Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
MicrosoftOffice

474 matches found

CVE
CVEadded 2017/04/12 2:59 p.m.3618 views

CVE-2017-0199

Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office/WordPad Remote Code...

9.3CVSS8.3AI score0.94366EPSS
CVE
CVEadded 2017/11/15 3:29 a.m.2535 views

CVE-2017-11882

Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corrup...

9.3CVSS8.3AI score0.94384EPSS
CVE
CVEadded 2018/01/10 1:29 a.m.2248 views

CVE-2018-0802

Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797 a...

9.3CVSS8.5AI score0.94103EPSS
CVE
CVEadded 2023/03/14 5:15 p.m.1719 views

CVE-2023-23397

Microsoft Outlook Elevation of Privilege Vulnerability

9.8CVSS8.3AI score0.93606EPSS
CVE
CVEadded 2012/04/10 9:55 p.m.1631 views

CVE-2012-0158

The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 20...

9.3CVSS7.8AI score0.94314EPSS
CVE
CVEadded 2017/07/11 9:29 p.m.1297 views

CVE-2017-8570

Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0243.

9.3CVSS8AI score0.94247EPSS
CVE
CVEadded 2010/11/10 3:0 a.m.1249 views

CVE-2010-3333

Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via crafted RTF data, aka "RTF Stack Buffer Overflow...

9.3CVSS8.1AI score0.93964EPSS
CVE
CVEadded 2018/01/10 1:29 a.m.1241 views

CVE-2018-0798

Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability".

9.3CVSS8.8AI score0.9418EPSS
CVE
CVEadded 2012/08/15 1:55 a.m.1183 views

CVE-2012-1856

The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office 2003 SP3, Office 2003 Web Components SP3, Office 2007 SP2 and SP3, Office 2010 SP1, SQL Server 2000 SP4, SQL Server 2005 SP4, SQL Server 2008 SP2, SP3, R2, R2 SP1, and R2 SP2, Commerce Server 2002 SP4, Commerce ...

9.3CVSS7.9AI score0.91953EPSS
CVE
CVEadded 2015/04/14 8:59 p.m.1154 views

CVE-2015-1641

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, and Office Web Apps Server 2010 SP2 and 2013 SP1 allow remote attackers to execute arbitra...

9.3CVSS9.4AI score0.9353EPSS
CVE
CVEadded 2019/01/08 9:29 p.m.1134 views

CVE-2019-0585

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft SharePoint, Microsof...

9.3CVSS8.3AI score0.32912EPSS
CVE
CVEadded 2017/05/12 2:29 p.m.1065 views

CVE-2017-0262

Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0261 and CVE-2017-0281.

9.3CVSS8AI score0.92255EPSS
CVE
CVEadded 2013/11/06 3:55 p.m.1055 views

CVE-2013-3906

GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote attackers to execute arbitrary code via a crafted TIFF image, as demonstrated by an image in a Wo...

9.3CVSS9.4AI score0.92746EPSS
CVE
CVEadded 2017/05/12 2:29 p.m.1053 views

CVE-2017-0261

Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0262 and CVE-2017-0281.

9.3CVSS8AI score0.92255EPSS
CVE
CVEadded 2013/06/12 3:29 a.m.1040 views

CVE-2013-1331

Buffer overflow in Microsoft Office 2003 SP3 and Office 2011 for Mac allows remote attackers to execute arbitrary code via crafted PNG data in an Office document, leading to improper memory allocation, aka "Office Buffer Overflow Vulnerability."

9.3CVSS7.8AI score0.86654EPSS
CVE
CVEadded 2019/09/11 10:15 p.m.1038 views

CVE-2019-1297

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.

9.3CVSS8.8AI score0.56776EPSS
CVE
CVEadded 2019/01/08 9:29 p.m.1024 views

CVE-2019-0541

A remote code execution vulnerability exists in the way that the MSHTML engine inproperly validates input, aka "MSHTML Engine Remote Code Execution Vulnerability." This affects Microsoft Office, Microsoft Office Word Viewer, Internet Explorer 9, Internet Explorer 11, Microsoft Excel Viewer, Interne...

9.3CVSS7.9AI score0.84144EPSS
CVE
CVEadded 2014/03/25 1:24 p.m.996 views

CVE-2014-1761

Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Word Viewer; Office Compatibility Pack SP3; Office for Mac 2011; Word Automation Services on SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Office Web Apps Server 2013 allow remote attackers ...

9.3CVSS9.3AI score0.92827EPSS
CVE
CVEadded 2015/06/10 1:59 a.m.961 views

CVE-2015-1770

Microsoft Office 2013 SP1 and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Uninitialized Memory Use Vulnerability."

9.3CVSS7.5AI score0.73204EPSS
CVE
CVEadded 2009/11/11 7:30 p.m.950 views

CVE-2009-3129

Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows re...

9.3CVSS7.5AI score0.8993EPSS
CVE
CVEadded 2009/06/10 6:0 p.m.946 views

CVE-2009-0563

Stack-based buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; Microsoft Office Word Viewer 2003 SP3; Microsoft Office Word Viewer; and Microsoft Office Compatibility Pack for Word, Excel...

9.3CVSS8.1AI score0.77896EPSS
CVE
CVEadded 2009/06/10 6:30 p.m.939 views

CVE-2009-0557

Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel Viewer; and Microsoft Office Compatibility ...

9.3CVSS7.5AI score0.83015EPSS
CVE
CVEadded 2015/07/14 9:59 p.m.916 views

CVE-2015-2424

Microsoft PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, Word 2010 SP2, PowerPoint 2013 SP1, Word 2013 SP1, and PowerPoint 2013 RT SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Mem...

9.3CVSS9.3AI score0.76606EPSS
CVE
CVEadded 2015/09/09 12:59 a.m.910 views

CVE-2015-2545

Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted EPS image, aka "Microsoft Office Malformed EPS File Vulnerability."

9.3CVSS7.4AI score0.93252EPSS
CVE
CVEadded 2016/10/14 2:59 a.m.906 views

CVE-2016-7193

Microsoft Word 2007 SP2, Office 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 201...

9.3CVSS7.8AI score0.78411EPSS
CVE
CVEadded 2015/08/15 12:59 a.m.903 views

CVE-2015-1642

Microsoft Office 2007 SP3, 2010 SP2, and 2013 SP1 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."

9.3CVSS7.5AI score0.64711EPSS
CVE
CVEadded 2024/02/13 6:16 p.m.897 views

CVE-2024-21413

Microsoft Outlook Remote Code Execution Vulnerability

9.8CVSS9.6AI score0.9377EPSS
CVE
CVEadded 2023/02/14 8:15 p.m.575 views

CVE-2023-21716

Microsoft Word Remote Code Execution Vulnerability

9.8CVSS9.6AI score0.91148EPSS
CVE
CVEadded 2024/08/12 1:38 p.m.498 views

CVE-2024-38200

Microsoft Office Spoofing Vulnerability

9.1CVSS7.5AI score0.5572EPSS
CVE
CVEadded 2018/12/12 12:29 a.m.482 views

CVE-2018-8628

A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft PowerPoint, Microsoft SharePoint, ...

9.3CVSS6.1AI score0.35597EPSS
CVE
CVEadded 2023/09/12 5:15 p.m.444 views

CVE-2023-36765

Microsoft Office Elevation of Privilege Vulnerability

9.8CVSS8.6AI score0.00102EPSS
CVE
CVEadded 2018/04/12 1:29 a.m.376 views

CVE-2018-1028

A remote code execution vulnerability exists when the Office graphics component improperly handles specially crafted embedded fonts, aka "Microsoft Office Graphics Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft SharePoint, Excel, Microsoft SharePoint Server.

9.3CVSS8.3AI score0.29608EPSS
CVE
CVEadded 2020/10/16 11:15 p.m.253 views

CVE-2020-16947

<p>A remote code execution vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the targeted user. If the targeted user is logged on with a...

