Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
office web vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2002-1339
The "XMLURL" property in the Spreadsheet component of Office Web Components (OWC) 10 follows redirections, which allows remote malicious users to determine the existence of local files based on exceptions, or to read WorkSheet XML files.
Microsoft Office Web Components 2002
5
CVSSv2
CVE-2002-1340
The "ConnectionFile" property in the DataSourceControl component in Office Web Components (OWC) 10 allows remote malicious users to determine the existence of local files by detecting an exception.
Microsoft Office Web Components 2002
6.8
CVSSv2
CVE-2021-31176
Microsoft Office Remote Code Execution Vulnerability
Microsoft Office 2013
Microsoft Office Web Apps Server 2013
Microsoft Office Online Server -
Microsoft Office 2019
Microsoft 365 Apps -
Microsoft Office 2016
9.3
CVSSv2
CVE-2017-8511
A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8512, CVE-2017-0260, and CV...
Microsoft Office 2013
Microsoft Office Web Apps Server 2013
Microsoft Office Web Apps 2010
Microsoft Powerpoint For Mac 2011
Microsoft Office Online Server 2016
Microsoft Office 2010
Microsoft Powerpoint For Mac 2016
Microsoft Sharepoint Server 2016
Microsoft Sharepoint Server 2013
Microsoft Office 2016
4.3
CVSSv2
CVE-2018-8378
An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Office Information Disclosure Vulnerability." This affects Word, Microso...
Microsoft Sharepoint Server 2013
Microsoft Sharepoint Enterprise Server 2013 -
Microsoft Sharepoint Enterprise Server 2016 -
Microsoft Office Compatibility Pack -
Microsoft Office 2013
Microsoft Office 2010
Microsoft Office Web Apps 2010
Microsoft Office 2016
Microsoft Excel Viewer 2007
Microsoft Office Web Apps 2013
Microsoft Office Word Viewer -
Microsoft Word Automation Services -
1 Article
6.8
CVSSv2
CVE-2021-28454
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office 2013
Microsoft Office 2010
Microsoft Office Web Apps Server 2013
Microsoft Office Online Server -
Microsoft Office 2019
Microsoft 365 Apps -
Microsoft Office 2016
4.3
CVSSv2
CVE-2016-3234
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow...
Microsoft Office Compatibility Pack
Microsoft Office 2010
Microsoft Sharepoint Server 2013
Microsoft Word 2010
Microsoft Word 2007
Microsoft Sharepoint Server 2010
Microsoft Office Web Apps 2010
Microsoft Office Web Apps 2013
Microsoft Word Viewer
9.3
CVSSv2
CVE-2020-17122
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office Web Apps 2010
Microsoft Sharepoint Server 2010
Microsoft Office 2010
9.3
CVSSv2
CVE-2018-8539
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Microsoft SharePoint Server, Microsoft Office. This CVE ID is unique from C...
Microsoft Office Web Apps 2010
Microsoft Sharepoint Server 2010
Microsoft Office 2010
3.5
CVSSv2
CVE-2015-6037
Cross-site scripting (XSS) vulnerability in Microsoft Excel Services on SharePoint Server 2010 SP2 and 2013 SP1, Office Web Apps 2010 SP2, Excel Web App 2010 SP2, Office Web Apps Server 2013 SP1, and SharePoint Foundation 2013 SP1 allows remote authenticated users to inject arbit...
Microsoft Excel Web App 2010
Microsoft Office Web Apps 2013
Microsoft Sharepoint Foundation 2013
Microsoft Sharepoint Server 2013
Microsoft Office Web Apps 2010
Microsoft Sharepoint Server 2010
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »