Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Word
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 219 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-09-12 | CVE-2023-36762 | Microsoft Word Remote Code Execution Vulnerability | 365_apps, Office, Office_long_term_servicing_channel, Sharepoint_server, Word | N/A | ||
| 2024-02-13 | CVE-2024-20673 | Microsoft Office Remote Code Execution Vulnerability | Excel, Office, Powerpoint, Publisher, Skype_for_business, Visio, Word | N/A | ||
| 2024-02-13 | CVE-2024-21379 | Microsoft Word Remote Code Execution Vulnerability | 365_apps, Office, Office_long_term_servicing_channel, Word | N/A | ||
| 2024-11-12 | CVE-2024-49033 | Microsoft Word Security Feature Bypass Vulnerability | 365_apps, Office, Office_long_term_servicing_channel, Word | 7.5 | ||
| 2019-08-14 | CVE-2019-1201 | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. The file could then take actions on behalf of the logged-on user with the same permissions as the current user. To exploit the vulnerability, a user must open a specially crafted file with an affected version of... | Office, Office_365_proplus, Office_online_server, Office_web_apps, Office_web_apps_server, Sharepoint_enterprise_server, Sharepoint_server, Word | 7.8 | ||
| 2000-10-20 | CVE-2000-0788 | The Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic (VBA) scripts in an Access database, which could allow an attacker to execute arbitrary commands. | Access, Word | N/A | ||
| 1999-11-01 | CVE-1999-0354 | Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the IE client through the Word 97 template, which doesn't warn the user that the template contains executable content. Also applies to Outlook when the client views a malicious email message. | Internet_explorer, Word | N/A | ||
| 2020-03-12 | CVE-2020-0850 | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0851, CVE-2020-0852, CVE-2020-0855, CVE-2020-0892. | Office, Office_365_proplus, Office_online_server, Sharepoint_enterprise_server, Sharepoint_foundation, Sharepoint_server, Word | 8.8 | ||
| 2020-03-12 | CVE-2020-0892 | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0850, CVE-2020-0851, CVE-2020-0852, CVE-2020-0855. | Office, Office_365_proplus, Office_online_server, Office_web_apps, Sharepoint_enterprise_server, Sharepoint_foundation, Sharepoint_server, Word | 7.8 | ||
| 2020-04-15 | CVE-2020-0760 | A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991. | Access, Excel, Office, Office_365_proplus, Outlook, Powerpoint, Project, Publisher, Visio, Word | 8.8 |