Office@2010 Security Vulnerabilities and Issues — Page 3 of Office@2010 CVE List

Lucene search

MicrosoftOffice2010

258 matches found

CVE•added 2017/06/15 1:29 a.m.•98 views

CVE-2017-8534

Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, Windows Server 2016, Microsoft Office 2007 SP3, and Microsoft Office 2010 SP2 allows improper disclosure of memory contents, aka "Windows Uniscr...

6.5CVSS5AI score0.17084EPSS

CVE•added 2017/03/17 12:59 a.m.•97 views

CVE-2017-0031

Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Word 2007 SP3, and Word 2010 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." This vulnerability is differen...

9.3CVSS6.7AI score0.23473EPSS

CVE•added 2017/06/15 1:29 a.m.•97 views

CVE-2017-8533

Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows improper disclosure of memory contents, aka "Graphics Uniscribe Information Disclosure Vulnerability". This ...

6.5CVSS5.1AI score0.24455EPSS

CVE•added 2019/03/06 12:0 a.m.•96 views

CVE-2019-0540

A security feature bypass vulnerability exists when Microsoft Office does not validate URLs.An attacker could send a victim a specially crafted file, which could trick the victim into entering credentials, aka 'Microsoft Office Security Feature Bypass Vulnerability'.

5.5CVSS5.5AI score0.12875EPSS

CVE•added 2016/10/14 2:59 a.m.•95 views

CVE-2016-3209

Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync ...

5.5CVSS6AI score0.18446EPSS

CVE•added 2017/06/15 1:29 a.m.•95 views

CVE-2017-0289

Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows improper disclosure of memory contents, aka "Windows Graphics Information Disclosure Vulnerability". This CV...

5CVSS5.1AI score0.24455EPSS

CVE•added 2019/11/12 7:15 p.m.•95 views

CVE-2019-1402

An information disclosure vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka 'Microsoft Office Information Disclosure Vulnerability'.

5.5CVSS5.1AI score0.02127EPSS

CVE•added 2015/08/15 12:59 a.m.•94 views

CVE-2015-2463

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, Silverlight b...

9.3CVSS7.3AI score0.52873EPSS

CVE•added 2018/11/14 1:29 a.m.•94 views

CVE-2018-8577

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel. This C...

9.3CVSS7.9AI score0.19365EPSS

CVE•added 2019/03/06 12:0 a.m.•94 views

CVE-2019-0672

A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0671, CVE-2019-0673, CVE-2019-0674, CVE-...

9.3CVSS7.9AI score0.31336EPSS

CVE•added 2019/12/10 10:15 p.m.•94 views

CVE-2019-1400

An information disclosure vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory, aka 'Microsoft Access Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1463.

5.5CVSS5AI score0.01654EPSS

CVE•added 2019/11/12 7:15 p.m.•94 views

CVE-2019-1446

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.

5.5CVSS5.6AI score0.08477EPSS

CVE•added 2020/07/14 11:15 p.m.•94 views

CVE-2020-1445

An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka 'Microsoft Office Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1342.

5.5CVSS6.1AI score0.28299EPSS

CVE•added 2016/05/11 1:59 a.m.•93 views

CVE-2016-0140

Microsoft Office 2007 SP3, Office 2010 SP2, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

9.3CVSS7.8AI score0.29275EPSS

CVE•added 2021/03/11 4:15 p.m.•93 views

CVE-2021-27057

Microsoft Office Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.04203EPSS

CVE•added 2017/06/15 1:29 a.m.•92 views

CVE-2017-0282

Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, Windows Server 2016, Microsoft Office 2007 SP3, and Microsoft Office 2010 SP2 allows improper disclosure of memory contents, aka "Windows ...

5CVSS4.9AI score0.17084EPSS

CVE•added 2017/06/15 1:29 a.m.•92 views

CVE-2017-0284

5CVSS4.9AI score0.17084EPSS

CVE•added 2017/06/15 1:29 a.m.•92 views

CVE-2017-8510

A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8511, CVE-2017-8512, CVE-2017-0260, and CVE-2017-8506.

9.3CVSS7.2AI score0.36403EPSS

CVE•added 2020/08/17 7:15 p.m.•92 views

CVE-2020-1497

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data.To exploit the vulnerability, an attacker could craft a special docume...

5.5CVSS6.3AI score0.25763EPSS

CVE•added 2016/08/09 9:59 p.m.•91 views

CVE-2016-3303

The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Office 2007 SP3, Office 2010 SP2, Word Viewer, Skype for Business 2016, Lync 2013 SP1, Lync 2010, Lync 2010 Attendee, and Live Meeting 2007 Console allows remote attackers to execute arbitrar...

9.3CVSS7.8AI score0.49401EPSS

CVE•added 2016/10/14 2:59 a.m.•91 views

CVE-2016-3396

9.3CVSS8.9AI score0.32397EPSS

CVE•added 2019/04/09 9:29 p.m.•91 views

CVE-2019-0801

A remote code execution vulnerability exists when Microsoft Office fails to properly handle certain files.To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted URL file that points to an Excel or PowerPoint file that was also downloaded.The update addre...

7.8CVSS7.7AI score0.23271EPSS

CVE•added 2019/05/16 7:29 p.m.•91 views

CVE-2019-0946

9.3CVSS7.9AI score0.24224EPSS

CVE•added 2017/06/15 1:29 a.m.•90 views

CVE-2017-0285

Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, Windows Server 2016, Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, and Microsoft Office Word Viewer allows improper disclosure of ...

