Office Online Server Security Vulnerabilities and Issues — Office Online Server CVE List

Lucene search

MicrosoftOffice Online Server

35 matches found

CVE•added 2019/01/08 9:29 p.m.•1134 views

CVE-2019-0585

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft SharePoint, Microsof...

9.3CVSS8.3AI score0.32912EPSS

CVE•added 2017/10/13 1:29 p.m.•914 views

CVE-2017-11826

Microsoft Office 2010, SharePoint Enterprise Server 2010, SharePoint Server 2010, Web Applications, Office Web Apps Server 2010 and 2013, Word Viewer, Word 2007, 2010, 2013 and 2016, Word Automation Services, and Office Online Server allow remote code execution when the software fails to properly h...

9.3CVSS7.9AI score0.89654EPSS

CVE•added 2023/02/14 8:15 p.m.•576 views

CVE-2023-21716

Microsoft Word Remote Code Execution Vulnerability

9.8CVSS9.6AI score0.91148EPSS

CVE•added 2018/12/12 12:29 a.m.•482 views

CVE-2018-8628

A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft PowerPoint, Microsoft SharePoint, ...

9.3CVSS6.1AI score0.35597EPSS

CVE•added 2017/05/12 2:29 p.m.•239 views

CVE-2017-0281

Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2016, Office Online Server 2016, Office Web Apps 2010 SP2,Office Web Apps 2013 SP1, Project Server 2013 SP1, SharePoint Enterprise Server 2013 SP1, SharePoint Enterprise Server 2016, SharePoint Foundation 2013 SP1, Sharepoint Serve...

9.3CVSS8.1AI score0.92255EPSS

CVE•added 2020/12/10 12:15 a.m.•170 views

CVE-2020-17128

Microsoft Excel Remote Code Execution Vulnerability

9.3CVSS7.8AI score0.05864EPSS

CVE•added 2018/01/10 1:29 a.m.•167 views

CVE-2018-0797

Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way RTF content is handled, aka "Microsoft Word Memory Corruption Vulnerability".

9.3CVSS8.2AI score0.44732EPSS

CVE•added 2019/08/14 9:15 p.m.•155 views

CVE-2019-1201

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. The file could then...

9.3CVSS7.8AI score0.12398EPSS

CVE•added 2020/12/10 12:15 a.m.•144 views

CVE-2020-17123

Microsoft Excel Remote Code Execution Vulnerability

9.3CVSS7.8AI score0.04999EPSS

CVE•added 2016/06/16 1:59 a.m.•143 views

CVE-2016-0025

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office 2016, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Offi...

9.3CVSS7.2AI score0.2879EPSS

CVE•added 2021/01/12 8:15 p.m.•136 views

CVE-2021-1715

Microsoft Word Remote Code Execution Vulnerability

9.3CVSS7.8AI score0.0208EPSS

CVE•added 2020/12/10 12:15 a.m.•134 views

CVE-2020-17129

Microsoft Excel Remote Code Execution Vulnerability

9.3CVSS7.8AI score0.06001EPSS

CVE•added 2019/08/14 9:15 p.m.•128 views

CVE-2019-1205

9.8CVSS8.8AI score0.12237EPSS

CVE•added 2020/12/10 12:15 a.m.•126 views

CVE-2020-17125

Microsoft Excel Remote Code Execution Vulnerability

9.3CVSS7.8AI score0.06001EPSS

CVE•added 2019/06/12 2:29 p.m.•121 views

CVE-2019-1035

9.3CVSS7.6AI score0.13047EPSS

CVE•added 2020/08/17 7:15 p.m.•121 views

CVE-2020-1495

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ...

9.3CVSS8.7AI score0.15901EPSS

CVE•added 2020/03/12 4:15 p.m.•120 views

CVE-2020-0852

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0850, CVE-2020-0851, CVE-2020-0855, CVE-2020-0892.

9.3CVSS8AI score0.33652EPSS

CVE•added 2019/05/16 7:29 p.m.•119 views

CVE-2019-0953

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'.

9.3CVSS7.9AI score0.25636EPSS

CVE•added 2017/09/13 1:29 a.m.•118 views

CVE-2017-8631

A remote code execution vulnerability exists in Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Web Apps 2013, Microsoft Office Compatibility...

9.3CVSS7.6AI score0.27499EPSS

CVE•added 2020/04/15 3:15 p.m.•118 views

CVE-2020-0980

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'.

9.3CVSS8.3AI score0.33652EPSS

CVE•added 2020/03/12 4:15 p.m.•110 views

CVE-2020-0892

9.3CVSS8AI score0.33652EPSS

CVE•added 2021/01/12 8:15 p.m.•110 views

CVE-2021-1716

Microsoft Word Remote Code Execution Vulnerability

9.3CVSS7.8AI score0.03413EPSS

CVE•added 2018/01/10 1:29 a.m.•109 views

CVE-2018-0792

Microsoft Word 2016 in Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0794.

9.3CVSS8.8AI score0.60791EPSS

CVE•added 2019/10/10 2:15 p.m.•106 views

CVE-2019-1331

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1327.

9.3CVSS8.8AI score0.37247EPSS

CVE•added 2017/06/15 1:29 a.m.•102 views

CVE-2017-8511

A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8512, CVE-2017-0260, and CVE-2017-8506.

9.3CVSS7.2AI score0.36403EPSS

CVE•added 2019/06/12 2:29 p.m.•99 views

CVE-2019-1034

9.3CVSS7.6AI score0.12927EPSS

CVE•added 2020/11/11 7:15 a.m.•90 views

CVE-2020-17065

Microsoft Excel Remote Code Execution Vulnerability

9.3CVSS7.8AI score0.04588EPSS

CVE•added 2016/09/14 10:59 a.m.•88 views

CVE-2016-3358

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Automation Services on SharePoint Server 2013 S...

9.3CVSS7.7AI score0.28595EPSS

CVE•added 2017/09/13 1:29 a.m.•88 views

CVE-2017-8743

A remote code execution vulnerability exists in Microsoft PowerPoint 2016, Microsoft SharePoint Enterprise Server 2016, and Office Online Server when they fail to properly handle objects in memory, aka "PowerPoint Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8742.

9.3CVSS7.8AI score0.32412EPSS

CVE•added 2017/06/15 1:29 a.m.•82 views

CVE-2017-8512

9.3CVSS7.2AI score0.36403EPSS

CVE•added 2016/07/13 1:59 a.m.•77 views

CVE-2016-3282

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Shar...

9.3CVSS7.6AI score0.41944EPSS

CVE•added 2017/07/11 9:29 p.m.•77 views

CVE-2017-8501

Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8502.

9.3CVSS7.8AI score0.29765EPSS

CVE•added 2016/09/14 10:59 a.m.•70 views

CVE-2016-3362

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Automation Services on SharePoint Server 2013 SP1, and Office Onlin...

9.3CVSS7.6AI score0.21695EPSS

CVE•added 2018/03/14 5:29 p.m.•68 views

CVE-2018-0922

Microsoft Office 2010 SP2, 2013 SP1, and 2016, Microsoft Office 2016 Click-to-Run Microsoft Office 2016 for Mac, Microsoft Office Compatibility Pack SP2, Microsoft Office Web Apps 2010 SP2, Microsoft Office Web Apps 2013 SP1, Microsoft Office Word Viewer, Microsoft SharePoint Enterprise Server 2013...

9.3CVSS7.8AI score0.19242EPSS

CVE•added 2016/09/14 10:59 a.m.•62 views

CVE-2016-3365

9.3CVSS7.6AI score0.21695EPSS