Export limit exceeded: 325294 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (1255 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-1889 | 1 Microsoft | 15 Expression Web, Groove, Groove Server and 12 more | 2025-07-30 | 8.8 High |
| Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | ||||
| CVE-2012-1856 | 1 Microsoft | 7 Commerce Server, Host Integration Server, Office and 4 more | 2025-07-30 | 8.8 High |
| The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office 2003 SP3, Office 2003 Web Components SP3, Office 2007 SP2 and SP3, Office 2010 SP1, SQL Server 2000 SP4, SQL Server 2005 SP4, SQL Server 2008 SP2, SP3, R2, R2 SP1, and R2 SP2, Commerce Server 2002 SP4, Commerce Server 2007 SP2, Commerce Server 2009 Gold and R2, Host Integration Server 2004 SP1, Visual FoxPro 8.0 SP1, Visual FoxPro 9.0 SP2, and Visual Basic 6.0 Runtime allows remote attackers to execute arbitrary code via a crafted (1) document or (2) web page that triggers system-state corruption, aka "MSCOMCTL.OCX RCE Vulnerability." | ||||
| CVE-2014-1761 | 1 Microsoft | 7 Office, Office Compatibility Pack, Office Web Apps and 4 more | 2025-07-30 | 7.8 High |
| Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Word Viewer; Office Compatibility Pack SP3; Office for Mac 2011; Word Automation Services on SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Office Web Apps Server 2013 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, as exploited in the wild in March 2014. | ||||
| CVE-2014-4077 | 1 Microsoft | 5 Office 2007 Ime, Windows 7, Windows Server 2003 and 2 more | 2025-07-30 | 7.8 High |
| Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Office 2007 SP3, when IMJPDCT.EXE (aka IME for Japanese) is installed, allow remote attackers to bypass a sandbox protection mechanism via a crafted PDF document, aka "Microsoft IME (Japanese) Elevation of Privilege Vulnerability," as exploited in the wild in 2014. | ||||
| CVE-2015-1642 | 1 Microsoft | 1 Office | 2025-07-30 | 7.8 High |
| Microsoft Office 2007 SP3, 2010 SP2, and 2013 SP1 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." | ||||
| CVE-2015-2545 | 1 Microsoft | 1 Office | 2025-07-30 | 7.8 High |
| Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted EPS image, aka "Microsoft Office Malformed EPS File Vulnerability." | ||||
| CVE-2016-7193 | 1 Microsoft | 4 Office, Office Compatibility Pack, Word and 1 more | 2025-07-30 | 7.8 High |
| Microsoft Word 2007 SP2, Office 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, Office Web Apps Server 2013 SP1, and Office Online Server allow remote attackers to execute arbitrary code via a crafted RTF document, aka "Microsoft Office Memory Corruption Vulnerability." | ||||
| CVE-2017-0261 | 1 Microsoft | 1 Office | 2025-07-30 | 7.8 High |
| Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0262 and CVE-2017-0281. | ||||
| CVE-2017-11826 | 1 Microsoft | 7 Office Compatibility Pack, Office Online Server, Office Web Apps Server and 4 more | 2025-07-30 | 7.8 High |
| Microsoft Office 2010, SharePoint Enterprise Server 2010, SharePoint Server 2010, Web Applications, Office Web Apps Server 2010 and 2013, Word Viewer, Word 2007, 2010, 2013 and 2016, Word Automation Services, and Office Online Server allow remote code execution when the software fails to properly handle objects in memory. | ||||
| CVE-2018-0802 | 1 Microsoft | 3 Office, Office Compatibility Pack, Word | 2025-07-30 | 7.8 High |
| Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797 and CVE-2018-0812. | ||||
| CVE-2019-0541 | 1 Microsoft | 18 Excel Viewer, Internet Explorer, Office and 15 more | 2025-07-30 | 8.8 High |
| A remote code execution vulnerability exists in the way that the MSHTML engine inproperly validates input, aka "MSHTML Engine Remote Code Execution Vulnerability." This affects Microsoft Office, Microsoft Office Word Viewer, Internet Explorer 9, Internet Explorer 11, Microsoft Excel Viewer, Internet Explorer 10, Office 365 ProPlus. | ||||
| CVE-2019-1297 | 1 Microsoft | 3 Excel, Office, Office 365 Proplus | 2025-07-30 | 8.8 High |
| A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. | ||||
| CVE-2019-18187 | 2 Microsoft, Trendmicro | 2 Windows, Officescan | 2025-07-30 | 7.5 High |
| Trend Micro OfficeScan versions 11.0 and XG (12.0) could be exploited by an attacker utilizing a directory traversal vulnerability to extract files from an arbitrary zip file to a specific folder on the OfficeScan server, which could potentially lead to remote code execution (RCE). The remote process execution is bound to a web service account, which depending on the web platform used may have restricted permissions. An attempted attack requires user authentication. | ||||
| CVE-2021-27059 | 1 Microsoft | 2 Excel, Office | 2025-07-30 | 7.6 High |
| Microsoft Office Remote Code Execution Vulnerability | ||||
| CVE-2021-42292 | 1 Microsoft | 4 365 Apps, Excel, Office and 1 more | 2025-07-30 | 7.8 High |
| Microsoft Excel Security Feature Bypass Vulnerability | ||||
| CVE-2022-44713 | 1 Microsoft | 4 Office, Office 2019, Office Long Term Servicing Channel and 1 more | 2025-07-22 | 7.5 High |
| Microsoft Outlook for Mac Spoofing Vulnerability | ||||
| CVE-2022-44695 | 1 Microsoft | 7 365 Apps, Office, Office 2019 and 4 more | 2025-07-22 | 7.8 High |
| Microsoft Office Visio Remote Code Execution Vulnerability | ||||
| CVE-2022-44694 | 1 Microsoft | 4 365 Apps, Office, Office 2019 and 1 more | 2025-07-22 | 7.8 High |
| Microsoft Office Visio Remote Code Execution Vulnerability | ||||
| CVE-2022-44692 | 1 Microsoft | 6 365 Apps, Office, Office 2019 and 3 more | 2025-07-22 | 7.8 High |
| Microsoft Office Graphics Remote Code Execution Vulnerability | ||||
| CVE-2024-30104 | 1 Microsoft | 2 365 Apps, Office | 2025-07-16 | 7.8 High |
| Microsoft Office Remote Code Execution Vulnerability | ||||