Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Office
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 868 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-02-11 | CVE-2025-21387 | Microsoft Excel Remote Code Execution Vulnerability | 365_apps, Excel, Office, Office_online_server | 7.8 | ||
| 2025-02-11 | CVE-2025-21390 | Microsoft Excel Remote Code Execution Vulnerability | 365_apps, Excel, Office, Office_online_server | 7.8 | ||
| 2025-02-11 | CVE-2025-21394 | Microsoft Excel Remote Code Execution Vulnerability | 365_apps, Excel, Office, Office_online_server | 7.8 | ||
| 2025-02-11 | CVE-2025-21397 | Microsoft Office Remote Code Execution Vulnerability | 365_apps, Office | 7.8 | ||
| 2017-04-12 | CVE-2017-0199 | Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API." | Office, Windows_7, Windows_server_2008, Windows_server_2012, Windows_vista, Intellispace_portal | 7.8 | ||
| 2017-05-12 | CVE-2017-0261 | Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0262 and CVE-2017-0281. | Office | 7.8 | ||
| 2017-05-12 | CVE-2017-0262 | Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0261 and CVE-2017-0281. | Office | 7.8 | ||
| 2009-06-10 | CVE-2009-0563 | Stack-based buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; Microsoft Office Word Viewer 2003 SP3; Microsoft Office Word Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a Word document with a crafted tag containing an invalid length field, aka "Word Buffer Overflow... | Office, Office_compatibility_pack, Office_word_viewer, Open_xml_file_format_converter | 7.8 | ||
| 2009-06-10 | CVE-2009-0557 | Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remote attackers to execute arbitrary code via a crafted Excel file with a malformed record object, aka "Object Record... | Office, Office_excel_viewer, Office_sharepoint_server | 7.8 | ||
| 2009-11-11 | CVE-2009-3129 | Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a spreadsheet with a FEATHEADER record containing an invalid cbHdrData size element that affects a pointer offset, aka "Excel Featheader Record Memory... | Excel, Excel_viewer, Office, Open_xml_file_format_converter | 7.8 |