Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Office
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 838 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2009-06-10 | CVE-2009-0557 | Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remote attackers to execute arbitrary code via a crafted Excel file with a malformed record object, aka "Object Record... | Office, Office_excel_viewer, Office_sharepoint_server | 7.8 | ||
| 2013-06-12 | CVE-2013-1331 | Buffer overflow in Microsoft Office 2003 SP3 and Office 2011 for Mac allows remote attackers to execute arbitrary code via crafted PNG data in an Office document, leading to improper memory allocation, aka "Office Buffer Overflow Vulnerability." | Office | 7.8 | ||
| 2023-09-12 | CVE-2023-36761 | Microsoft Word Information Disclosure Vulnerability | 365_apps, Office, Office_long_term_servicing_channel, Word | 6.5 | ||
| 2024-06-11 | CVE-2024-30101 | Microsoft Office Remote Code Execution Vulnerability | 365_apps, Office | 7.5 | ||
| 2024-06-11 | CVE-2024-30104 | Microsoft Office Remote Code Execution Vulnerability | 365_apps, Office | 7.8 | ||
| 2024-06-11 | CVE-2024-30103 | Microsoft Outlook Remote Code Execution Vulnerability | 365_apps, Office, Outlook | 8.8 | ||
| 2024-02-13 | CVE-2024-20673 | Microsoft Office Remote Code Execution Vulnerability | Excel, Office, Powerpoint, Publisher, Skype_for_business, Visio, Word | 7.8 | ||
| 2019-08-14 | CVE-2019-1151 | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user... | Office, Windows_10, Windows_7, Windows_8\.1, Windows_rt_8\.1, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019 | 8.8 | ||
| 2019-08-14 | CVE-2019-1149 | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user... | Office, Windows_10, Windows_7, Windows_8\.1, Windows_rt_8\.1, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019 | 8.8 | ||
| 2019-08-14 | CVE-2019-1153 | An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The update addresses the vulnerability by correcting the way in which the Windows Graphics Component handles... | Office, Windows_10, Windows_7, Windows_8\.1, Windows_rt_8\.1, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019 | 5.5 |