127

CVE-2020-17127 is a Microsoft Excel remote code execution vulnerability associated with the December 2020 Excel security updates. Affected product: Microsoft Excel (Office). The provided documents confirm Excel RCEs across multiple CVEs (including 17127) and that patches were released in December...

9.3CVSS7.8AI score0.03308EPSS
CVE
CVE
added 2012/05/09 12:0 a.m.142 views

CVE-2012-0143

CVE-2012-0143 affects Microsoft Excel 2003 SP3 and Office 2008 for Mac, where memory corruption during file opening can allow remote code execution via a crafted spreadsheet. The vulnerability is part of a family including CVE-2012-0141/0142/0143/0143/0184 (and related) affecting Office component...

9.3CVSS7.5AI score0.2239EPSS
CVE
CVE
added 2011/06/16 8:21 p.m.140 views

CVE-2011-1273

Microsoft Excel (Windows: 2002/2003/2007/2010; Mac: 2004/2008/2011; Open XML Converter for Mac; Excel Viewer; Office Compatibility Pack) is affected by CVE-2011-1273 due to improper validation/parsing of Excel records. Multiple advisories attribute the issue to parsing errors (record-type handlin...

9.3CVSS7.6AI score0.16968EPSS
CVE
CVE
added 2020/08/17 7:13 p.m.140 views

CVE-2020-1495

CVE-2020-1495 (Microsoft Excel) : A remote code execution via memory corruption in Excel occurs when the application fails to correctly handle objects in memory. An attacker who can lure a user to open a specially crafted Excel file (e.g., via email or a website) could execute arbitrary code in t...

9.3CVSS9AI score0.04212EPSS
CVE
CVE
added 2021/05/11 7:11 p.m.139 views

CVE-2021-31174

CVE-2021-31174 is a Microsoft Excel information-disclosure vulnerability. The CVSSv3.1 base score is 5.5 (MEDIUM) with LOCAL attack vector, LOW attack complexity, and HIGH confidentiality impact (I:N, C:H, A:N). Public references in the connected documents indicate this CVE is addressed by the Ex...

5.5CVSS6.1AI score0.02939EPSS
CVE
CVE
added 2024/05/14 4:57 p.m.139 views

CVE-2024-30042

CVE-2024-30042 affects Microsoft Excel (Office suite). The vulnerability enables remote code execution via a crafted file, with a local attack vector and requires user interaction. The CVSS v3.1 base score is 7.8 (HIGH), with confidentiality, integrity, and availability impacts all high; attack v...

7.8CVSS7AI score0.02136EPSS
CVE
CVE
added 2017/09/13 1:0 a.m.138 views

CVE-2017-8631

CVE-2017-8744 is a remote code execution in Microsoft Office components caused by improper handling of in-memory objects, leading to memory corruption. Documented affected software includes Excel Services and Excel 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016, as well as related Office Web...

9.3CVSS7.6AI score0.16358EPSS
CVE
CVE
added 2020/02/11 9:23 p.m.138 views

CVE-2020-0759

CVE-2020-0759 is a Microsoft Excel remote code execution vulnerability. The provided sources consistently describe a flaw where Excel mismanages in‑memory objects, enabling an attacker to execute arbitrary code in the context of the current user. The entry is linked to Microsoft Excel/Office, wit...

9.3CVSS8.8AI score0.15168EPSS
CVE
CVE
added 2021/10/13 12:27 a.m.138 views

CVE-2021-40472

CVE-2021-40472 is an information-disclosure vulnerability in Microsoft Excel. The NVD entry lists CVSS v3.1 impact: confidentiality HIGH with LOCAL attack vector, low complexity, and no user interaction (base score 5.5). CVSS v2.0 reflects a lower base score (2.1). The connected documents confirm...

