Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
office system vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-30693
Information disclosure vulnerability in the system configuration of Cybozu Office 10.0.0 to 10.8.5 allows a remote malicious user to obtain the data of the product via unspecified vectors.
Cybozu Office
4.3
CVSSv2
CVE-2018-0950
An information disclosure vulnerability exists when Office renders Rich Text Format (RTF) email messages containing OLE objects when a message is opened or previewed, aka "Microsoft Office Information Disclosure Vulnerability." This affects Microsoft Word, Microsoft Off...
Microsoft Office 2016
Microsoft Office 2010
Microsoft Office Compatibility Pack -
Microsoft Word 2010
Microsoft Word 2007
Microsoft Word 2013
Microsoft Word 2016
2 Articles
6.8
CVSSv2
CVE-2020-16931
<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current use...
Microsoft Excel 2013
Microsoft Excel 2016
Microsoft Office Web Apps 2013
Microsoft Excel 2010
Microsoft Office 2019
Microsoft Office Online Server 1.0
Microsoft 365 Apps -
6.8
CVSSv2
CVE-2020-16932
<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current use...
Microsoft Excel 2013
Microsoft Excel 2016
Microsoft Office Web Apps 2013
Microsoft Excel 2010
Microsoft Office 2019
Microsoft Office Online Server 1.0
Microsoft 365 Apps -
10
CVSSv2
CVE-2001-1260
Avaya Argent Office uses weak encryption (trivial encoding) for passwords, which allows remote malicious users to gain administrator privileges by sniffing and decrypting the sniffing the passwords during a system reboot.
Avaya Argent Office
9.3
CVSSv2
CVE-2010-0815
VBE6.DLL in Microsoft Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Visual Basic for Applications (VBA), and VBA SDK 6.3 up to and including 6.5 does not properly search for ActiveX controls that are embedded in documents, which allows remote malicious...
Microsoft Visual Basic Sdk 6.3
Microsoft Visual Basic Sdk 6.4
Microsoft Visual Basic For Applications
Microsoft Visual Basic Sdk 6.5
Microsoft Office 2007
Microsoft Office Xp
Microsoft Office 2003
NA
CVE-2022-39022
U-Office Force Download function has a path traversal vulnerability. A remote attacker with general user privilege can exploit this vulnerability to download arbitrary system file.
Edetw U-office Force
NA
CVE-2022-39023
U-Office Force Download function has a path traversal vulnerability. A remote attacker with general user privilege can exploit this vulnerability to download arbitrary system file.
Edetw U-office Force
NA
CVE-2023-32756
e-Excellence U-Office Force has a path traversal vulnerability within its file uploading and downloading functions. An unauthenticated remote attacker can exploit this vulnerability to read arbitrary system files, but can’t control system or disrupt service.
Edetw U-office Force 20.0.7668d
NA
CVE-2023-32548
OS command injection vulnerability exists in WPS Office version 10.8.0.6186. If a remote attacker who can conduct a man-in-the-middle attack connects the product to a malicious server and sends a specially crafted data, an arbitrary OS command may be executed on the system where ...
Kingsoft Wps Office 10.8.0.6186
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »