62 matches found
CVE-2019-0585
CVE-2019-0585 is a remote code execution vulnerability in Microsoft Word/Office products caused by improper handling of objects in memory. Exploitation could occur via specially crafted Word files, potentially in contexts like email/preview panes, with the attacker gaining the same user rights as...
CVE-2014-1761
CVE-2014-1761 is a memory-corruption vulnerability in Microsoft Word triggered by crafted RTF data, allowing remote code execution or memory-corruption denial of service. Affected products include Word 2003 SP3, 2007 SP3, 2010 SP1/SP2, 2013 and 2013 RT, Word Viewer, Office Compatibility Pack SP3,...
CVE-2017-11826
CVE-2017-11826 is a remote code execution flaw in Microsoft Office family (Word, Word Viewer, Office Web Apps Server, SharePoint components, etc.) caused by improper handling of objects in memory. Affected products include Word and related Office/SharePoint servers; exploitation is possible via s...
CVE-2022-29110
CVE-2022-29110 refers to a Microsoft Excel remote code execution vulnerability documented in the NVD entry. Available connected documents provide concrete remediation: for Excel 2016, the May 10, 2022 security update KB5002196 addresses this issue (and KB5002196 notes Excel 2016 install requireme...
CVE-2023-23399
The CVE-2023-23399 vulnerability affects Microsoft Excel (Office/Excel) and is described as a remote code execution vulnerability. Exploit-DB reports a case for Microsoft Excel 365 MSO (64-bit) v2302 build 16.0.16130.20186 with RCE via a specially crafted file, illustrating a crafted-file attack ...
CVE-2021-40486
CVE-2021-40486 is a Microsoft Word remote code execution vulnerability. It can be triggered by viewing a specially crafted Word document, with attack vectors potentially including the Preview Pane. Microsoft released a patch (KB5002004) in Oct 2021 addressing Word RCE (Word 2016 context in the KB...
CVE-2022-26901
Technical details are not provided in the supplied documents. No affected products, versions, root cause, impact, or fixes are listed here. Monitor official advisories for updates.
CVE-2022-30172
CVE-2022-30172 is an Microsoft Office information disclosure vulnerability. Connected documents indicate remediation via Microsoft security updates KB5002062/KB5002222/KB5002224/KB5002214 addressing Office/SharePoint components in various Server editions. Exploitation details and affected product...
CVE-2021-40442
CVE-2021-40442 is a Microsoft Excel remote code execution vulnerability. The connected Nessus/NVIDIA sources reiterate that Excel can be exploited to run arbitrary code (RCE) on the target, with exploitation possible via Microsoft Excel/Office components. The vulnerability is addressed by Microso...
CVE-2018-0797
CVE-2018-0797 affects Microsoft Word components in Office 2010/2013/2016 where remote code execution can occur through specially crafted RTF content due to memory handling. Public details show Word memory corruption vulnerability enabling code execution when opening malicious files. Microsoft rel...
CVE-2019-1201
CVE-2019-1201 affects Microsoft Word; it is a remote code execution in Word’s memory handling when processing crafted files. Exploitation requires a user to open a specially crafted Word document, with attack vectors including email attachments (or previews in Outlook) and web-hosted files. The v...
CVE-2022-30173
CVE-2022-30173 is identified as a Microsoft Excel Remote Code Execution vulnerability. Connected sources confirm an Excel-related RCE in Office/Excel 2016 and reference security update KB5002208 as the remediation path. The documents do not disclose the exact root cause, vulnerable component/vers...
CVE-2021-31179
Technical details about CVE-2021-31179 are not provided in the supplied documents. Monitor for updates from Microsoft and vulnerability databases for affected products, root cause, and remediation.
CVE-2021-28453
CVE-2021-28453 is a Microsoft Word remote code execution vulnerability. The primary sources (NVD entry for CVE-2021-28453) and connected Nessus plugins reference Word/Office products being affected by a remote code execution vulnerability tied to this CVE. Some Nessus entries list Word/Office as ...
CVE-2016-0025
CVE-2016-0025 is a memory corruption vulnerability in Microsoft Office products that allows remote code execution via a crafted Office document. Affected software includes Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office 2016, Word 2016, Word for Mac 2011, Wo...
CVE-2021-31177
CVE-2021-31177 is a Microsoft Office/Excel remote code execution vulnerability. Connected sources confirm affected products include Microsoft Office and Excel (C2R and MSI variants) with the issue originating from Office/Excel handling crafted content. Patches released May 11, 2021 (KB5001918 for...
CVE-2021-1714
CVE-2021-1714 is an Excel remote code execution vulnerability affecting Microsoft Excel (Office). The connected sources indicate a vulnerability in Excel with a CVSS v3.1 base score of 7.8 (HIGH) and an attack vector LOCAL requiring user interaction, with confidentiality, integrity, and availabil...
