Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
office system vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2020-16931
<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current use...
Microsoft Excel 2013
Microsoft Excel 2016
Microsoft Office Web Apps 2013
Microsoft Excel 2010
Microsoft Office 2019
Microsoft Office Online Server 1.0
Microsoft 365 Apps -
6.8
CVSSv2
CVE-2020-16932
<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current use...
Microsoft Excel 2013
Microsoft Excel 2016
Microsoft Office Web Apps 2013
Microsoft Excel 2010
Microsoft Office 2019
Microsoft Office Online Server 1.0
Microsoft 365 Apps -
9.3
CVSSv2
CVE-2010-0815
VBE6.DLL in Microsoft Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Visual Basic for Applications (VBA), and VBA SDK 6.3 up to and including 6.5 does not properly search for ActiveX controls that are embedded in documents, which allows remote malicious...
Microsoft Visual Basic Sdk 6.3
Microsoft Visual Basic Sdk 6.4
Microsoft Visual Basic For Applications
Microsoft Visual Basic Sdk 6.5
Microsoft Office 2007
Microsoft Office Xp
Microsoft Office 2003
NA
CVE-2022-39022
U-Office Force Download function has a path traversal vulnerability. A remote attacker with general user privilege can exploit this vulnerability to download arbitrary system file.
Edetw U-office Force
NA
CVE-2022-39023
U-Office Force Download function has a path traversal vulnerability. A remote attacker with general user privilege can exploit this vulnerability to download arbitrary system file.
Edetw U-office Force
NA
CVE-2023-32756
e-Excellence U-Office Force has a path traversal vulnerability within its file uploading and downloading functions. An unauthenticated remote attacker can exploit this vulnerability to read arbitrary system files, but can’t control system or disrupt service.
Edetw U-office Force 20.0.7668d
NA
CVE-2023-32548
OS command injection vulnerability exists in WPS Office version 10.8.0.6186. If a remote attacker who can conduct a man-in-the-middle attack connects the product to a malicious server and sends a specially crafted data, an arbitrary OS command may be executed on the system where ...
Kingsoft Wps Office 10.8.0.6186
7.5
CVSSv2
CVE-2006-0002
Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exchange 5.0 Server SP2 and 5.5 SP4, Exchange 2000 SP3, and Office allows remote malicious users to execute arbitrary code via an e-mail message with a crafted Transport Neutral Encapsulation Format (TNEF) MIME att...
Microsoft Exchange Server 5.0
Microsoft Exchange Server 5.5
Microsoft Exchange Server 2000
Microsoft Office 2000
Microsoft Office 2003
Microsoft Office Xp
Microsoft Outlook 2000
Microsoft Outlook 2002
Microsoft Outlook 2003
9.3
CVSSv2
CVE-2008-3879
The Ultra.OfficeControl ActiveX control in OfficeCtrl.ocx 2.0.2008.801 and previous versions in Ultra Shareware Ultra Office Control allows remote malicious users to force the download of arbitrary files onto a client system via a URL in the first argument to the Open method, in ...
Ultrashareware Ultra Office Control
1 EDB exploit
5
CVSSv2
CVE-2002-0860
The LoadText method in the spreadsheet component in Microsoft Office Web Components (OWC) 2000 and 2002 allows remote malicious users to read arbitrary files through Internet Explorer via a URL that redirects to the target file.
Microsoft Project 2000
Microsoft Project 2002
Microsoft Office Web Components 2000
Microsoft Office Web Components 2002
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »