Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
visual basic vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-1999-0354
Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the IE client through the Word 97 template, which doesn't warn the user that the template contains executable content. Also applies to Outlook when the client views a malicious e...
Microsoft Internet Explorer 4.0
Microsoft Internet Explorer 5.0
Microsoft Word 97
7.5
CVSSv2
CVE-2000-0597
Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97 are marked as safe for scripting, which allows remote malicious users to force Internet Explorer or some email clients to save files to arbitrary locations via the Visual Basic for Applications (VBA) SaveAs function, ...
Microsoft Powerpoint 2000
Microsoft Excel 2000
Microsoft Powerpoint 97
7.5
CVSSv2
CVE-2002-0619
The Mail Merge Tool in Microsoft Word 2002 for Windows, when Microsoft Access is present on a system, allows remote malicious users to execute Visual Basic (VBA) scripts within a mail merge document that is saved in HTML format, aka a "Variant of MS00-071, Word Mail Merge Vu...
Microsoft Office Xp
Microsoft Office 2000
9.3
CVSSv2
CVE-2007-2223
Microsoft XML Core Services (MSXML) 3.0 up to and including 6.0 allows remote malicious users to execute arbitrary code via the substringData method on a (1) TextNode or (2) XMLDOM object, which causes an integer overflow that leads to a buffer overflow.
Microsoft Xml Core Services 3.0
Microsoft Xml Core Services 6.0
Microsoft Xml Core Services 4.0
Microsoft Xml Core Services 5.0
1 EDB exploit
6.8
CVSSv2
CVE-2011-1003
Double free vulnerability in the vba_read_project_strings function in vba_extract.c in libclamav in ClamAV prior to 0.97 might allow remote malicious users to execute arbitrary code via crafted Visual Basic for Applications (VBA) data in a Microsoft Office document. NOTE: some of...
Clamav Clamav
Clamav Clamav 0.95.2
Clamav Clamav 0.86.2
Clamav Clamav 0.88.5
Clamav Clamav 0.02
Clamav Clamav 0.92
Clamav Clamav 0.95
Clamav Clamav 0.8
Clamav Clamav 0.15
Clamav Clamav 0.90
Clamav Clamav 0.75.1
Clamav Clamav 0.65
Clamav Clamav 0.88.7
Clamav Clamav 0.81
Clamav Clamav 0.86
Clamav Clamav 0.01
Clamav Clamav 0.92 P0
Clamav Clamav 0.85
Clamav Clamav 0.84
Clamav Clamav 0.3
Clamav Clamav 0.91.2 P0
Clamav Clamav 0.93.1
2.6
CVSSv2
CVE-2006-4685
The XMLHTTP ActiveX control in Microsoft XML Parser 2.6 and XML Core Services 3.0 up to and including 6.0 does not properly handle HTTP server-side redirects, which allows remote user-assisted malicious users to access content from other domains.
Microsoft Xml Core Services 4.0
Microsoft Xml Core Services 6.0
Microsoft Xml Parser 2.6
Microsoft Xml Core Services 3.0
5.8
CVSSv2
CVE-2004-1101
mailpost.exe in MailPost 5.1.1sv, and possibly earlier versions, allows remote malicious users to cause a denial of service (server crash), leak sensitive pathname information in the resulting error message, and execute a cross-site scripting (XSS) attack via an HTTP request that...
Tips Mailpost 5.1.1 Sv
1 EDB exploit
7.5
CVSSv2
CVE-2006-4686
Buffer overflow in the Extensible Stylesheet Language Transformations (XSLT) processing in Microsoft XML Parser 2.6 and XML Core Services 3.0 up to and including 6.0 allows remote malicious users to execute arbitrary code via a crafted Web page.
Microsoft Xml Core Services 3.0
Microsoft Xml Core Services 4.0
Microsoft Xml Core Services 6.0
Microsoft Xml Parser 2.6
NA
CVE-2022-36970
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of AVEVA Edge 20.0 Build: 4201.2111.1802.0000 Service Pack 2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a m...
Aveva Aveva Edge
7.6
CVSSv2
CVE-2006-5745
Unspecified vulnerability in the setRequestHeader method in the XMLHTTP (XML HTTP) ActiveX Control 4.0 in Microsoft XML Core Services 4.0 on Windows, when accessed by Internet Explorer, allows remote malicious users to execute arbitrary code via crafted arguments that lead to mem...
Microsoft Xml Core Services 4.0
4 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »