Office Online Server@- Security Vulnerabilities and Issues — Page 2 of Office Online Server@- CVE List

Lucene search

MicrosoftOffice Online Server-

89 matches found

CVE•added 2021/10/13 1:15 a.m.•115 views

CVE-2021-40485

Microsoft Excel Remote Code Execution Vulnerability

7.8CVSS7.7AI score0.00865EPSS

CVE•added 2020/07/14 11:15 p.m.•113 views

CVE-2020-1342

An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka 'Microsoft Office Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1445.

5.5CVSS6AI score0.28299EPSS

CVE•added 2021/06/08 11:15 p.m.•111 views

CVE-2021-31939

Microsoft Excel Remote Code Execution Vulnerability

7.8CVSS7.7AI score0.04196EPSS

CVE•added 2020/08/17 7:15 p.m.•110 views

CVE-2020-1503

An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data.To exploit the vulnerability, an attacker could craft a special documen...

5.5CVSS6.3AI score0.25763EPSS

CVE•added 2021/01/12 8:15 p.m.•110 views

CVE-2021-1716

Microsoft Word Remote Code Execution Vulnerability

9.3CVSS7.8AI score0.03413EPSS

CVE•added 2022/06/15 10:15 p.m.•109 views

CVE-2022-30171

Microsoft Office Information Disclosure Vulnerability

5.5CVSS6.2AI score0.04622EPSS

CVE•added 2022/11/09 10:15 p.m.•109 views

CVE-2022-41106

Microsoft Excel Remote Code Execution Vulnerability

8.8CVSS8.2AI score0.03241EPSS

CVE•added 2020/09/11 5:15 p.m.•107 views

CVE-2020-1224

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data.To exploit the vulnerability, an attacker could craft a special docume...

5.5CVSS5.9AI score0.21879EPSS

CVE•added 2021/04/13 8:15 p.m.•107 views

CVE-2021-28456

Microsoft Excel Information Disclosure Vulnerability

5.5CVSS5.9AI score0.04162EPSS

CVE•added 2020/12/10 12:15 a.m.•103 views

CVE-2020-17126

Microsoft Excel Information Disclosure Vulnerability

5.5CVSS5.6AI score0.00456EPSS

CVE•added 2020/09/11 5:15 p.m.•102 views

CVE-2020-1218

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fi...

8.8CVSS7.7AI score0.07867EPSS

CVE•added 2022/11/09 10:15 p.m.•102 views

CVE-2022-41063

Microsoft Excel Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.00435EPSS

CVE•added 2022/11/09 10:15 p.m.•102 views

CVE-2022-41103

Microsoft Word Information Disclosure Vulnerability

5.5CVSS6.1AI score0.00285EPSS

CVE•added 2020/02/11 10:15 p.m.•100 views

CVE-2020-0695

A spoofing vulnerability exists when Office Online Server does not validate origin in cross-origin communications correctly, aka 'Microsoft Office Online Server Spoofing Vulnerability'.

5.8CVSS6AI score0.00583EPSS

CVE•added 2020/08/17 7:15 p.m.•100 views

CVE-2020-1502

5.5CVSS6.3AI score0.22521EPSS

CVE•added 2019/06/12 2:29 p.m.•99 views

CVE-2019-1034

9.3CVSS7.6AI score0.12927EPSS

CVE•added 2021/12/15 3:15 p.m.•99 views

CVE-2021-43256

Microsoft Excel Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.00768EPSS

CVE•added 2020/09/11 5:15 p.m.•96 views

CVE-2020-1338

8.8CVSS7.7AI score0.07867EPSS

CVE•added 2019/11/12 7:15 p.m.•94 views

CVE-2019-1446

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.

5.5CVSS5.6AI score0.08477EPSS

CVE•added 2020/07/14 11:15 p.m.•94 views

CVE-2020-1445

An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka 'Microsoft Office Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1342.

5.5CVSS6.1AI score0.28299EPSS

CVE•added 2021/03/11 4:15 p.m.•93 views

CVE-2021-27057

Microsoft Office Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.04203EPSS

CVE•added 2021/03/11 4:15 p.m.•92 views

CVE-2021-27053

Microsoft Excel Remote Code Execution Vulnerability

7.8CVSS7.6AI score0.0356EPSS

CVE•added 2022/11/09 10:15 p.m.•91 views

CVE-2022-41060

Microsoft Word Information Disclosure Vulnerability

5.5CVSS6.1AI score0.00285EPSS

CVE•added 2025/04/08 6:16 p.m.•91 views

CVE-2025-27751

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS7.8AI score0.0041EPSS

CVE•added 2020/11/11 7:15 a.m.•90 views

CVE-2020-17065

Microsoft Excel Remote Code Execution Vulnerability

9.3CVSS7.8AI score0.04588EPSS

CVE•added 2021/02/25 11:15 p.m.•89 views

CVE-2021-24067

Microsoft Excel Remote Code Execution Vulnerability

7.8CVSS7.6AI score0.02597EPSS

CVE•added 2019/11/12 7:15 p.m.•87 views

CVE-2019-1445

A spoofing vulnerability exists when Office Online does not validate origin in cross-origin communications handlers correctly, aka 'Microsoft Office Online Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-1447.

5.8CVSS5.5AI score0.00583EPSS

CVE•added 2021/02/25 11:15 p.m.•87 views

CVE-2021-24069

Microsoft Excel Remote Code Execution Vulnerability

7.8CVSS7.6AI score0.01129EPSS

CVE•added 2021/02/25 11:15 p.m.•86 views

CVE-2021-24070

Microsoft Excel Remote Code Execution Vulnerability

7.8CVSS7.6AI score0.02597EPSS

CVE•added 2025/04/08 6:15 p.m.•85 views

CVE-2025-26642

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.

7.8CVSS7.4AI score0.001EPSS

CVE•added 2022/06/15 10:15 p.m.•84 views

CVE-2022-30159

Microsoft Office Information Disclosure Vulnerability

5.5CVSS5.7AI score0.02947EPSS

CVE•added 2025/03/11 5:16 p.m.•84 views

CVE-2025-24081

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS8AI score0.00158EPSS

CVE•added 2023/07/11 6:15 p.m.•82 views

CVE-2023-33162

Microsoft Excel Information Disclosure Vulnerability

5.5CVSS5.4AI score0.00499EPSS

CVE•added 2021/03/11 4:15 p.m.•80 views

CVE-2021-27054

Microsoft Excel Remote Code Execution Vulnerability

7.8CVSS7.6AI score0.0356EPSS

CVE•added 2019/11/12 7:15 p.m.•76 views

CVE-2019-1447

5.8CVSS5.5AI score0.00583EPSS

CVE•added 2025/03/11 5:16 p.m.•71 views

CVE-2025-24082

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS7.6AI score0.00158EPSS

CVE•added 2025/04/08 6:16 p.m.•71 views

CVE-2025-27746

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

7.8CVSS7.8AI score0.00079EPSS

CVE•added 2020/07/14 11:15 p.m.•70 views

CVE-2020-1442

A spoofing vulnerability exists when an Office Web Apps server does not properly sanitize a specially crafted request, aka 'Office Web Apps XSS Vulnerability'.

6.1CVSS6.2AI score0.00607EPSS

CVE•added 2025/03/11 5:16 p.m.•62 views

CVE-2025-24075

Stack-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS7.9AI score0.00149EPSS

Total number of security vulnerabilities89