5.5CVSS5.9AI score0.00715EPSS
CVE
CVE
added 2021/09/15 11:24 a.m.137 views

CVE-2021-38660

CVE-2021-38660 is a Microsoft Office graphics remote code execution vulnerability. The CVE affects Office components handling graphics (e.g., Excel/Office 2013 era) and is associated with a high impact, allowing code execution, reportedly triggered via Office graphics processing. The incident is ...

7.8CVSS7.5AI score0.02098EPSS
CVE
CVE
added 2020/01/14 11:11 p.m.136 views

CVE-2020-0651

CVE-2020-0651 is a remote code execution vulnerability in Microsoft Excel/Office where memory objects are mishandled, allowing arbitrary code execution in the context of the current user via crafted files. Connected documents corroborate that multiple Excel/Office variants (Windows/macOS) and rel...

9.3CVSS7.9AI score0.17168EPSS
CVE
CVE
added 2020/08/17 7:13 p.m.133 views

CVE-2020-1498

CVE-2020-1498 is a remote code execution vulnerability in Microsoft Excel caused by improper handling of objects in memory. An attacker who can lure a user to open a specially crafted Excel file could execute arbitrary code in the user’s context. If the user has administrative rights, the attacke...

9.3CVSS9AI score0.0393EPSS
CVE
CVE
added 2021/04/13 7:33 p.m.132 views

CVE-2021-28451

CVE-2021-28451 is a Microsoft Excel remote code execution vulnerability. Public documentation in the initial record shows CVSS v3.1 base score 7.8 (HIGH) with LOCAL, LOW-C, UI:R, CONSEQUENCES: HIGH for confidentiality, integrity, and availability. The connected Microsoft security advisories indic...

7.8CVSS7.8AI score0.0235EPSS
CVE
CVE
added 2019/10/10 1:28 p.m.130 views

CVE-2019-1331

CVE-2019-1331 is a Microsoft Excel remote code execution vulnerability caused by improper handling of in-memory objects. The Red Hat CVE entries and NVD description identify it as an Excel memory‑handling issue that enables RCE when exploited, with no further exploit details provided in the suppl...

9.3CVSS8.8AI score0.17876EPSS
CVE
CVE
added 2020/09/11 5:9 p.m.130 views

CVE-2020-1224

CVE-2020-1224 describes an information-disclosure vulnerability in Microsoft Excel where memory contents could be improperly disclosed. The issue arises when Excel handles objects in memory, allowing an attacker to craft a document that, if opened by a user, could reveal memory contents and poten...

5.5CVSS6.4AI score0.04352EPSS
CVE
CVE
added 2021/07/14 5:54 p.m.130 views

CVE-2021-34518

CVE-2021-34518 is an Excel Remote Code Execution vulnerability affecting Microsoft Excel/Office. NT/LOCAL exploitability is reported when handling Excel files, with Microsoft patching via the July 2021 security updates (e.g., KB5001977 for Excel 2016). Connected sources also reference Nessus plug...

7.8CVSS7.8AI score0.02151EPSS
CVE
CVE
added 2019/12/10 9:40 p.m.128 views

CVE-2019-1464

CVE-2019-1464 is an information disclosure vulnerability in Microsoft Excel where memory contents can be improperly disclosed. The Red Hat entry and Nessus/OpenVAS advisories corroborate that Excel (Office) memory handling flaws enable exposure of user data. The concrete impact stated is informat...

5.5CVSS5AI score0.08123EPSS
CVE
CVE
added 2020/12/09 11:36 p.m.127 views

CVE-2020-17126

CVE-2020-17126 is identified as a Microsoft Excel Information Disclosure Vulnerability. The primary entry (NVD/NIST) classifies it under an information disclosure issue with a CVSS v3.1 base score of 5.5 (local access, low privileges, high confidentiality impact; no integrity/availability impact ...

5.5CVSS5.6AI score0.01074EPSS
CVE
CVE
added 2025/04/08 5:23 p.m.126 views

CVE-2025-26642

CVE-2025-26642 is a Microsoft Office remote code execution vulnerability (out-of-bounds read) that allows a local attacker to run code on the victim’s machine. Public details in connected documents indicate the issue affects Office components (e.g., Excel) and can be triggered via crafted inputs ...

