Lucene search

K
MicrosoftOffice

938 matches found

CVE
CVE
added 2020/08/17 7:15 p.m.106 views

CVE-2020-1498

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ...

9.3CVSS8.7AI score0.15901EPSS
CVE
CVE
added 2009/10/14 10:30 a.m.105 views

CVE-2009-2501

Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP...

9.3CVSS9.7AI score0.42403EPSS
CVE
CVE
added 2019/09/11 10:15 p.m.105 views

CVE-2019-1264

A security feature bypass vulnerability exists when Microsoft Office improperly handles input, aka 'Microsoft Office Security Feature Bypass Vulnerability'.

7.8CVSS7.5AI score0.07973EPSS
CVE
CVE
added 2020/11/11 7:15 a.m.105 views

CVE-2020-17062

Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability

9.3CVSS7.6AI score0.04588EPSS
CVE
CVE
added 2022/11/09 10:15 p.m.105 views

CVE-2022-41107

Microsoft Office Graphics Remote Code Execution Vulnerability

7.8CVSS7.6AI score0.00374EPSS
CVE
CVE
added 2009/08/12 5:30 p.m.104 views

CVE-2009-0562

The Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and Acceleration (ISA) Server 2004 SP3 and 2006 SP1, and Office...

9.3CVSS7.5AI score0.65426EPSS
CVE
CVE
added 2015/08/15 12:59 a.m.104 views

CVE-2015-2464

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, Silverlight b...

9.3CVSS7.3AI score0.52873EPSS
CVE
CVE
added 2017/06/15 1:29 a.m.104 views

CVE-2017-8511

A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8512, CVE-2017-0260, and CVE-2017-8506.

9.3CVSS7.2AI score0.36403EPSS
CVE
CVE
added 2019/12/10 10:15 p.m.104 views

CVE-2019-1464

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.

5.5CVSS5AI score0.13324EPSS
CVE
CVE
added 2020/08/17 7:15 p.m.104 views

CVE-2020-1494

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ...

9.3CVSS8.7AI score0.15375EPSS
CVE
CVE
added 2013/01/09 6:9 p.m.103 views

CVE-2013-0006

Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML Integer Truncation Vulnerability."

9.3CVSS7.5AI score0.59737EPSS
CVE
CVE
added 2017/09/13 1:29 a.m.103 views

CVE-2017-8676

The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, 1607, 1703, and Server 2016; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for Mac 2011 and 2016; ...

3.3CVSS4.9AI score0.02784EPSS
CVE
CVE
added 2020/11/11 7:15 a.m.103 views

CVE-2020-17020

Microsoft Word Security Feature Bypass Vulnerability

5.5CVSS3.5AI score0.01014EPSS
CVE
CVE
added 2020/12/10 12:15 a.m.103 views

CVE-2020-17126

Microsoft Excel Information Disclosure Vulnerability

5.5CVSS5.6AI score0.00456EPSS
CVE
CVE
added 2022/02/09 5:15 p.m.103 views

CVE-2022-22004

Microsoft Office ClickToRun Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.01601EPSS
CVE
CVE
added 2023/01/10 10:15 p.m.103 views

CVE-2023-21735

Microsoft Office Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.00318EPSS
CVE
CVE
added 2024/06/11 5:15 p.m.103 views

CVE-2024-30101

Microsoft Office Remote Code Execution Vulnerability

7.5CVSS7.7AI score0.01118EPSS
CVE
CVE
added 2025/01/14 6:16 p.m.103 views

CVE-2025-21345

Microsoft Office Visio Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.00267EPSS
CVE
CVE
added 2025/01/14 6:16 p.m.103 views

CVE-2025-21395

Microsoft Access Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.00351EPSS
CVE
CVE
added 2016/08/09 9:59 p.m.102 views

CVE-2016-3301

The Windows font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010...

9.3CVSS7.8AI score0.50403EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.102 views

CVE-2017-0014

The Windows Graphics Component in Microsoft Office 2010 SP2; Windows Server 2008 R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, ak...

7.6CVSS6.2AI score0.36288EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.102 views

CVE-2020-1218

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fi...

8.8CVSS7.7AI score0.10314EPSS
CVE
CVE
added 2020/07/14 11:15 p.m.102 views

CVE-2020-1447

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1446, CVE-2020-1448.

8.8CVSS8.8AI score0.43263EPSS
CVE
CVE
added 2022/11/09 10:15 p.m.102 views

CVE-2022-41063

Microsoft Excel Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.00458EPSS
CVE
CVE
added 2022/11/09 10:15 p.m.102 views

CVE-2022-41103

Microsoft Word Information Disclosure Vulnerability

5.5CVSS6.1AI score0.003EPSS
CVE
CVE
added 2023/07/11 6:15 p.m.102 views

CVE-2023-33151

Microsoft Outlook Spoofing Vulnerability

6.5CVSS6.8AI score0.00543EPSS
CVE
CVE
added 2019/03/06 12:0 a.m.101 views

CVE-2019-0669

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.

6.5CVSS5.9AI score0.22366EPSS
CVE
CVE
added 2019/08/14 9:15 p.m.101 views

CVE-2019-1153

An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.To exploit this vulnerability, an attacker wou...

5.5CVSS6.7AI score0.04234EPSS
CVE
CVE
added 2021/10/13 1:15 a.m.101 views

CVE-2021-40480

Microsoft Office Visio Remote Code Execution Vulnerability

7.8CVSS7.6AI score0.0342EPSS
CVE
CVE
added 2022/09/13 7:15 p.m.101 views

CVE-2022-37963

Microsoft Office Visio Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.00608EPSS
CVE
CVE
added 2022/09/13 7:15 p.m.101 views

CVE-2022-38010

Microsoft Office Visio Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.00523EPSS
CVE
CVE
added 2025/03/11 5:16 p.m.101 views

CVE-2025-26630

Use after free in Microsoft Office Access allows an unauthorized attacker to execute code locally.

7.8CVSS7.6AI score0.00082EPSS
CVE
CVE
added 2025/04/08 6:16 p.m.101 views

CVE-2025-29822

Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker to bypass a security feature locally.

7.8CVSS7.1AI score0.00608EPSS
CVE
CVE
added 2017/06/15 1:29 a.m.100 views

CVE-2017-8528

Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, Windows Server 2016, Microsoft Office 2007 SP3, and Microsoft Office 2010 SP2 allows a remote code execution vulnerability due to the way it han...

9.3CVSS5.9AI score0.55105EPSS
CVE
CVE
added 2019/04/09 9:29 p.m.100 views

CVE-2019-0828

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.

9.3CVSS7.8AI score0.25636EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.100 views

CVE-2020-1335

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ...

8.8CVSS7.8AI score0.10314EPSS
CVE
CVE
added 2020/08/17 7:15 p.m.100 views

CVE-2020-1502

An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data.To exploit the vulnerability, an attacker could craft a special documen...

5.5CVSS6.3AI score0.22521EPSS
CVE
CVE
added 2020/08/17 7:15 p.m.100 views

CVE-2020-1581

An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) components handle objects in memory. An attacker who successfully exploited the vulnerability could elevate privileges. The attacker would need to already have the ability to execute code on the syste...

9.3CVSS7.8AI score0.09677EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.100 views

CVE-2020-1594

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ...

8.8CVSS7.8AI score0.10314EPSS
CVE
CVE
added 2023/07/11 6:15 p.m.100 views

CVE-2023-33150

Microsoft Office Security Feature Bypass Vulnerability

9.6CVSS9.2AI score0.00188EPSS
CVE
CVE
added 2009/07/15 3:30 p.m.99 views

CVE-2009-1136

The Microsoft Office Web Components Spreadsheet ActiveX control (aka OWC10 or OWC11), as distributed in Office XP SP3 and Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and Acceler...

9.3CVSS7.2AI score0.85958EPSS
CVE
CVE
added 2017/06/15 1:29 a.m.99 views

CVE-2017-0260

A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, and CVE-2017-8506.

9.3CVSS6.8AI score0.36403EPSS
CVE
CVE
added 2019/04/09 9:29 p.m.99 views

CVE-2019-0823

A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0824, CVE-2019-0825, CVE-2019-0826, CVE-...

7.8CVSS7.8AI score0.19127EPSS
CVE
CVE
added 2019/06/12 2:29 p.m.99 views

CVE-2019-1034

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fi...

9.3CVSS7.6AI score0.12927EPSS
CVE
CVE
added 2021/10/13 1:15 a.m.99 views

CVE-2021-40481

Microsoft Office Visio Remote Code Execution Vulnerability

7.8CVSS7AI score0.03958EPSS
CVE
CVE
added 2021/12/15 3:15 p.m.99 views

CVE-2021-43256

Microsoft Excel Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.00768EPSS
CVE
CVE
added 2024/06/11 5:16 p.m.99 views

CVE-2024-30104

Microsoft Office Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.00769EPSS
CVE
CVE
added 2016/05/11 1:59 a.m.98 views

CVE-2016-0183

The Windows font library in Microsoft Office 2010 SP2, Word 2010 SP2, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allows remote attackers to execute arbitrary code via a crafted embedded font, aka "Microsoft Office Graphics RCE Vulnerability."

9.3CVSS8.2AI score0.35188EPSS
CVE
CVE
added 2017/06/15 1:29 a.m.98 views

CVE-2017-8534

Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, Windows Server 2016, Microsoft Office 2007 SP3, and Microsoft Office 2010 SP2 allows improper disclosure of memory contents, aka "Windows Uniscr...

6.5CVSS5AI score0.17084EPSS
CVE
CVE
added 2022/11/09 10:15 p.m.98 views

CVE-2022-41104

Microsoft Excel Security Feature Bypass Vulnerability

5.5CVSS5.6AI score0.00441EPSS
Total number of security vulnerabilities938