Excel
by Microsoft
CVEs (425)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-3029 | 0.02 | — | 0.31 | Jul 10, 2007 | Unspecified vulnerability in Microsoft Excel 2002 SP3 and 2003 SP2 allows user-assisted remote attackers to execute arbitrary code via a malformed Excel file containing multiple active worksheets, which results in memory corruption. | |||
| CVE-2007-3030 | 0.02 | — | 0.25 | Jul 10, 2007 | Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows user-assisted remote attackers to execute arbitrary code via a malformed Excel file involving the "denoting [of] the start of a Workspace designation", which results in memory corruption, aka the "Workbook… | |||
| CVE-2007-1214 | 0.02 | — | 0.28 | May 8, 2007 | Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a crafted AutoFilter filter record in an Excel BIFF8 format XLS file, which triggers memory corruption. | |||
| CVE-2007-1203 | 0.02 | — | 0.31 | May 8, 2007 | Unspecified vulnerability in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, 2004 for Mac, and 2007 allows user-assisted remote attackers to execute arbitrary code via a crafted set font value in an Excel file, which results in memory corruption. | |||
| CVE-2007-0029 | 0.02 | — | 0.30 | Jan 9, 2007 | Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a malformed string, aka "Excel Malformed String Vulnerability." | |||
| CVE-2007-0027 | 0.02 | — | 0.31 | Jan 9, 2007 | Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via malformed IMDATA records that trigger memory corruption. | |||
| CVE-2004-0846 | 0.02 | — | 0.28 | Nov 3, 2004 | Unknown vulnerability in Microsoft Excel 2000, 2002, 2001 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via a malicious file containing certain parameters that are not properly validated. | |||
| CVE-2003-0821 | 0.02 | — | 0.19 | Dec 15, 2003 | Microsoft Excel 97, 2000, and 2002 allows remote attackers to execute arbitrary code via a spreadsheet with a malicious XLM (Excel 4) macro that bypasses the macro security model. | |||
| CVE-2000-0419 | 0.02 | — | 0.21 | May 11, 2000 | The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability. | |||
| CVE-2024-43504 | 0.01 | — | 0.06 | Oct 8, 2024 | Microsoft Excel Remote Code Execution Vulnerability | |||
| CVE-2021-38655 | 0.01 | — | 0.05 | Sep 15, 2021 | Microsoft Excel Remote Code Execution Vulnerability | |||
| CVE-2021-34501 | 0.01 | — | 0.53 | Jul 14, 2021 | Microsoft Excel Remote Code Execution Vulnerability | |||
| CVE-2021-31939 | 0.01 | — | 0.13 | Jun 8, 2021 | Microsoft Excel Remote Code Execution Vulnerability | |||
| CVE-2021-31179 | 0.01 | — | 0.13 | May 11, 2021 | Microsoft Office Remote Code Execution Vulnerability | |||
| CVE-2021-31177 | 0.01 | — | 0.03 | May 11, 2021 | Microsoft Office Remote Code Execution Vulnerability | |||
| CVE-2021-31175 | 0.01 | — | 0.03 | May 11, 2021 | Microsoft Office Remote Code Execution Vulnerability | |||
| CVE-2021-28454 | 0.01 | — | 0.03 | Apr 13, 2021 | Microsoft Excel Remote Code Execution Vulnerability | |||
| CVE-2021-28456 | 0.01 | — | 0.04 | Apr 13, 2021 | Microsoft Excel Information Disclosure Vulnerability | |||
| CVE-2021-28453 | 0.01 | — | 0.04 | Apr 13, 2021 | Microsoft Word Remote Code Execution Vulnerability | |||
| CVE-2021-28451 | 0.01 | — | 0.02 | Apr 13, 2021 | Microsoft Excel Remote Code Execution Vulnerability |
- CVE-2007-3029Jul 10, 2007risk 0.02cvss —epss 0.31
Unspecified vulnerability in Microsoft Excel 2002 SP3 and 2003 SP2 allows user-assisted remote attackers to execute arbitrary code via a malformed Excel file containing multiple active worksheets, which results in memory corruption.
- CVE-2007-3030Jul 10, 2007risk 0.02cvss —epss 0.25
Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows user-assisted remote attackers to execute arbitrary code via a malformed Excel file involving the "denoting [of] the start of a Workspace designation", which results in memory corruption, aka the "Workbook…
- CVE-2007-1214May 8, 2007risk 0.02cvss —epss 0.28
Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a crafted AutoFilter filter record in an Excel BIFF8 format XLS file, which triggers memory corruption.
- CVE-2007-1203May 8, 2007risk 0.02cvss —epss 0.31
Unspecified vulnerability in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, 2004 for Mac, and 2007 allows user-assisted remote attackers to execute arbitrary code via a crafted set font value in an Excel file, which results in memory corruption.
- CVE-2007-0029Jan 9, 2007risk 0.02cvss —epss 0.30
Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a malformed string, aka "Excel Malformed String Vulnerability."
- CVE-2007-0027Jan 9, 2007risk 0.02cvss —epss 0.31
Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via malformed IMDATA records that trigger memory corruption.
- CVE-2004-0846Nov 3, 2004risk 0.02cvss —epss 0.28
Unknown vulnerability in Microsoft Excel 2000, 2002, 2001 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via a malicious file containing certain parameters that are not properly validated.
- CVE-2003-0821Dec 15, 2003risk 0.02cvss —epss 0.19
Microsoft Excel 97, 2000, and 2002 allows remote attackers to execute arbitrary code via a spreadsheet with a malicious XLM (Excel 4) macro that bypasses the macro security model.
- CVE-2000-0419May 11, 2000risk 0.02cvss —epss 0.21
The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability.
- CVE-2024-43504Oct 8, 2024risk 0.01cvss —epss 0.06
Microsoft Excel Remote Code Execution Vulnerability
- CVE-2021-38655Sep 15, 2021risk 0.01cvss —epss 0.05
Microsoft Excel Remote Code Execution Vulnerability
- CVE-2021-34501Jul 14, 2021risk 0.01cvss —epss 0.53
Microsoft Excel Remote Code Execution Vulnerability
- CVE-2021-31939Jun 8, 2021risk 0.01cvss —epss 0.13
Microsoft Excel Remote Code Execution Vulnerability
- CVE-2021-31179May 11, 2021risk 0.01cvss —epss 0.13
Microsoft Office Remote Code Execution Vulnerability
- CVE-2021-31177May 11, 2021risk 0.01cvss —epss 0.03
Microsoft Office Remote Code Execution Vulnerability
- CVE-2021-31175May 11, 2021risk 0.01cvss —epss 0.03
Microsoft Office Remote Code Execution Vulnerability
- CVE-2021-28454Apr 13, 2021risk 0.01cvss —epss 0.03
Microsoft Excel Remote Code Execution Vulnerability
- CVE-2021-28456Apr 13, 2021risk 0.01cvss —epss 0.04
Microsoft Excel Information Disclosure Vulnerability
- CVE-2021-28453Apr 13, 2021risk 0.01cvss —epss 0.04
Microsoft Word Remote Code Execution Vulnerability
- CVE-2021-28451Apr 13, 2021risk 0.01cvss —epss 0.02
Microsoft Excel Remote Code Execution Vulnerability
Page 13 of 22