Office Online Server@* Security Vulnerabilities and Issues — Office Online Server@* CVE List

Lucene search

MicrosoftOffice Online Server*

35 matches found

CVE•added 2018/12/12 12:29 a.m.•484 views

CVE-2018-8628

A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft PowerPoint, Microsoft SharePoint, ...

9.3CVSS6.1AI score0.35597EPSS

CVE•added 2025/02/11 6:15 p.m.•233 views

CVE-2025-21381

Microsoft Excel Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.00267EPSS

CVE•added 2025/01/14 6:16 p.m.•130 views

CVE-2025-21362

Microsoft Excel Remote Code Execution Vulnerability

8.4CVSS7.8AI score0.00415EPSS

CVE•added 2017/09/13 1:29 a.m.•121 views

CVE-2017-8631

A remote code execution vulnerability exists in Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Web Apps 2013, Microsoft Office Compatibility...

9.3CVSS7.6AI score0.27499EPSS

CVE•added 2024/05/14 5:17 p.m.•117 views

CVE-2024-30042

Microsoft Excel Remote Code Execution Vulnerability

7.8CVSS7AI score0.00388EPSS

CVE•added 2019/10/10 2:15 p.m.•107 views

CVE-2019-1331

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1327.

9.3CVSS8.8AI score0.37247EPSS

CVE•added 2017/04/12 2:59 p.m.•97 views

CVE-2017-0195

Microsoft Excel Services on Microsoft SharePoint Server 2010 SP1 and SP2, Microsoft Excel Web Apps 2010 SP2, Microsoft Office Web Apps 2010 SP2, Microsoft Office Web Apps Server 2013 SP1 and Office Online Server allows remote attackers to perform cross-site scripting and run script with local user ...

5.4CVSS5.2AI score0.01103EPSS

CVE•added 2025/02/11 6:15 p.m.•96 views

CVE-2025-21387

Microsoft Excel Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.00189EPSS

CVE•added 2017/09/13 1:29 a.m.•93 views

CVE-2017-8743

A remote code execution vulnerability exists in Microsoft PowerPoint 2016, Microsoft SharePoint Enterprise Server 2016, and Office Online Server when they fail to properly handle objects in memory, aka "PowerPoint Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8742.

9.3CVSS7.8AI score0.32412EPSS

CVE•added 2016/09/14 10:59 a.m.•91 views

CVE-2016-3358

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Automation Services on SharePoint Server 2013 S...

9.3CVSS7.7AI score0.28595EPSS

CVE•added 2025/01/14 6:16 p.m.•91 views

CVE-2025-21354

Microsoft Excel Remote Code Execution Vulnerability

8.4CVSS7.8AI score0.00428EPSS

CVE•added 2024/09/10 5:15 p.m.•82 views

CVE-2024-43465

Microsoft Excel Elevation of Privilege Vulnerability

7.8CVSS7.6AI score0.00771EPSS

CVE•added 2016/07/13 1:59 a.m.•80 views

CVE-2016-3282

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Shar...

9.3CVSS7.6AI score0.38399EPSS

CVE•added 2025/06/10 5:23 p.m.•74 views

CVE-2025-47165

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS8AI score0.0041EPSS

CVE•added 2016/09/14 10:59 a.m.•73 views

CVE-2016-3362

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Automation Services on SharePoint Server 2013 SP1, and Office Onlin...

9.3CVSS7.6AI score0.21695EPSS

CVE•added 2025/02/11 6:15 p.m.•68 views

CVE-2025-21394

Microsoft Excel Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.00148EPSS

CVE•added 2016/09/14 10:59 a.m.•67 views

CVE-2016-3365

9.3CVSS7.6AI score0.21695EPSS

CVE•added 2025/05/13 5:16 p.m.•64 views

CVE-2025-30377

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

8.4CVSS8.9AI score0.00106EPSS

CVE•added 2025/02/11 6:15 p.m.•63 views

CVE-2025-21390

Microsoft Excel Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.00148EPSS

CVE•added 2025/02/11 6:15 p.m.•61 views

CVE-2025-21386

Microsoft Excel Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.00148EPSS

CVE•added 2025/05/13 5:16 p.m.•56 views

CVE-2025-30383

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS7.5AI score0.00271EPSS

CVE•added 2025/05/13 5:15 p.m.•52 views

CVE-2025-29979

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS8.1AI score0.00139EPSS

CVE•added 2025/05/13 5:15 p.m.•52 views

CVE-2025-30375

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS7.5AI score0.00271EPSS

CVE•added 2025/05/13 5:16 p.m.•52 views

CVE-2025-30376

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS8AI score0.00139EPSS

CVE•added 2025/05/13 5:16 p.m.•50 views

CVE-2025-30379

Release of invalid pointer or reference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS7.5AI score0.00139EPSS

CVE•added 2025/05/13 5:15 p.m.•49 views

CVE-2025-29977

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS8.2AI score0.00139EPSS

CVE•added 2025/05/13 5:16 p.m.•48 views

CVE-2025-30381

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS7.6AI score0.00139EPSS

CVE•added 2025/07/08 5:15 p.m.•46 views

CVE-2025-49697

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

8.4CVSS7.3AI score0.00066EPSS

CVE•added 2025/07/08 5:15 p.m.•33 views

CVE-2025-49711

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS7.3AI score0.00079EPSS

CVE•added 2025/07/08 5:15 p.m.•26 views

CVE-2025-48812

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

5.5CVSS6AI score0.00058EPSS

CVE•added 6 days ago•7 views

CVE-2025-54898

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS6.8AI score0.0006EPSS

CVE•added 6 days ago•7 views

CVE-2025-54900

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS7.2AI score0.00058EPSS

CVE•added 6 days ago•7 views

CVE-2025-54903

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS7AI score0.00058EPSS

CVE•added 6 days ago•7 views

CVE-2025-54904

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS7AI score0.00067EPSS

CVE•added 6 days ago•6 views

CVE-2025-54896

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS7AI score0.0006EPSS