Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Excel
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 323 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-06-15 | CVE-2022-30173 | Microsoft Excel Remote Code Execution Vulnerability | Excel, Office_web_apps_server | 7.8 | ||
| 2023-11-14 | CVE-2023-36037 | Microsoft Excel Security Feature Bypass Vulnerability | 365_apps, Excel, Office, Office_long_term_servicing_channel | 7.8 | ||
| 1999-05-07 | CVE-1999-0717 | A remote attacker can disable the virus warning mechanism in Microsoft Excel 97. | Excel, Windows_2000, Windows_95, Windows_98, Windows_nt | N/A | ||
| 1999-10-01 | CVE-1999-0794 | Microsoft Excel does not warn a user when a macro is present in a Symbolic Link (SYLK) format file. | Excel, Office | N/A | ||
| 2000-06-27 | CVE-2000-0597 | Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97 are marked as safe for scripting, which allows remote attackers to force Internet Explorer or some email clients to save files to arbitrary locations via the Visual Basic for Applications (VBA) SaveAs function, aka the "Office HTML Script" vulnerability. | Excel, Powerpoint | N/A | ||
| 2000-07-26 | CVE-2000-0637 | Microsoft Excel 97 and 2000 allows an attacker to execute arbitrary commands by specifying a malicious .dll using the Register.ID function, aka the "Excel REGISTER.ID Function" vulnerability. | Excel | N/A | ||
| 2002-08-12 | CVE-2002-0618 | The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code in the Local Computer zone by embedding HTML scripts within an Excel workbook that contains an XSL stylesheet, aka "Excel XSL Stylesheet Script Execution". | Excel, Office | N/A | ||
| 2005-12-09 | CVE-2005-4131 | Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed range, which could lead to memory corruption involving an argument to the msvcrt.memmove function, aka "Brand new Microsoft Excel Vulnerability," as originally placed for sale on eBay as item number 7203336538. | Excel | N/A | ||
| 2016-09-14 | CVE-2016-3363 | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3381. | Excel, Excel_viewer, Office_compatibility_pack | 7.8 | ||
| 2013-09-11 | CVE-2013-1315 | Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." | Excel, Excel_viewer, Office, Office_compatibility_pack, Office_web_apps, Sharepoint_foundation, Sharepoint_portal_server, Sharepoint_server, Sharepoint_services | N/A |