Lucene search
+L
MicrosoftVisio2016

15 matches found

CVE
CVE
added 2016/06/16 1:0 a.m.1057 views

CVE-2016-3235

CVE-2016-3235 corresponds to a Microsoft Office OLE DLL side-loading vulnerability. Affected products include Visio 2007 SP3, Visio 2010 SP2, Visio 2013 SP1, Visio 2016 and Visio Viewer (2007/2010 variants). The root cause is improper library loading validation, allowing a crafted file or applica...

9.3CVSS7AI score0.43431EPSS
In wild
CVE
CVE
added 2024/02/13 6:2 p.m.387 views

CVE-2024-20673

CVE-2024-20673 is a Microsoft Office remote code execution vulnerability tracked across multiple office-product advisories. Public docs show high-severity risk (CVSS v3.1: 7.8), with exploitation described as a remote code execution requiring local access and user interaction in some vectors. Con...

7.8CVSS7.7AI score0.01187EPSS
CVE
CVE
added 2020/04/15 3:12 p.m.209 views

CVE-2020-0760

CVE-2020-0760 is a remote code execution vulnerability affecting Microsoft Office products (Word/Excel/PowerPoint/Visio) via improper loading of arbitrary type libraries. The root cause is how Office loads type libraries, which could allow an attacker to execute arbitrary code in the context of t...

8.8CVSS8.5AI score0.0861EPSS
CVE
CVE
added 2023/01/10 12:0 a.m.168 views

CVE-2023-21736

CVE-2023-21736 is a remote code execution vulnerability in Microsoft Office Visio (part of the Office suite). Connected sources confirm it enables arbitrary code execution and is addressed by Microsoft security updates. The CNVD/ENISA/NCSC entries categorize it as a Visio remote code execution is...

7.8CVSS7.8AI score0.00723EPSS
CVE
CVE
added 2024/09/19 5:9 p.m.166 views

CVE-2024-38016

CVE-2024-38016 – Microsoft Office Visio Remote Code Execution is a documented vulnerability affecting Microsoft Visio 2016 (both 32‑bit and 64‑bit), and broader Microsoft Office suites as listed in connected references (including Visio 2019/LTSC 2021 and Microsoft 365 Apps for Enterprise). The is...

7.8CVSS7.7AI score0.00595EPSS
CVE
CVE
added 2023/01/10 12:0 a.m.162 views

CVE-2023-21737

CVE-2023-21737 is a Microsoft Office Visio Remote Code Execution vulnerability. Public sources in the Connected documents confirm it affects Microsoft Office Visio (Visio component) and is classified as high severity (CVSS v3.1 base score 7.8) with local attack vector and required user interactio...

7.8CVSS7.8AI score0.00723EPSS
CVE
CVE
added 2023/01/10 12:0 a.m.127 views

CVE-2023-21741

CVE-2023-21741 affects Microsoft Office Visio. Description: Information disclosure vulnerability in Visio; attacker could obtain sensitive memory data and use it for further attacks. Reported metrics show CVSS 3.1 base score 7.1 (HIGH) with: Attack Vector NETWORK, Attack Complexity LOW, Privilege...

7.1CVSS6.7AI score0.01793EPSS
CVE
CVE
added 2022/09/13 6:42 p.m.126 views

CVE-2022-38010

CVE-2022-38010 is a Microsoft Office Visio remote code execution vulnerability. Public listings and update guidance identify Visio 2013 (KB5002017) and Visio 2016 (KB5002016) as affected, with deployment differences: Visio 2013 updates apply to the MSI-based edition (SP1 required) and Visio 2016 ...

7.8CVSS7.8AI score0.00856EPSS
CVE
CVE
added 2015/11/11 11:0 a.m.116 views

CVE-2015-2503

CVE-2015-2503 is an Office Elevation of Privilege vulnerability that can be triggered via a crafted web site loaded in Internet Explorer to bypass sandbox protections and gain privileges. The initial CVE entry lists Microsoft Office 2007–2016 products (Word, Excel, PowerPoint, Access, InfoPath, V...

9.3CVSS6.8AI score0.1684EPSS
CVE
CVE
added 2022/12/13 12:0 a.m.116 views

CVE-2022-44695

Technical details about CVE-2022-44695 are not publicly provided in the supplied connected documents. Available items reference the CVE and notes about Visio remote code execution and December 2022 updates, but do not specify affected versions, root cause, or fixes.

7.8CVSS7.8AI score0.00822EPSS
CVE
CVE
added 2016/01/13 2:0 a.m.104 views

CVE-2016-0012

CVE-2016-0012 affects Microsoft Office suite (2007–2016 and related components) and is described as a security feature/ASLR bypass vulnerability. Connected OpenVAS entries explicitly reference remote bypass vectors in Office components (PowerPoint, Visio, Word, Excel, VB runtime) and note exploit...

4.3CVSS5.1AI score0.11195EPSS
CVE
CVE
added 2021/03/11 3:48 p.m.99 views

CVE-2021-27055

CVE-2021-27055 is a Microsoft Visio Security Feature Bypass vulnerability. The connected sources confirm a Visio-related bypass exists, enabling bypass of built-in security features and potentially compromising integrity/availability when exploited. CVSS data indicate a HIGH severity (base score ...

7CVSS6.6AI score0.0217EPSS
CVE
CVE
added 2015/08/15 12:0 a.m.95 views

CVE-2015-2423

CVE-2015-2423 is an “Unsafe Command Line Parameter Passing” vulnerability affecting a broad set of Windows OS versions (Vista through Windows 10) and Office apps (2007–2013) where a crafted command-line parameter to an Office app or Notepad can elevate from Low to Medium Integrity and disclose se...

4.3CVSS6.4AI score0.19851EPSS
CVE
CVE
added 2024/09/10 4:53 p.m.95 views

CVE-2024-43463

CVE-2024-43463 affects Microsoft Office Visio and is fixed by the September 2024 security update KB5002634. Public disclosures and multiple CVE roundups (MSRC, CNVD, CIRCL/CVE feeds, and Nessus) corroborate that Visio 2016 is susceptible and an update is available to remediate. The vulnerability ...

7.8CVSS7.9AI score0.00937EPSS
CVE
CVE
added 2016/09/14 10:0 a.m.82 views

CVE-2016-3364

Microsoft Visio 2016 contains a remote memory-corruption vulnerability (CVE-2016-3364) due to improper handling of objects in memory. An attacker who entices a user to open a specially crafted Office document can execute arbitrary code with the user’s privileges; administrative rights amplify imp...

9.3CVSS7.7AI score0.18535EPSS