Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Office_online_server
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 122 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-07-11 | CVE-2023-33162 | Microsoft Excel Information Disclosure Vulnerability | 365_apps, Office, Office_online_server | N/A | ||
| 2023-08-08 | CVE-2023-35371 | Microsoft Office Remote Code Execution Vulnerability | 365_apps, Office, Office_long_term_servicing_channel, Office_online_server | N/A | ||
| 2023-08-08 | CVE-2023-36896 | Microsoft Excel Remote Code Execution Vulnerability | 365_apps, Office, Office_long_term_servicing_channel, Office_online_server | N/A | ||
| 2023-09-12 | CVE-2023-36766 | Microsoft Excel Information Disclosure Vulnerability | 365_apps, Excel, Office, Office_long_term_servicing_channel, Office_online_server | 5.5 | ||
| 2024-11-12 | CVE-2024-49026 | Microsoft Excel Remote Code Execution Vulnerability | 365_apps, Excel, Office, Office_long_term_servicing_channel, Office_online_server | 7.8 | ||
| 2024-09-10 | CVE-2024-43465 | Microsoft Excel Elevation of Privilege Vulnerability | 365_apps, Excel, Office, Office_long_term_servicing_channel, Office_online_server | 7.8 | ||
| 2019-08-14 | CVE-2019-1205 | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. The file could then take actions on behalf of the logged-on user with the same permissions as the current user. To exploit the vulnerability, a user must open a specially crafted file with an affected version of... | Office, Office_365_proplus, Office_online_server, Sharepoint_server | 7.8 | ||
| 2019-08-14 | CVE-2019-1201 | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. The file could then take actions on behalf of the logged-on user with the same permissions as the current user. To exploit the vulnerability, a user must open a specially crafted file with an affected version of... | Office, Office_365_proplus, Office_online_server, Office_web_apps, Office_web_apps_server, Sharepoint_enterprise_server, Sharepoint_server, Word | 7.8 | ||
| 2017-09-13 | CVE-2017-8631 | A remote code execution vulnerability exists in Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Web Apps 2013, Microsoft Office Compatibility Pack Service Pack 3, Microsoft Excel Web App 2013 Service Pack 1, Microsoft Excel Viewer 2007 Service Pack 3, and Office Online Server when they fail to properly handle objects in memory, aka... | Excel, Excel_viewer, Excel_web_app, Office_compatibility_pack, Office_online_server, Office_web_apps | 7.8 | ||
| 2019-06-12 | CVE-2019-1035 | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1034. | Office, Office_365_proplus, Office_online_server, Sharepoint_server | 7.8 |