Show filters
15 Total Results
Displaying 1-10 of 15
Sort by:
Attacker Value
Moderate

CVE-2023-33140

Disclosure Date: June 14, 2023 (last updated January 11, 2025)
Microsoft OneNote Spoofing Vulnerability
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
2
1
Attacker Value
Unknown

CVE-2023-21721

Disclosure Date: February 14, 2023 (last updated January 11, 2025)
Microsoft OneNote Elevation of Privilege Vulnerability
Attack Vector: NetworkPrivileges: LowUser Interaction: None
1
0
Attacker Value
Unknown

CVE-2025-21402

Disclosure Date: January 14, 2025 (last updated January 28, 2025)
Microsoft Office OneNote Remote Code Execution Vulnerability
Attack Vector: LocalPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2024-41159

Disclosure Date: December 18, 2024 (last updated December 19, 2024)
A library injection vulnerability exists in Microsoft OneNote 16.83 for macOS. A specially crafted library can leverage OneNote's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions.
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-36769

Disclosure Date: November 06, 2023 (last updated November 15, 2023)
Microsoft OneNote Spoofing Vulnerability
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2017-8509

Disclosure Date: June 15, 2017 (last updated November 26, 2024)
A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, CVE-2017-0260, and CVE-2017-8506.
0
0
Attacker Value
Unknown

CVE-2017-0197

Disclosure Date: April 12, 2017 (last updated November 26, 2024)
Microsoft OneNote 2007 SP3 and Microsoft OneNote 2010 SP2 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office DLL Loading Vulnerability."
0
0
Attacker Value
Unknown

CVE-2016-3315

Disclosure Date: August 09, 2016 (last updated November 25, 2024)
Microsoft OneNote 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, and 2016 for Mac allow remote attackers to obtain sensitive information via a crafted OneNote file, aka "Microsoft OneNote Information Disclosure Vulnerability."
0
0
Attacker Value
Unknown

CVE-2015-2503

Disclosure Date: November 11, 2015 (last updated October 05, 2023)
Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 SP2, OneNote 2010 SP2, PowerPoint 2010 SP2, Project 2010 SP2, Publisher 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Pinyin IME 2010, Access 2013 SP1, Excel 2013 SP1, InfoPath 2013 SP1, OneNote 2013 SP1, PowerPoint 2013 SP1, Project 2013 SP1, Publisher 2013 SP1, Visio 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, OneNote 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Access 2016, Excel 2016, OneNote 2016, PowerPoint 2016, Project 2016, Publisher 2016, Visio 2016, Word 2016, Skype for Business 2016, and Lync 2013 SP1 allow remote attackers to bypass a sandbox protection mechanism and gain privileges via a crafted web site that is accessed with Internet Explorer, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "M…
0
0
Attacker Value
Unknown

CVE-2014-2815

Disclosure Date: August 12, 2014 (last updated October 05, 2023)
Microsoft OneNote 2007 SP3 allows remote attackers to execute arbitrary code via a crafted OneNote file that triggers creation of an executable file in a startup folder, aka "OneNote Remote Code Execution Vulnerability."
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
View More Topics  Next >