Lucene search

K

266 matches found

CVE
CVE
added 2018/09/13 12:29 a.m.55 views

CVE-2018-8331

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Office.

9.3CVSS8.1AI score0.20037EPSS
CVE
CVE
added 2018/05/23 1:29 p.m.54 views

CVE-2018-8176

A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly validate XML content, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft Office.

9.3CVSS9AI score0.30898EPSS
CVE
CVE
added 2006/09/27 7:7 p.m.53 views

CVE-2006-4694

Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office XP and Office 2003 allows user-assisted attackers to execute arbitrary code via a crafted record in a PPT file, as exploited by malware such as Exploit:Win32/Controlppt.W, Exploit:Win32/Controlppt.X, and Exploit-PPT.d/Trojan.P...

9.3CVSS7AI score0.46461EPSS
CVE
CVE
added 2025/06/10 5:23 p.m.52 views

CVE-2025-47173

Improper input validation in Microsoft Office allows an unauthorized attacker to execute code locally.

7.8CVSS7.7AI score0.00059EPSS
CVE
CVE
added 2008/02/12 11:0 p.m.51 views

CVE-2007-0065

Heap-based buffer overflow in Object Linking and Embedding (OLE) Automation in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, Office 2004 for Mac, and Visual basic 6.0 SP6 allows remote attackers to execute arbitrary code via a crafted script request.

10CVSS7.7AI score0.58404EPSS
CVE
CVE
added 2025/05/13 5:16 p.m.51 views

CVE-2025-30388

Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.

7.8CVSS8AI score0.00079EPSS
CVE
CVE
added 2018/08/15 5:29 p.m.49 views

CVE-2018-8412

An elevation of privilege vulnerability exists when the Microsoft AutoUpdate (MAU) application for Mac improperly validates updates before executing them, aka "Microsoft (MAU) Office Elevation of Privilege Vulnerability." This affects Microsoft Office.

7.8CVSS7.5AI score0.01422EPSS
CVE
CVE
added 2025/05/13 5:15 p.m.49 views

CVE-2025-29979

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS8.1AI score0.00079EPSS
CVE
CVE
added 2007/02/13 8:28 p.m.47 views

CVE-2006-1311

The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute arbitrary code via a malformed OLE object in an RTF...

9.3CVSS7.4AI score0.68598EPSS
CVE
CVE
added 2007/06/19 10:30 p.m.44 views

CVE-2007-3282

Buffer overflow in the Microsoft Office MSODataSourceControl ActiveX object allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to the DeleteRecordSourceIfUnused method.

7.8CVSS7.9AI score0.46593EPSS
CVE
CVE
added 2007/06/07 9:30 p.m.41 views

CVE-2007-3109

The CERN Image Map Dispatcher (htimage.exe) in Microsoft FrontPage allows remote attackers to determine the existence, and possibly partial contents, of arbitrary files under the web root via a relative pathname in the PATH_INFO.

6.4CVSS6.7AI score0.19989EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.22 views

CVE-2025-49697

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

8.4CVSS7.3AI score0.00057EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.19 views

CVE-2025-49696

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.

8.4CVSS6.8AI score0.00075EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.18 views

CVE-2025-49695

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

8.4CVSS7.3AI score0.00075EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.17 views

CVE-2025-47994

Deserialization of untrusted data in Microsoft Office allows an unauthorized attacker to elevate privileges locally.

8.6CVSS6.4AI score0.00136EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.15 views

CVE-2025-49702

Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.

7.8CVSS6.9AI score0.00117EPSS
Total number of security vulnerabilities266