9.3CVSS7.7AI score0.54529EPSS
CVE
CVEadded 2017/05/12 2:29 p.m.238 views

CVE-2017-0281

Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2016, Office Online Server 2016, Office Web Apps 2010 SP2,Office Web Apps 2013 SP1, Project Server 2013 SP1, SharePoint Enterprise Server 2013 SP1, SharePoint Enterprise Server 2016, SharePoint Foundation 2013 SP1, Sharepoint Serve...

9.3CVSS8.1AI score0.92255EPSS
CVE
CVEadded 2019/07/29 2:9 p.m.201 views

CVE-2019-1111

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1110.

9.3CVSS8.8AI score0.27063EPSS
CVE
CVEadded 2020/01/14 11:15 p.m.193 views

CVE-2020-0650

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0651, CVE-2020-0653.

9.3CVSS7.9AI score0.33474EPSS
CVE
CVEadded 2017/07/11 9:29 p.m.187 views

CVE-2017-0243

Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8570.

9.3CVSS8AI score0.94247EPSS
CVE
CVEadded 2019/07/29 2:8 p.m.182 views

CVE-2019-1110

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1111.

9.3CVSS8.8AI score0.27063EPSS
CVE
CVEadded 2019/08/14 9:15 p.m.180 views

CVE-2019-1151

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; ...

9.3CVSS9.1AI score0.33915EPSS
CVE
CVEadded 2019/01/08 9:29 p.m.178 views

CVE-2019-0538

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Se...

9.3CVSS8AI score0.35437EPSS
CVE
CVEadded 2012/05/09 12:55 a.m.176 views

CVE-2012-1847

Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2008 and 2011 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and SP3 do not properly handle memory during the opening of files, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka ...

9.3CVSS7.9AI score0.63939EPSS
CVE
CVEadded 2009/06/10 6:0 p.m.175 views

CVE-2009-0565

Buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute...

9.3CVSS7.8AI score0.76558EPSS
CVE
CVEadded 2012/05/09 12:55 a.m.171 views

CVE-2012-0167

Heap-based buffer overflow in the Office GDI+ library in Microsoft Office 2003 SP3 and 2007 SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted EMF image in an Office document, aka "GDI+ Heap Overflow Vulnerability."

9.3CVSS7.9AI score0.65939EPSS
CVE
CVEadded 2020/12/10 12:15 a.m.170 views

CVE-2020-17128

Microsoft Excel Remote Code Execution Vulnerability

9.3CVSS7.8AI score0.05864EPSS
CVE
CVEadded 2019/08/14 9:15 p.m.169 views

CVE-2019-1155

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open...

9.3CVSS8.8AI score0.09677EPSS
CVE
CVEadded 2018/01/10 1:29 a.m.166 views

CVE-2018-0797

Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way RTF content is handled, aka "Microsoft Word Memory Corruption Vulnerability".

9.3CVSS8.2AI score0.44732EPSS
CVE
CVEadded 2019/09/11 10:15 p.m.165 views

CVE-2019-1246

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1240, CVE-2019-1241, CVE-2019-1242, CVE-2019-1243, CVE-2019-1247, CVE-2019-1248,...

9.3CVSS8.5AI score0.35463EPSS
CVE
CVEadded 2012/05/09 12:55 a.m.164 views

CVE-2012-0165

GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2 and Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1 does not properly validate record types in EMF images, which allows remote attackers to execute arbitrary code via a crafted image, aka "GDI+ Record Type Vulnerability."

9.3CVSS7.5AI score0.62114EPSS
CVE
CVEadded 2015/12/09 11:59 a.m.160 views

CVE-2015-6108

The Windows font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT Gold and 8.1; Office 2007 SP3; Office 2010 SP2; Word Viewer; .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and ...

9.3CVSS7.4AI score0.47364EPSS
CVE
CVEadded 2020/06/09 8:15 p.m.158 views

CVE-2020-1225

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1226.

9.3CVSS8.5AI score0.20625EPSS
Total number of security vulnerabilities474