CVE-2021-40474
CVE-2021-40474 : Microsoft Excel remote code execution vulnerability. According to the sources, it affects Office/Excel components and has a CVSSv3.1 base score of 7.8 (vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). The issue is described as a local vulnerability that requires user intera...
CVE-2021-31176
CVE-2021-31176 is a Microsoft Office remote code execution vulnerability affecting Office 2013/2016. Public documentation in the provided connected sources confirms a remote code execution class issue, with Microsoft reference pages and Nessus/OpenVAS entries listing CVE-2021-31176 among Office u...
CVE-2021-31939
CVE-2021-31939 is a Microsoft Excel remote code execution vulnerability reported in the office/Excel component. According to the connected sources, the issue can allow an attacker to execute arbitrary code on a vulnerable system when a user opens or processes specially crafted content, with the C...
CVE-2023-23396
CVE-2023-23396 affects Microsoft Excel (and related Office components) with a Denial-of-Service condition. The vulnerability is described in Microsoft advisories as Excel DoS, affecting multiple Excel/Office versions (as listed in KBs like KB5002362/KB5002356). The underlying cause is not detaile...
CVE-2021-1715
CVE-2021-1715 is a Microsoft Word Remote Code Execution vulnerability. The CVE is referenced in several January 2021 security-update advisories (Word/Office products) and appears in Nessus plugins cataloging Word and Office patches alongside related CVEs (e.g., CVE-2021-1716). The connected docum...
CVE-2017-8509
CVE-2017-8509 is an Office remote code execution vulnerability that arises when Office components mishandle objects in memory, allowing an attacker to take control of an affected system if a user opens a crafted Office file. Public details in connected documents indicate the vulnerability affects...
CVE-2021-31175
CVE-2021-31175 is a Microsoft Office/Excel remote code execution vulnerability described as a Microsoft Office Remote Code Execution Vulnerability. Connection documents confirm it is part of a set of Office/Excel remote code execution vulnerabilities addressed by May 2021 security updates (e.g., ...
CVE-2021-1713
CVE-2021-1713 corresponds to a Microsoft Excel remote code execution vulnerability affecting Office/Excel products. The connected documents confirm multiple Office-related CVEs in January 2021 (CVE-2021-1713 among others) with Microsoft security updates issued in that period. The provided sources...
CVE-2021-31178
CVE-2021-31178 is described in the connected documents as an information-disclosure vulnerability in Microsoft Office. The Nessus/OpenVAS entries reference this CVE as part of the Office May 2021 vulnerability set and note affected products (Office/Excel) and the need for security updates, listin...
CVE-2021-28454
CVE-2021-28454 = Microsoft Excel Remote Code Execution Vulnerability in Office suites. Root cause described as a vulnerability in Excel that allows code execution with the privileges of the logged-in user (UI: REQUIRED, vector: LOCAL). Affected products include various Office versions that includ...
CVE-2021-31174
CVE-2021-31174 is a Microsoft Excel information-disclosure vulnerability. The CVSSv3.1 base score is 5.5 (MEDIUM) with LOCAL attack vector, LOW attack complexity, and HIGH confidentiality impact (I:N, C:H, A:N). Public references in the connected documents indicate this CVE is addressed by the Ex...
CVE-2021-40472
CVE-2021-40472 is an information-disclosure vulnerability in Microsoft Excel. The NVD entry lists CVSS v3.1 impact: confidentiality HIGH with LOCAL attack vector, low complexity, and no user interaction (base score 5.5). CVSS v2.0 reflects a lower base score (2.1). The connected documents confirm...
CVE-2022-41061
CVE-2022-41061 is a Microsoft Word remote code execution vulnerability. The CVSS v3.1 base score is 7.8 (HIGH), with LOCAL attack vector, LOW attack complexity, and user interaction required; impact is high for confidentiality, integrity, and availability. Affected: Microsoft Word / Office compon...
CVE-2021-28451
CVE-2021-28451 is a Microsoft Excel remote code execution vulnerability. Public documentation in the initial record shows CVSS v3.1 base score 7.8 (HIGH) with LOCAL, LOW-C, UI:R, CONSEQUENCES: HIGH for confidentiality, integrity, and availability. The connected Microsoft security advisories indic...
CVE-2021-34518
CVE-2021-34518 is an Excel Remote Code Execution vulnerability affecting Microsoft Excel/Office. NT/LOCAL exploitability is reported when handling Excel files, with Microsoft patching via the July 2021 security updates (e.g., KB5001977 for Excel 2016). Connected sources also reference Nessus plug...
CVE-2021-1716
CVE-2021-1716 is a Microsoft Word Remote Code Execution vulnerability. The initial entry confirms a Word-related RCE with CVSS v3.1 base score 7.8 (HIGH) and local attack vector, with user interaction required. Connected sources (Nessus/Office/SharePoint plugin data) reference CVE-2021-1716 as pa...
