Show filters
1,839 Total Results
Displaying 31-40 of 1,839
Sort by:
Attacker Value
High
CVE-2023-28311
Disclosure Date: April 11, 2023 (last updated January 11, 2025)
Microsoft Word Remote Code Execution Vulnerability
1
Attacker Value
High
CVE-2022-21840
Disclosure Date: January 11, 2022 (last updated December 21, 2023)
Microsoft Office Remote Code Execution Vulnerability
1
Attacker Value
Unknown
CVE-2019-18187
Disclosure Date: October 28, 2019 (last updated November 27, 2024)
Trend Micro OfficeScan versions 11.0 and XG (12.0) could be exploited by an attacker utilizing a directory traversal vulnerability to extract files from an arbitrary zip file to a specific folder on the OfficeScan server, which could potentially lead to remote code execution (RCE). The remote process execution is bound to a web service account, which depending on the web platform used may have restricted permissions. An attempted attack requires user authentication.
1
Attacker Value
Unknown
CVE-2017-11826
Disclosure Date: October 13, 2017 (last updated July 17, 2024)
Microsoft Office 2010, SharePoint Enterprise Server 2010, SharePoint Server 2010, Web Applications, Office Web Apps Server 2010 and 2013, Word Viewer, Word 2007, 2010, 2013 and 2016, Word Automation Services, and Office Online Server allow remote code execution when the software fails to properly handle objects in memory.
1
Attacker Value
Unknown
CVE-2017-0261
Disclosure Date: May 12, 2017 (last updated July 17, 2024)
Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0262 and CVE-2017-0281.
1
Attacker Value
Unknown
CVE-2017-0262
Disclosure Date: May 12, 2017 (last updated February 12, 2025)
Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0261 and CVE-2017-0281.
1
Attacker Value
Unknown
CVE-2016-7193
Disclosure Date: October 14, 2016 (last updated July 25, 2024)
Microsoft Word 2007 SP2, Office 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, Office Web Apps Server 2013 SP1, and Office Online Server allow remote attackers to execute arbitrary code via a crafted RTF document, aka "Microsoft Office Memory Corruption Vulnerability."
1
Attacker Value
Very High
CVE-2015-1641
Disclosure Date: April 14, 2015 (last updated July 25, 2024)
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, and Office Web Apps Server 2010 SP2 and 2013 SP1 allow remote attackers to execute arbitrary code via a crafted RTF document, aka "Microsoft Office Memory Corruption Vulnerability."
1
Attacker Value
Unknown
CVE-2014-4077
Disclosure Date: November 11, 2014 (last updated June 29, 2024)
Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Office 2007 SP3, when IMJPDCT.EXE (aka IME for Japanese) is installed, allow remote attackers to bypass a sandbox protection mechanism via a crafted PDF document, aka "Microsoft IME (Japanese) Elevation of Privilege Vulnerability," as exploited in the wild in 2014.
1
Attacker Value
Unknown
CVE-2025-21186
Disclosure Date: January 14, 2025 (last updated January 28, 2025)
Microsoft Access Remote Code Execution Vulnerability
1
