Office Online Server
by Microsoft
CVEs (185)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-17123 | 0.01 | — | 0.04 | Dec 9, 2020 | Microsoft Excel Remote Code Execution Vulnerability | |||
| CVE-2020-17064 | 0.01 | — | 0.03 | Nov 11, 2020 | Microsoft Excel Remote Code Execution Vulnerability | |||
| CVE-2020-17065 | 0.01 | — | 0.04 | Nov 11, 2020 | Microsoft Excel Remote Code Execution Vulnerability | |||
| CVE-2020-16932 | 0.01 | — | 0.04 | Oct 16, 2020 | A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is… | |||
| CVE-2020-16931 | 0.01 | — | 0.04 | Oct 16, 2020 | A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is… | |||
| CVE-2020-16929 | 0.01 | — | 0.03 | Oct 16, 2020 | A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is… | |||
| CVE-2020-1338 | 0.01 | — | 0.04 | Sep 11, 2020 | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current… | |||
| CVE-2020-1335 | 0.01 | — | 0.04 | Sep 11, 2020 | A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is… | |||
| CVE-2020-1218 | 0.01 | — | 0.04 | Sep 11, 2020 | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current… | |||
| CVE-2019-1446 | 0.01 | — | 0.08 | Nov 12, 2019 | An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'. | |||
| CVE-2019-1205 | 0.01 | — | 0.04 | Aug 14, 2019 | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.… | |||
| CVE-2019-1201 | 0.01 | — | 0.05 | Aug 14, 2019 | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.… | |||
| CVE-2019-1035 | 0.01 | — | 0.07 | Jun 12, 2019 | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.… | |||
| CVE-2019-1034 | 0.01 | — | 0.05 | Jun 12, 2019 | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.… | |||
| CVE-2026-26109 | 0.00 | — | 0.00 | Mar 10, 2026 | Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||
| CVE-2026-26108 | 0.00 | — | 0.00 | Mar 10, 2026 | Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||
| CVE-2026-26107 | 0.00 | — | 0.00 | Mar 10, 2026 | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||
| CVE-2026-26112 | 0.00 | — | 0.00 | Mar 10, 2026 | Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||
| CVE-2026-21261 | 0.00 | — | 0.01 | Feb 10, 2026 | Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | |||
| CVE-2026-21258 | 0.00 | — | 0.01 | Feb 10, 2026 | Improper input validation in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. |
- CVE-2020-17123Dec 9, 2020risk 0.01cvss —epss 0.04
Microsoft Excel Remote Code Execution Vulnerability
- CVE-2020-17064Nov 11, 2020risk 0.01cvss —epss 0.03
Microsoft Excel Remote Code Execution Vulnerability
- CVE-2020-17065Nov 11, 2020risk 0.01cvss —epss 0.04
Microsoft Excel Remote Code Execution Vulnerability
- CVE-2020-16932Oct 16, 2020risk 0.01cvss —epss 0.04
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is…
- CVE-2020-16931Oct 16, 2020risk 0.01cvss —epss 0.04
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is…
- CVE-2020-16929Oct 16, 2020risk 0.01cvss —epss 0.03
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is…
- CVE-2020-1338Sep 11, 2020risk 0.01cvss —epss 0.04
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current…
- CVE-2020-1335Sep 11, 2020risk 0.01cvss —epss 0.04
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is…
- CVE-2020-1218Sep 11, 2020risk 0.01cvss —epss 0.04
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current…
- CVE-2019-1446Nov 12, 2019risk 0.01cvss —epss 0.08
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.
- CVE-2019-1205Aug 14, 2019risk 0.01cvss —epss 0.04
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.…
- CVE-2019-1201Aug 14, 2019risk 0.01cvss —epss 0.05
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.…
- CVE-2019-1035Jun 12, 2019risk 0.01cvss —epss 0.07
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.…
- CVE-2019-1034Jun 12, 2019risk 0.01cvss —epss 0.05
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.…
- CVE-2026-26109Mar 10, 2026risk 0.00cvss —epss 0.00
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2026-26108Mar 10, 2026risk 0.00cvss —epss 0.00
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2026-26107Mar 10, 2026risk 0.00cvss —epss 0.00
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2026-26112Mar 10, 2026risk 0.00cvss —epss 0.00
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2026-21261Feb 10, 2026risk 0.00cvss —epss 0.01
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
- CVE-2026-21258Feb 10, 2026risk 0.00cvss —epss 0.01
Improper input validation in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
Page 5 of 10