CVE-2022-30171
Technical details about CVE-2022-30171 (affected product/version, root cause, impact, or fixes) are not provided in the connected documents. Monitor for updates.
CVE-2022-41060
CVE-2022-41060 is a Microsoft Word information disclosure vulnerability. The connected documents reference Word/Office components affected by the November 2022 updates and Office Web Apps Server updates (e.g., KB5002261, KB5002276) addressing Word information disclosure and related vulnerabilitie...
CVE-2022-41103
CVE-2022-41103 is Microsoft Word Information Disclosure Vulnerability. Connected sources indicate it is referenced alongside Word/Office and SharePoint update bundles (e.g., Word C2R and SharePoint November 2022 patches). The vulnerability is described as information disclosure; no explicit root-...
CVE-2021-28456
CVE-2021-28456 is a Microsoft Excel information disclosure vulnerability. The CVE is linked to Excel components and is reported in multiple sources as part of a family of vulnerabilities affecting Excel and Office products (e.g., CVE-2021-28449, CVE-2021-28451, CVE-2021-28454). The connected docu...
CVE-2022-41063
CVE-2022-41063 is a Microsoft Excel remote code execution vulnerability. The connected documents confirm Excel as the affected product and cite a remote code execution issue, with the NVD entry providing a CVSSv3.1 score of 7.8 (HIGH) and a Local attack vector with User Interaction required. The ...
CVE-2017-8511
Technical details for CVE-2017-8511 (affected Office component, root cause, impact, fix) are not provided in the Connected documents. Monitor for updates; no public technical details available in the supplied sources.
CVE-2017-8742
Two CVEs (CVE-2017-8742 and CVE-2017-8743) describe remote code execution in Microsoft PowerPoint family and associated server/web apps due to improper handling of objects in memory. CVE-2017-8742 affects PowerPoint up to 2016, PowerPoint Viewer 2007, SharePoint Server 2013 SP1, SharePoint Enterp...
CVE-2022-41106
CVE-2022-41106 is a Microsoft Excel Remote Code Execution vulnerability. Public details in connected docs describe Excel/Office components as affected and indicate that security updates exist. Remediation in public docs includes security updates: KB5002253 for Excel 2016 (and related Office insta...
CVE-2018-8577
CVE-2018-8577 affects Microsoft Excel (and related Office components). The vulnerability arises when Excel fails to properly handle objects in memory, enabling a remote code execution where an attacker could run arbitrary code in the context of the current user. CVSSv3 vector indicates a local at...
CVE-2019-0561
CVE-2019-0561 is an information-disclosure vulnerability in Microsoft Word/Office related to improper handling of Word fields, specifically via Word macro buttons. The issue allows reading arbitrary files from the targeted system. Multiple Nessus/OpenVAS entries and advisories group CVE-2019-0561...
CVE-2017-0195
CVE-2017-0195 affects Microsoft SharePoint/Office Web Apps stack (e.g., SharePoint Server, Excel Services, Excel Web Apps, Office Web Apps Server, Office Online Server). The vulnerability enables remote attackers to perform cross-site scripting and to run script with local user privileges via a c...
CVE-2016-0022
CVE-2016-0022 corresponds to a memory corruption vulnerability in Microsoft Office components (Word and related Word/Office Suite on Windows and Mac) that could allow remote code execution via a crafted Office document. Connected sources indicate this is tied to MS16-015 and affects Word 2007 SP3...
CVE-2016-3357
CVE-2016-3357 is a Microsoft Office memory corruption vulnerability: multiple Office components (Word/Excel/PowerPoint and related servers) allow remote code execution via a crafted document. Root cause cited as improper handling of objects in memory. Affected products span Office 2007 SP3 throug...
CVE-2017-8512
Technical details about CVE-2017-8512 (affected product/version/root cause/impact/fix) are not provided in the connected documents. Monitor official advisories for updates; current materials do not specify exploitation or remediation information.
CVE-2014-1754
CVE-2014-1754 is a cross-site scripting (XSS) vulnerability affecting Microsoft SharePoint Server 2013 (Gold/SP1), SharePoint Foundation 2013 (Gold/SP1), Office Web Apps Server 2013 (Gold/SP1), and SharePoint Server 2013 Client Components SDK. The issue allows remote attackers to inject arbitrary...
CVE-2015-0085
CVE-2015-0085 is a use-after-free vulnerability in Microsoft Office components (including Office 2007/2010/2013 suites and related SharePoint/Viewer components) that enables remote code execution via a crafted Office document. The issue affects a broad set of Office applications and SharePoint-re...
CVE-2022-30159
CVE-2022-30159 is identified as a Microsoft Office information disclosure vulnerability referenced by security updates KB5002062/KB5002222/KB5002224. The connected documents indicate affected ecosystems include SharePoint Server and Microsoft Office components, with remediation via the listed sec...