7.8CVSS7.4AI score0.00761EPSS
CVE
CVE
added 2017/11/15 3:0 a.m.125 views

CVE-2017-11878

CVE-2017-11878 affects multiple Microsoft Excel/Office components (Excel 2007 SP3, 2017-era Excel/Viewer and Office Compatibility Pack SP3). The vulnerability arises from improper handling of objects in memory, leading to memory corruption that can allow an attacker to execute arbitrary code in t...

9.3CVSS7.4AI score0.06167EPSS
CVE
CVE
added 2021/04/13 7:33 p.m.125 views

CVE-2021-28456

CVE-2021-28456 is a Microsoft Excel information disclosure vulnerability. The CVE is linked to Excel components and is reported in multiple sources as part of a family of vulnerabilities affecting Excel and Office products (e.g., CVE-2021-28449, CVE-2021-28451, CVE-2021-28454). The connected docu...

5.5CVSS5.9AI score0.03688EPSS
CVE
CVE
added 2022/11/09 12:0 a.m.123 views

CVE-2022-41063

CVE-2022-41063 is a Microsoft Excel remote code execution vulnerability. The connected documents confirm Excel as the affected product and cite a remote code execution issue, with the NVD entry providing a CVSSv3.1 score of 7.8 (HIGH) and a Local attack vector with User Interaction required. The ...

7.8CVSS7.9AI score0.0078EPSS
CVE
CVE
added 2019/04/09 8:16 p.m.122 views

CVE-2019-0828

CVE-2019-0828 is a Microsoft Excel remote code execution vulnerability caused by improper handling of memory objects in Excel. The Red Hat advisory and openvas/nessus entries confirm Excel (Office) is affected; the issue can allow remote code execution with the current user’s privileges, potentia...

9.3CVSS7.8AI score0.1371EPSS
CVE
CVE
added 2022/11/09 12:0 a.m.122 views

CVE-2022-41106

CVE-2022-41106 is a Microsoft Excel Remote Code Execution vulnerability. Public details in connected docs describe Excel/Office components as affected and indicate that security updates exist. Remediation in public docs includes security updates: KB5002253 for Excel 2016 (and related Office insta...

8.8CVSS8.2AI score0.02243EPSS
CVE
CVE
added 2020/09/11 5:9 p.m.121 views

CVE-2020-1594

CVE-2020-1594 is a remote-code-execution vulnerability in Microsoft Excel caused by improper handling of in-memory objects. Exploitation requires a user to open a specially crafted Excel file; code could run with the current user’s privileges, and if that user has admin rights, full control of th...

8.8CVSS8.7AI score0.03665EPSS
CVE
CVE
added 2022/11/09 12:0 a.m.121 views

CVE-2022-41104

Technical details about CVE-2022-41104 are not publicly provided in the supplied documents. Monitor for updates from official advisories; current sources only confirm a security feature bypass in Microsoft Excel without specifics.

5.5CVSS5.6AI score0.00745EPSS
CVE
CVE
added 2020/09/11 5:9 p.m.120 views

CVE-2020-1335

CVE-2020-1335 is a Microsoft Excel remote code execution vulnerability caused by improper handling of memory objects. An attacker could run arbitrary code in the user’s context, potentially taking full control if the user has admin rights. Exploitation requires the user to open a specially crafte...

8.8CVSS8.6AI score0.03665EPSS
CVE
CVE
added 2017/11/15 3:0 a.m.117 views

CVE-2017-11877

CVE-2017-11877 describes a security feature bypass in Microsoft Excel where macro settings were not enforced on a document, potentially allowing macros to run when they should be blocked. Connected MS KB update notes show the issue affects Excel 2016 (and related Excel entry points) and can be mi...

5.5CVSS6.2AI score0.04546EPSS
Total number of security vulnerabilities415