Filtered by vendor Microsoft
Subscriptions
Filtered by product Office Web Apps
Subscriptions
Total
106 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-1289 | 1 Microsoft | 5 Groove Server, Infopath, Office Web Apps and 2 more | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1, Groove Server 2010 SP1, SharePoint Foundation 2010 SP1, and Office Web Apps 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted string, aka "HTML Sanitization Vulnerability." | ||||
| CVE-2013-1315 | 1 Microsoft | 9 Excel, Excel Viewer, Office and 6 more | 2025-04-11 | N/A |
| Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." | ||||
| CVE-2013-1330 | 1 Microsoft | 5 Office Web Apps, Sharepoint Foundation, Sharepoint Portal Server and 2 more | 2025-04-11 | N/A |
| The default configuration of Microsoft SharePoint Portal Server 2003 SP3, SharePoint Server 2007 SP3 and 2010 SP1 and SP2, and Office Web Apps 2010 does not set the EnableViewStateMac attribute, which allows remote attackers to execute arbitrary code by leveraging an unassigned workflow, aka "MAC Disabled Vulnerability." | ||||
| CVE-2014-0260 | 1 Microsoft | 6 Office Compatibility Pack, Office Web Apps, Office Web Apps Server and 3 more | 2025-04-11 | N/A |
| Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office Compatibility Pack SP3; Word Viewer; SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Office Web Apps Server 2013 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability." | ||||
| CVE-2023-21716 | 1 Microsoft | 8 Office, Office Long Term Servicing Channel, Office Online Server and 5 more | 2025-02-28 | 9.8 Critical |
| Microsoft Word Remote Code Execution Vulnerability | ||||
| CVE-2022-22716 | 1 Microsoft | 8 365 Apps, Excel, Office and 5 more | 2025-01-02 | 5.5 Medium |
| Microsoft Excel Information Disclosure Vulnerability | ||||
| CVE-2022-21840 | 1 Microsoft | 10 365 Apps, Excel, Office and 7 more | 2025-01-02 | 8.8 High |
| Microsoft Office Remote Code Execution Vulnerability | ||||
| CVE-2021-43256 | 1 Microsoft | 8 365 Apps, Excel, Excel Rt and 5 more | 2024-11-21 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2021-38655 | 1 Microsoft | 6 365 Apps, Excel, Office and 3 more | 2024-11-21 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2021-28453 | 1 Microsoft | 8 365 Apps, Excel, Office and 5 more | 2024-11-21 | 7.8 High |
| Microsoft Word Remote Code Execution Vulnerability | ||||
| CVE-2021-27057 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2024-11-21 | 7.8 High |
| Microsoft Office Remote Code Execution Vulnerability | ||||
| CVE-2021-27054 | 1 Microsoft | 6 365 Apps, Excel, Office and 3 more | 2024-11-21 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2021-27053 | 1 Microsoft | 6 365 Apps, Excel, Office and 3 more | 2024-11-21 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2021-24070 | 1 Microsoft | 6 365 Apps, Excel, Office and 3 more | 2024-11-21 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2021-24069 | 1 Microsoft | 6 365 Apps, Excel, Office and 3 more | 2024-11-21 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2021-24068 | 1 Microsoft | 3 Excel, Office Web Apps, Office Web Apps Server | 2024-11-21 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2021-24067 | 1 Microsoft | 6 365 Apps, Excel, Office and 3 more | 2024-11-21 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2021-1716 | 1 Microsoft | 9 365 Apps, Excel, Office and 6 more | 2024-11-21 | 7.8 High |
| Microsoft Word Remote Code Execution Vulnerability | ||||
| CVE-2021-1715 | 1 Microsoft | 9 365 Apps, Excel, Office and 6 more | 2024-11-21 | 7.8 High |
| Microsoft Word Remote Code Execution Vulnerability | ||||
| CVE-2020-1503 | 1 Microsoft | 8 365 Apps, Excel, Office and 5 more | 2024-11-21 | 5.5 Medium |
| An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerability, an attacker could craft a special document file and then convince the user to open it. An attacker must know the memory address location where the object was created. The update addresses the vulnerability by changing the way certain Word functions handle objects in memory. | ||||