Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
office system vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-32756
e-Excellence U-Office Force has a path traversal vulnerability within its file uploading and downloading functions. An unauthenticated remote attacker can exploit this vulnerability to read arbitrary system files, but can’t control system or disrupt service.
Edetw U-office Force 20.0.7668d
5
CVSSv2
CVE-2002-0860
The LoadText method in the spreadsheet component in Microsoft Office Web Components (OWC) 2000 and 2002 allows remote malicious users to read arbitrary files through Internet Explorer via a URL that redirects to the target file.
Microsoft Project 2000
Microsoft Project 2002
Microsoft Office Web Components 2002
Microsoft Office Web Components 2000
NA
CVE-2023-32548
OS command injection vulnerability exists in WPS Office version 10.8.0.6186. If a remote attacker who can conduct a man-in-the-middle attack connects the product to a malicious server and sends a specially crafted data, an arbitrary OS command may be executed on the system where ...
Kingsoft Wps Office 10.8.0.6186
9.3
CVSSv2
CVE-2008-3879
The Ultra.OfficeControl ActiveX control in OfficeCtrl.ocx 2.0.2008.801 and previous versions in Ultra Shareware Ultra Office Control allows remote malicious users to force the download of arbitrary files onto a client system via a URL in the first argument to the Open method, in ...
Ultrashareware Ultra Office Control
1 EDB exploit
9.3
CVSSv2
CVE-2020-1498
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logg...
Microsoft Excel 2013
Microsoft Excel 2016
Microsoft Excel 2010
Microsoft Office 2019
Microsoft 365 Apps -
Microsoft Office 2016
1 Article
9.3
CVSSv2
CVE-2008-3015
Integer overflow in gdiplus.dll in GDI+ in Microsoft Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report V...
Microsoft Forefront Client Security 1.0
Microsoft Digital Image Suite 2006
Microsoft Office Xp
Microsoft Office 2003
Microsoft Sql Server Reporting Services 2000
Microsoft Visio 2002
Microsoft Sql Server 2005
Microsoft Report Viewer 2005
Microsoft Report Viewer 2008
Microsoft Office 2007
Microsoft Works 8.0
Microsoft Office Powerpoint Viewer 2003
NA
CVE-2023-5781
A vulnerability, which was classified as critical, has been found in Tongda OA 2017 11.10. This issue affects the function DELETE_STR of the file general/system/res_manage/monitor/delete_webmail.php. The manipulation leads to sql injection. The attack may be initiated remotely. T...
Tongda2000 Tongda Office Anywhere
NA
CVE-2023-32755
e-Excellence U-Office Force generates an error message in webiste service. An unauthenticated remote attacker can obtain partial sensitive system information from error message by sending a crafted command.
Edetw U-office Force 20.0.7668d
NA
CVE-2023-5780
A vulnerability classified as critical was found in Tongda OA 2017 11.10. This vulnerability affects unknown code of the file general/system/approve_center/flow_guide/flow_type/set_print/delete.php. The manipulation of the argument DELETE_STR leads to sql injection. The attack ca...
Tongda2000 Tongda Office Anywhere
NA
CVE-2023-6052
A vulnerability classified as critical has been found in Tongda OA 2017 up to 11.9. Affected is an unknown function of the file general/system/censor_words/module/delete.php. The manipulation of the argument DELETE_STR leads to sql injection. The exploit has been disclosed to the...
Tongda2000 Tongda Office Anywhere
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »