Lucene search

K
MicrosoftVisio

56 matches found

CVE
CVE
added 2016/06/16 1:59 a.m.993 views

CVE-2016-3235

Microsoft Visio 2007 SP3, Visio 2010 SP2, Visio 2013 SP1, Visio 2016, Visio Viewer 2007 SP3, and Visio Viewer 2010 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Loading Vulnerability."

9.3CVSS7AI score0.85808EPSS
CVE
CVE
added 2024/02/13 6:15 p.m.349 views

CVE-2024-20673

Microsoft Office Remote Code Execution Vulnerability

7.8CVSS7.7AI score0.00408EPSS
CVE
CVE
added 2020/04/15 3:15 p.m.166 views

CVE-2020-0760

A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991.

8.8CVSS8.5AI score0.34566EPSS
CVE
CVE
added 2023/01/10 10:15 p.m.147 views

CVE-2023-21736

Microsoft Office Visio Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.00358EPSS
CVE
CVE
added 2023/01/10 10:15 p.m.146 views

CVE-2023-21737

Microsoft Office Visio Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.00939EPSS
CVE
CVE
added 2009/10/14 10:30 a.m.133 views

CVE-2009-2528

GDI+ in Microsoft Office XP SP3 does not properly handle malformed objects in Office Art Property Tables, which allows remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka "Memory Corruption Vulnerability."

9.3CVSS7.2AI score0.43234EPSS
CVE
CVE
added 2013/05/15 3:36 a.m.132 views

CVE-2013-1301

Microsoft Visio 2003 SP3 2007 SP3, and 2010 SP1 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, aka "XML External Entities Resolution Vulnerability."

4.3CVSS6.6AI score0.26804EPSS
CVE
CVE
added 2024/09/19 5:15 p.m.127 views

CVE-2024-38016

Microsoft Office Visio Remote Code Execution Vulnerability

7.8CVSS7.7AI score0.01278EPSS
CVE
CVE
added 2023/08/08 6:15 p.m.125 views

CVE-2023-35372

Microsoft Office Visio Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.00458EPSS
CVE
CVE
added 2013/03/13 12:55 a.m.122 views

CVE-2013-0079

Microsoft Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visio file that triggers incorrect memory allocation, aka "Visio Viewer Tree Object Type Confusion Vulnerability."

9.3CVSS7.4AI score0.59512EPSS
CVE
CVE
added 2012/08/15 1:55 a.m.121 views

CVE-2012-1888

Buffer overflow in Microsoft Visio 2010 SP1 and Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visio file, aka "Visio DXF File Format Buffer Overflow Vulnerability."

9.3CVSS7.7AI score0.59759EPSS
CVE
CVE
added 2009/10/14 10:30 a.m.119 views

CVE-2009-2500

Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office ...

9.3CVSS7.9AI score0.54154EPSS
CVE
CVE
added 2009/10/14 10:30 a.m.119 views

CVE-2009-3126

Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office ...

9.3CVSS9.7AI score0.48214EPSS
CVE
CVE
added 2008/09/11 1:1 a.m.114 views

CVE-2007-5348

Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 20...

9.3CVSS8AI score0.76417EPSS
CVE
CVE
added 2004/09/28 4:0 a.m.112 views

CVE-2004-0200

Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy oper...

9.3CVSS7.6AI score0.75514EPSS
CVE
CVE
added 2023/01/10 10:15 p.m.110 views

CVE-2023-21741

Microsoft Office Visio Information Disclosure Vulnerability

7.1CVSS6.7AI score0.00864EPSS
CVE
CVE
added 2023/08/08 6:15 p.m.108 views

CVE-2023-36866

Microsoft Office Visio Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.00458EPSS
CVE
CVE
added 2009/10/14 10:30 a.m.105 views

CVE-2009-2501

Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP...

9.3CVSS9.7AI score0.42403EPSS
CVE
CVE
added 2022/09/13 7:15 p.m.101 views

CVE-2022-38010

Microsoft Office Visio Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.00523EPSS
CVE
CVE
added 2009/10/14 10:30 a.m.97 views

CVE-2009-2502

Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office E...

