Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
excel vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2022-24473
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office 2019
Microsoft 365 Apps -
Microsoft Office 2021
6.8
CVSSv2
CVE-2022-26901
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel 2016
Microsoft Office 2013
Microsoft Office Web Apps Server 2013
Microsoft Office Online Server -
Microsoft Office 2016
Microsoft Excel Rt 2013
Microsoft Office 2013 Rt
Microsoft Excel 2013
Microsoft Office 2019
Microsoft 365 Apps -
Microsoft Office 2021
9.3
CVSSv2
CVE-2022-26903
Windows Graphics Component Remote Code Execution Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 10 1607
Microsoft Windows 8.1 -
Microsoft Windows Server 2016 -
Microsoft Windows 7 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2008
Microsoft Windows Server 2012 -
Microsoft Windows 10 -
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows 10 1909
Microsoft Word -
Microsoft Windows 10 20h2
Microsoft Windows Server 2016 20h2
Microsoft Windows 10 21h1
Microsoft Windows Server 2022 -
Microsoft Windows 11 -
Microsoft Windows 10 21h2
Microsoft Excel Mobile -
Microsoft Powerpoint -
6
CVSSv2
CVE-2021-43257
Lack of Neutralization of Formula Elements in the CSV API of MantisBT prior to 2.25.3 allows an unprivileged malicious user to execute code or gain access to information when a user opens the csv_export.php generated CSV file in Excel.
Mantisbt Mantisbt
6.8
CVSSv2
CVE-2021-43515
CSV Injection (aka Excel Macro Injection or Formula Injection) exists in creating new timesheet in Kimai. By filling the Description field with malicious payload, it will be mistreated while exporting to a CSV file.
Kimai Kimai
1 Github repository
7.5
CVSSv2
CVE-2022-26249
Survey King v0.3.0 does not filter data properly when exporting excel files, allowing malicious users to execute arbitrary code or access sensitive information via a CSV injection attack.
Surveyking Project Surveyking 0.3.0
6.8
CVSSv2
CVE-2022-24770
`gradio` is an open source framework for building interactive machine learning models and demos. Prior to version 2.8.11, `gradio` suffers from Improper Neutralization of Formula Elements in a CSV File. The `gradio` library has a flagging functionality which saves input/output da...
Gradio Project Gradio
7.5
CVSSv2
CVE-2022-23640
Excel-Streaming-Reader is an easy-to-use implementation of a streaming Excel reader using Apache POI. Prior to xlsx-streamer 2.1.0, the XML parser that was used did apply all the necessary settings to prevent XML Entity Expansion issues. Upgrade to version 2.1.0 to receive a patc...
Excel Streaming Reader Project Excel Streaming Reader
9.3
CVSSv2
CVE-2021-46363
An issue in the Export function of Magnolia v6.2.3 and below allows malicious users to perform Formula Injection attacks via crafted CSV/XLS files. These formulas may result in arbitrary code execution on a victim's computer when opening the exported files with Microsoft Exc...
Magnolia-cms Magnolia Cms
1 Github repository
4.3
CVSSv2
CVE-2022-22716
Microsoft Excel Information Disclosure Vulnerability
Microsoft Office Web Apps 2013
Microsoft Excel 2013
Microsoft Office Online Server -
Microsoft Sharepoint Server 2013
Microsoft Office 2019
Microsoft 365 Apps -
Microsoft Excel 2016
Microsoft Office Long Term Servicing Channel 2021
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21991
CVE-2024-32674
path traversal
CVE-2023-21987
denial of service
dos
CVE-2024-4647
CVE-2024-25519
CVE-2024-33612
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »