Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
office web vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-1442
A spoofing vulnerability exists when an Office Web Apps server does not properly sanitize a specially crafted request, aka 'Office Web Apps XSS Vulnerability'.
Microsoft Office Online Server -
Microsoft Office Web Apps 2013
6.8
CVSSv2
CVE-2020-16929
<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current use...
Microsoft Excel Web App 2010
Microsoft Excel 2013
Microsoft Excel 2016
Microsoft Office Web Apps 2013
Microsoft Office Web Apps 2010
Microsoft Office 2013
Microsoft Sharepoint Server 2010
Microsoft Office 2010
Microsoft Excel 2010
Microsoft Office 2016
Microsoft Sharepoint Enterprise Server 2013
Microsoft Office 2019
Microsoft Office Online Server 1.0
Microsoft 365 Apps -
9.3
CVSSv2
CVE-2017-8512
A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8511, CVE-2017-0260, and CV...
Microsoft Office Web Apps 2010
Microsoft Sharepoint Enterprise Server 2013
Microsoft Office 2007
Microsoft Office 2010
Microsoft Office 2013
Microsoft Office 2016
Microsoft Sharepoint Enterprise Server 2016
Microsoft Office Online Server 2016
Microsoft Office Web Apps Server 2013
Microsoft Word Automation Services -
5.8
CVSSv2
CVE-2018-8247
An elevation of privilege vulnerability exists when Office Web Apps Server 2013 and Office Online Server fail to properly handle web requests, aka "Microsoft Office Elevation of Privilege Vulnerability." This affects Microsoft Office, Microsoft Office Online Server. Thi...
Microsoft Office Online Server 2016
Microsoft Office Web Apps 2013
1 Article
NA
CVE-2023-23396
Microsoft Excel Denial of Service Vulnerability
Microsoft Office Web Apps Server 2013
Microsoft Office Online Server -
1 Github repository
9.3
CVSSv2
CVE-2018-1028
A remote code execution vulnerability exists when the Office graphics component improperly handles specially crafted embedded fonts, aka "Microsoft Office Graphics Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft SharePoint, Excel, Mi...
Microsoft Sharepoint Enterprise Server 2016
Microsoft Office Web Apps 2010
Microsoft Excel Services -
Microsoft Word Automation Services -
Microsoft Office 2016
Microsoft Office 2013
Microsoft Office 2013 Rt
Microsoft Office 2010
Microsoft Sharepoint Enterprise Server 2013
Microsoft Office Web Apps 2013
9.3
CVSSv2
CVE-2016-0140
Microsoft Office 2007 SP3, Office 2010 SP2, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote malicious users to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
Microsoft Office Web Apps 2010
Microsoft Sharepoint Server 2010
Microsoft Office 2010
Microsoft Office 2007
9.3
CVSSv2
CVE-2014-6357
Use-after-free vulnerability in Microsoft Office 2010 SP2, Office 2013 Gold and SP1, Office 2013 RT Gold and SP1, Office for Mac 2011, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2 and 2013 Gold and SP1, and Office Web Apps 201...
Microsoft Office 2013
Microsoft Web Applications 2013
Microsoft Office 2011
Microsoft Word Viewer -
Microsoft Office 2010
Microsoft Office Compatibility Pack
Microsoft Sharepoint Server 2010
Microsoft Sharepoint Server 2013
Microsoft Web Applications 2010
5
CVSSv2
CVE-2002-1338
The Load method in the Chart component of Office Web Components (OWC) 9 and 10 generates an exception when a specified file does not exist, which allows remote malicious users to determine the existence of local files.
Microsoft Office Web Components 2002
5
CVSSv2
CVE-2002-1339
The "XMLURL" property in the Spreadsheet component of Office Web Components (OWC) 10 follows redirections, which allows remote malicious users to determine the existence of local files based on exceptions, or to read WorkSheet XML files.
Microsoft Office Web Components 2002
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »