Office@2013 Security Vulnerabilities and Issues — Office@2013 CVE List

Lucene search

MicrosoftOffice2013

178 matches found

CVE•added 2017/04/12 2:59 p.m.•3619 views

CVE-2017-0199

Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office/WordPad Remote Code...

9.3CVSS8.3AI score0.94366EPSS

CVE•added 2017/11/15 3:29 a.m.•2536 views

CVE-2017-11882

Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corrup...

9.3CVSS8.3AI score0.94384EPSS

CVE•added 2018/01/10 1:29 a.m.•2249 views

CVE-2018-0802

Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797 a...

9.3CVSS8.5AI score0.94103EPSS

CVE•added 2017/07/11 9:29 p.m.•1298 views

CVE-2017-8570

Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0243.

9.3CVSS8AI score0.94247EPSS

CVE•added 2021/11/10 1:19 a.m.•1266 views

CVE-2021-42292

Microsoft Excel Security Feature Bypass Vulnerability

7.8CVSS7.6AI score0.17906EPSS

CVE•added 2018/01/10 1:29 a.m.•1242 views

CVE-2018-0798

Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability".

9.3CVSS8.8AI score0.9418EPSS

CVE•added 2017/05/12 2:29 p.m.•1066 views

CVE-2017-0262

Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0261 and CVE-2017-0281.

9.3CVSS8AI score0.92255EPSS

CVE•added 2021/09/15 12:15 p.m.•1063 views

CVE-2021-38646

Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability

7.8CVSS7.5AI score0.66345EPSS

CVE•added 2017/05/12 2:29 p.m.•1054 views

CVE-2017-0261

9.3CVSS8AI score0.92255EPSS

CVE•added 2021/03/11 4:15 p.m.•1044 views

CVE-2021-27059

Microsoft Office Remote Code Execution Vulnerability

8.5CVSS7.7AI score0.01615EPSS

CVE•added 2019/01/08 9:29 p.m.•1025 views

CVE-2019-0541

A remote code execution vulnerability exists in the way that the MSHTML engine inproperly validates input, aka "MSHTML Engine Remote Code Execution Vulnerability." This affects Microsoft Office, Microsoft Office Word Viewer, Internet Explorer 9, Internet Explorer 11, Microsoft Excel Viewer, Interne...

9.3CVSS7.9AI score0.84144EPSS

CVE•added 2015/06/10 1:59 a.m.•962 views

CVE-2015-1770

Microsoft Office 2013 SP1 and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Uninitialized Memory Use Vulnerability."

9.3CVSS7.5AI score0.73204EPSS

CVE•added 2015/07/14 9:59 p.m.•916 views

CVE-2015-2424

Microsoft PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, Word 2010 SP2, PowerPoint 2013 SP1, Word 2013 SP1, and PowerPoint 2013 RT SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Mem...

9.3CVSS9.3AI score0.76606EPSS

CVE•added 2015/09/09 12:59 a.m.•910 views

CVE-2015-2545

Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted EPS image, aka "Microsoft Office Malformed EPS File Vulnerability."

9.3CVSS7.4AI score0.93252EPSS

CVE•added 2015/08/15 12:59 a.m.•903 views

CVE-2015-1642

Microsoft Office 2007 SP3, 2010 SP2, and 2013 SP1 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."

9.3CVSS7.5AI score0.64711EPSS

CVE•added 2023/09/12 5:15 p.m.•498 views

CVE-2023-36767

Microsoft Office Security Feature Bypass Vulnerability

4.3CVSS4.8AI score0.00327EPSS

CVE•added 2023/09/12 5:15 p.m.•432 views

CVE-2023-41764

Microsoft Office Spoofing Vulnerability

5.5CVSS5.6AI score0.001EPSS

CVE•added 2018/04/12 1:29 a.m.•376 views

CVE-2018-1028

A remote code execution vulnerability exists when the Office graphics component improperly handles specially crafted embedded fonts, aka "Microsoft Office Graphics Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft SharePoint, Excel, Microsoft SharePoint Server.

9.3CVSS8.3AI score0.29608EPSS

CVE•added 2023/06/14 12:15 a.m.•267 views

CVE-2023-33137

Microsoft Excel Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.02565EPSS

CVE•added 2019/07/15 7:15 p.m.•253 views

CVE-2019-1084

An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. An authenticated attacker could exploit this vulnerability by creating entities with invalid display names, which, when added to conversations, remain invisib...

6.5CVSS5.3AI score0.07824EPSS

CVE•added 2022/10/11 7:15 p.m.•251 views

CVE-2022-38048

Microsoft Office Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.03153EPSS

CVE•added 2017/05/12 2:29 p.m.•239 views

CVE-2017-0281

Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2016, Office Online Server 2016, Office Web Apps 2010 SP2,Office Web Apps 2013 SP1, Project Server 2013 SP1, SharePoint Enterprise Server 2013 SP1, SharePoint Enterprise Server 2016, SharePoint Foundation 2013 SP1, Sharepoint Serve...

9.3CVSS8.1AI score0.92255EPSS

CVE•added 2023/03/14 5:15 p.m.•211 views

CVE-2023-23399

Microsoft Excel Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.01945EPSS

CVE•added 2022/02/09 5:15 p.m.•204 views

CVE-2022-22003

Microsoft Office Graphics Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.01746EPSS

CVE•added 2022/07/12 11:15 p.m.•202 views

CVE-2022-33632

Microsoft Office Security Feature Bypass Vulnerability

4.7CVSS4.9AI score0.00118EPSS

CVE•added 2019/07/29 2:9 p.m.•201 views

CVE-2019-1111

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1110.

9.3CVSS8.8AI score0.27063EPSS

CVE•added 2022/08/09 8:15 p.m.•197 views

CVE-2022-34717

Microsoft Office Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.02866EPSS

CVE•added 2022/04/15 7:15 p.m.•194 views

CVE-2022-26901

Microsoft Excel Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.00557EPSS

CVE•added 2021/05/11 7:15 p.m.•182 views

CVE-2021-28455

Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability

8.8CVSS9.3AI score0.09683EPSS

CVE•added 2021/06/08 11:15 p.m.•177 views

CVE-2021-31941

Microsoft Office Graphics Remote Code Execution Vulnerability

7.8CVSS7.6AI score0.03164EPSS

CVE•added 2018/08/15 5:29 p.m.•176 views

CVE-2018-8378

An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Office Information Disclosure Vulnerability." This affects Word, Microsoft SharePoint Server, Microso...

5.5CVSS4.9AI score0.23003EPSS

CVE•added 2020/10/16 11:15 p.m.•176 views

CVE-2020-16929

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ...

7.8CVSS7.9AI score0.11232EPSS

CVE•added 2019/08/14 9:15 p.m.•169 views

CVE-2019-1155

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open...

9.3CVSS8.8AI score0.09677EPSS

CVE•added 2020/04/15 3:15 p.m.•166 views

CVE-2020-0760

A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991.

8.8CVSS8.5AI score0.34566EPSS

CVE•added 2019/09/11 10:15 p.m.•165 views

CVE-2019-1246

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1240, CVE-2019-1241, CVE-2019-1242, CVE-2019-1243, CVE-2019-1247, CVE-2019-1248,...

9.3CVSS8.5AI score0.35463EPSS

CVE•added 2021/05/11 7:15 p.m.•160 views

CVE-2021-31179

Microsoft Office Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.0296EPSS

CVE•added 2021/06/08 11:15 p.m.•157 views

CVE-2021-31940

Microsoft Office Graphics Remote Code Execution Vulnerability

7.8CVSS7.7AI score0.02989EPSS

CVE•added 2020/10/16 11:15 p.m.•155 views

CVE-2020-16954

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with adminis...

7.8CVSS7.7AI score0.10674EPSS

CVE•added 2018/01/10 1:29 a.m.•153 views

CVE-2018-0812

Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Memory Corruption Vulnerability".

9.3CVSS8.2AI score0.38537EPSS

CVE•added 2021/05/11 7:15 p.m.•153 views

CVE-2021-31177

Microsoft Office Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.03529EPSS

CVE•added 2023/07/11 6:15 p.m.•153 views

CVE-2023-33148

Microsoft Office Elevation of Privilege Vulnerability

7.8CVSS7.6AI score0.0127EPSS

CVE•added 2022/01/11 9:15 p.m.•152 views

CVE-2022-21840

Microsoft Office Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.09199EPSS

CVE•added 2023/08/08 6:15 p.m.•152 views

CVE-2023-36896

Microsoft Excel Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.00766EPSS

CVE•added 2021/10/13 1:15 a.m.•151 views

CVE-2021-40454

Rich Text Edit Control Information Disclosure Vulnerability

5.5CVSS6.7AI score0.00145EPSS

CVE•added 2021/04/13 8:15 p.m.•150 views

CVE-2021-28449

Microsoft Office Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.03567EPSS

CVE•added 2023/08/08 6:15 p.m.•150 views

CVE-2023-36895

Microsoft Outlook Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.00564EPSS

CVE•added 2020/10/16 11:15 p.m.•149 views

CVE-2020-16930

7.8CVSS7.7AI score0.1023EPSS

CVE•added 2021/05/11 7:15 p.m.•148 views

CVE-2021-31176

Microsoft Office Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.03397EPSS

CVE•added 2019/01/08 9:29 p.m.•146 views

CVE-2019-0582

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Se...

9.3CVSS8AI score0.35437EPSS

CVE•added 2022/01/11 9:15 p.m.•143 views

CVE-2022-21841

Microsoft Excel Remote Code Execution Vulnerability

9.3CVSS8.2AI score0.01942EPSS

Total number of security vulnerabilities178