5CVSS4.9AI score0.17084EPSS

CVE•added 2019/03/06 12:0 a.m.•90 views

CVE-2019-0673

9.3CVSS7.9AI score0.31336EPSS

CVE•added 2019/01/08 9:29 p.m.•89 views

CVE-2019-0561

An information disclosure vulnerability exists when Microsoft Word macro buttons are used improperly, aka "Microsoft Word Information Disclosure Vulnerability." This affects Microsoft Word, Office 365 ProPlus, Microsoft Office, Word.

5.5CVSS6.1AI score0.13337EPSS

CVE•added 2019/05/16 7:29 p.m.•89 views

CVE-2019-0945

9.3CVSS7.9AI score0.24224EPSS

CVE•added 2020/11/11 7:15 a.m.•89 views

CVE-2020-17064

Microsoft Excel Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.06172EPSS

CVE•added 2016/09/14 10:59 a.m.•88 views

CVE-2016-3357

Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Word for Mac 2011, Word 2016 for Mac, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, SharePoint Server 2013 SP1, Excel Automation Services on SharePoint Server 2013 SP1, Word Automati...

9.3CVSS7.6AI score0.29428EPSS

CVE•added 2018/05/09 7:29 p.m.•88 views

CVE-2018-8147

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8148, CVE-2018-8162.

9.3CVSS7.9AI score0.24873EPSS

CVE•added 2018/10/10 1:29 p.m.•88 views

CVE-2018-8502

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in Protected View, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel.

9.3CVSS8.8AI score0.20562EPSS

CVE•added 2018/12/12 12:29 a.m.•88 views

CVE-2018-8587

A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook.

9.3CVSS6.1AI score0.46569EPSS

CVE•added 2019/03/06 12:0 a.m.•88 views

CVE-2019-0671

9.3CVSS7.9AI score0.31336EPSS

CVE•added 2015/08/15 12:59 a.m.•87 views

CVE-2015-2435

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, a...

9.3CVSS7.4AI score0.33527EPSS

CVE•added 2016/05/11 1:59 a.m.•87 views

CVE-2016-0198

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corr...

9.3CVSS7.8AI score0.24136EPSS

CVE•added 2017/03/17 12:59 a.m.•87 views

CVE-2017-0030

Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Office Web Apps Server 2010 SP2, Word 2007 SP3, Word 2010 SP2, and Word Automation Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted documen...

9.3CVSS6.7AI score0.23473EPSS

CVE•added 2017/03/17 12:59 a.m.•87 views

CVE-2017-0053

Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Word 2007 SP3, Word 2010 SP2, Word 2013 SP1, Word 2013 R2 SP1, Word 2016, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory ...

9.3CVSS6.7AI score0.23473EPSS

CVE•added 2019/04/09 9:29 p.m.•87 views

CVE-2019-0824

7.8CVSS7.8AI score0.19127EPSS

CVE•added 2016/10/14 2:59 a.m.•86 views

CVE-2016-3263

5.5CVSS6AI score0.19061EPSS

CVE•added 2018/01/10 1:29 a.m.•86 views

CVE-2018-0794

Microsoft Word in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0792...

9.3CVSS8.8AI score0.60791EPSS

CVE•added 2019/04/09 9:29 p.m.•86 views

CVE-2019-0827

7.8CVSS7.8AI score0.19127EPSS

CVE•added 2015/08/15 12:59 a.m.•85 views

CVE-2015-2455

9.3CVSS7.3AI score0.57455EPSS

CVE•added 2016/01/13 5:59 a.m.•85 views

CVE-2016-0012

Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013...

4.3CVSS5.1AI score0.13313EPSS

CVE•added 2016/06/16 1:59 a.m.•85 views

CVE-2016-3234

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers t...

5.5CVSS5.4AI score0.35929EPSS

CVE•added 2018/04/12 1:29 a.m.•85 views

CVE-2018-0950

An information disclosure vulnerability exists when Office renders Rich Text Format (RTF) email messages containing OLE objects when a message is opened or previewed, aka "Microsoft Office Information Disclosure Vulnerability." This affects Microsoft Word, Microsoft Office. This CVE ID is unique fr...

6.5CVSS5.4AI score0.14964EPSS

CVE•added 2018/12/12 12:29 a.m.•85 views

CVE-2018-8627

An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Micros...

5.5CVSS4.9AI score0.19881EPSS

CVE•added 2017/03/17 12:59 a.m.•84 views

CVE-2017-0029

Microsoft Office 2010 SP2, Word 2010 SP2, Word 2013 RT SP1, and Word 2016 allow remote attackers to cause a denial of service (application hang) via a crafted Office document, aka "Microsoft Office Denial of Service Vulnerability."

5.5CVSS5.8AI score0.22643EPSS

CVE•added 2018/01/10 1:29 a.m.•84 views

CVE-2018-0795

Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Remote Code Execution Vulnerability".

9.3CVSS8.8AI score0.36911EPSS

CVE•added 2015/08/15 12:59 a.m.•83 views

CVE-2015-2456

9.3CVSS7.3AI score0.57455EPSS

CVE•added 2018/11/14 1:29 a.m.•83 views

CVE-2018-8539

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Microsoft SharePoint Server, Microsoft Office. This CVE ID is unique from CVE-2018-8573.

9.3CVSS7.9AI score0.16422EPSS

Total number of security vulnerabilities258