9.3CVSS9.7AI score0.42434EPSS
CVE
CVE
added 2008/09/11 1:11 a.m.94 views

CVE-2008-3013

gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, S...

9.3CVSS7.7AI score0.74609EPSS
CVE
CVE
added 2008/09/11 1:11 a.m.86 views

CVE-2008-3014

Buffer overflow in gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital ...

9.3CVSS7.8AI score0.71547EPSS
CVE
CVE
added 2022/12/13 7:15 p.m.86 views

CVE-2022-44695

Microsoft Office Visio Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.00479EPSS
CVE
CVE
added 2015/11/11 11:59 a.m.85 views

CVE-2015-2503

Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 SP2, OneNote 2010 SP2, PowerPoint 2010 SP2, Projec...

9.3CVSS6.8AI score0.20241EPSS
CVE
CVE
added 2016/01/13 5:59 a.m.85 views

CVE-2016-0012

Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013...

4.3CVSS5.1AI score0.13313EPSS
CVE
CVE
added 2009/10/14 10:30 a.m.83 views

CVE-2009-2503

GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Of...

9.3CVSS9.6AI score0.41156EPSS
CVE
CVE
added 2009/10/14 10:30 a.m.81 views

CVE-2009-2504

Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project...

9.3CVSS9.7AI score0.46054EPSS
CVE
CVE
added 2021/03/11 4:15 p.m.80 views

CVE-2021-27055

Microsoft Visio Security Feature Bypass Vulnerability

7CVSS6.6AI score0.00222EPSS
CVE
CVE
added 2008/04/08 11:5 p.m.78 views

CVE-2008-1089

Unspecified vulnerability in Microsoft Visio 2002 SP2, 2003 SP2 and SP3, and 2007 up to SP1 allows user-assisted remote attackers to execute arbitrary code via a Visio file containing crafted object header data, aka "Visio Object Header Vulnerability."

9.3CVSS7.3AI score0.5085EPSS
CVE
CVE
added 2008/04/08 11:5 p.m.78 views

CVE-2008-1090

Unspecified vulnerability in Microsoft Visio 2002 SP2, 2003 SP2 and SP3, and 2007 up to SP1 allows user-assisted remote attackers to execute arbitrary code via a crafted .DXF file, aka "Visio Memory Validation Vulnerability."

9.3CVSS7.3AI score0.59441EPSS
CVE
CVE
added 2009/02/10 10:30 p.m.78 views

CVE-2009-0097

Microsoft Office Visio 2002 SP2 and 2003 SP3 does not properly validate memory allocation for Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Memory Corruption Vulnerability."

9.3CVSS7.6AI score0.48662EPSS
CVE
CVE
added 2009/02/10 10:30 p.m.75 views

CVE-2009-0096

Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 does not properly perform memory copy operations for object data, which allows remote attackers to execute arbitrary code via a crafted Visio document, aka "Memory Corruption Vulnerability."

9.3CVSS7.6AI score0.59773EPSS
CVE
CVE
added 2015/08/15 12:59 a.m.74 views

CVE-2015-2423

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Vis...

4.3CVSS6.4AI score0.206EPSS
CVE
CVE
added 2006/10/10 10:7 p.m.72 views

CVE-2006-3877

Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-20...

9.3CVSS7.1AI score0.55161EPSS
CVE
CVE
added 2009/02/10 10:30 p.m.72 views

CVE-2009-0095

Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 does not properly validate object data in Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Memory Validation Vulnerability."

9.3CVSS7.5AI score0.48662EPSS
CVE
CVE
added 2008/09/11 1:11 a.m.70 views

CVE-2008-3015

Integer overflow in gdiplus.dll in GDI+ in Microsoft Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and ...

9.3CVSS8AI score0.71538EPSS
CVE
CVE
added 2005/02/08 5:0 a.m.69 views

CVE-2004-0848

Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location containing long inputs after (1) "%00 (null byte) in .doc filenames or (2) "%0a" (carriage return) in .rtf filenames.

7.5CVSS7.8AI score0.42122EPSS
CVE
CVE
added 2024/09/10 5:15 p.m.69 views

CVE-2024-43463

Microsoft Office Visio Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.00971EPSS
CVE
CVE
added 2008/09/11 1:11 a.m.66 views

CVE-2008-3012

gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, S...

9.3CVSS7.7AI score0.70686EPSS
CVE
CVE
added 2016/09/14 10:59 a.m.65 views

CVE-2016-3364

Microsoft Visio 2016 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."

9.3CVSS7.7AI score0.22656EPSS
CVE
CVE
added 2005/08/19 4:0 a.m.64 views

CVE-2005-2127

Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, as originally demo...

7.5CVSS7.8AI score0.42713EPSS
CVE
CVE
added 2015/10/14 1:59 a.m.62 views

CVE-2015-2557

Buffer overflow in Microsoft Visio 2007 SP3 and 2010 SP2 allows remote attackers to execute arbitrary code via crafted UML data in an Office document, aka "Microsoft Office Memory Corruption Vulnerability."

9.3CVSS7.8AI score0.34582EPSS
CVE
CVE
added 2007/02/03 1:28 a.m.61 views

CVE-2007-0671

Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks.

9.3CVSS7.5AI score0.62106EPSS
CVE
CVE
added 2011/08/10 9:55 p.m.60 views

CVE-2011-1972

Microsoft Visio 2003 SP3, 2007 SP2, and 2010 Gold and SP1 does not properly validate objects in memory during Visio file parsing, which allows remote attackers to execute arbitrary code via a crafted file, aka "pStream Release RCE Vulnerability."

9.3CVSS7.5AI score0.61029EPSS
CVE
CVE
added 2011/08/10 9:55 p.m.59 views

CVE-2011-1979

Microsoft Visio 2003 SP3 and 2007 SP2 does not properly validate objects in memory during Visio file parsing, which allows remote attackers to execute arbitrary code via a crafted file, aka "Move Around the Block RCE Vulnerability."

9.3CVSS7.5AI score0.61029EPSS
CVE
CVE
added 2003/10/20 4:0 a.m.58 views

CVE-2003-0347

Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications (VBA) SDK 5.0 through 6.3 allows remote attackers to execute arbitrary code via a document with a long ID parameter.

10CVSS8AI score0.70456EPSS
CVE
CVE
added 2006/10/10 10:7 p.m.57 views

CVE-2006-3864

Unspecified vulnerability in mso.dll in Microsoft Office 2000, XP, and 2003, and Microsoft PowerPoint 2000, XP, and 2003, allows remote user-assisted attackers to execute arbitrary code via a malformed record in a (1) .DOC, (2) .PPT, or (3) .XLS file that triggers memory corruption, related to an "...

9.3CVSS7.2AI score0.54494EPSS
CVE
CVE
added 2010/08/27 7:0 p.m.55 views

CVE-2010-3148

Untrusted search path vulnerability in Microsoft Visio 2003 SP3 allows local users to gain privileges via a Trojan horse mfc71enu.dll file in the current working directory, as demonstrated by a directory that contains a .vsd, .vdx, .vst, or .vtx file, aka "Microsoft Visio Insecure Library Loading V...

9.3CVSS6.3AI score0.26525EPSS
CVE
CVE
added 2007/06/12 7:30 p.m.52 views

CVE-2007-0936

Multiple unspecified vulnerabilities in Microsoft Visio 2002 allow remote user-assisted attackers to execute arbitrary code via a Visio (.VSD, VSS, .VST) file with a crafted packed object that triggers memory corruption, aka "Visio Document Packaging Vulnerability."

9.3CVSS7.4AI score0.60754EPSS
CVE
CVE
added 2010/05/06 12:47 p.m.50 views

CVE-2010-1681

Buffer overflow in VISIODWG.DLL before 10.0.6880.4 in Microsoft Office Visio allows user-assisted remote attackers to execute arbitrary code via a crafted DXF file, a different vulnerability than CVE-2010-0254 and CVE-2010-0256.

7.6CVSS7.5AI score0.79079EPSS
Total number of security vulnerabilities56