Onenote
by Microsoft
CVEs (20)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-0671 | Hig | 0.73 | 8.8 | 0.42 | KEV | Feb 3, 2007 | Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks. | |
| CVE-2014-2815 | Hig | 0.61 | 8.8 | 0.44 | Aug 12, 2014 | Microsoft OneNote 2007 SP3 allows remote attackers to execute arbitrary code via a crafted OneNote file that triggers creation of an executable file in a startup folder, aka "OneNote Remote Code Execution Vulnerability." | ||
| CVE-2017-8509 | Hig | 0.59 | 8.8 | 0.18 | Jun 15, 2017 | A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, CVE-2017-0260, and… | ||
| CVE-2017-0197 | Hig | 0.52 | 7.8 | 0.19 | Apr 12, 2017 | Microsoft OneNote 2007 SP3 and Microsoft OneNote 2010 SP2 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office DLL Loading Vulnerability." | ||
| CVE-2025-21402 | Hig | 0.51 | 7.8 | 0.01 | Jan 14, 2025 | Microsoft Office OneNote Remote Code Execution Vulnerability | ||
| CVE-2026-26133 | Hig | 0.46 | 7.1 | 0.00 | Mar 16, 2026 | AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2016-3315 | Med | 0.38 | 5.5 | 0.30 | Aug 9, 2016 | Microsoft OneNote 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, and 2016 for Mac allow remote attackers to obtain sensitive information via a crafted OneNote file, aka "Microsoft OneNote Information Disclosure Vulnerability." | ||
| CVE-2004-0200 | 0.07 | — | 0.49 | Sep 28, 2004 | Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length… | |||
| CVE-2008-3007 | 0.03 | — | 0.32 | Sep 11, 2008 | Argument injection vulnerability in a URI handler in Microsoft Office XP SP3, 2003 SP2 and SP3, 2007 Office System Gold and SP1, and Office OneNote 2007 Gold and SP1 allow remote attackers to execute arbitrary code via a crafted onenote:// URL, aka "Uniform Resource Locator… | |||
| CVE-2013-0086 | 0.02 | — | 0.24 | Mar 13, 2013 | Microsoft OneNote 2010 SP1 does not properly determine buffer sizes during memory allocation, which allows remote attackers to obtain sensitive information via a crafted OneNote file, aka "Buffer Size Validation Vulnerability." | |||
| CVE-2022-44691 | 0.01 | — | 0.01 | Dec 13, 2022 | Microsoft Office OneNote Remote Code Execution Vulnerability | |||
| CVE-2015-2503 | 0.01 | — | 0.17 | Nov 11, 2015 | Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 SP2, OneNote 2010 SP2,… | |||
| CVE-2008-3068 | 0.01 | — | 0.17 | Jul 7, 2008 | Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail message or (2) signed document, which allows… | |||
| CVE-2006-3877 | 0.01 | — | 0.12 | Oct 10, 2006 | Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435,… | |||
| CVE-2025-29822 | 0.00 | — | 0.01 | Apr 8, 2025 | Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker to bypass a security feature locally. | |||
| CVE-2024-41159 | 0.00 | — | 0.01 | Dec 18, 2024 | A library injection vulnerability exists in Microsoft OneNote 16.83 for macOS. A specially crafted library can leverage OneNote's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability… | |||
| CVE-2024-21384 | 0.00 | — | 0.01 | Feb 13, 2024 | Microsoft Office OneNote Remote Code Execution Vulnerability | |||
| CVE-2023-36769 | 0.00 | — | 0.00 | Nov 6, 2023 | Microsoft OneNote Spoofing Vulnerability | |||
| CVE-2023-33140 | 0.00 | — | 0.02 | Jun 13, 2023 | Microsoft OneNote Spoofing Vulnerability | |||
| CVE-2023-21721 | 0.00 | — | 0.01 | Feb 14, 2023 | Microsoft OneNote Elevation of Privilege Vulnerability |
- risk 0.73cvss 8.8epss 0.42
Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks.
- risk 0.61cvss 8.8epss 0.44
Microsoft OneNote 2007 SP3 allows remote attackers to execute arbitrary code via a crafted OneNote file that triggers creation of an executable file in a startup folder, aka "OneNote Remote Code Execution Vulnerability."
- risk 0.59cvss 8.8epss 0.18
A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, CVE-2017-0260, and…
- risk 0.52cvss 7.8epss 0.19
Microsoft OneNote 2007 SP3 and Microsoft OneNote 2010 SP2 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office DLL Loading Vulnerability."
- risk 0.51cvss 7.8epss 0.01
Microsoft Office OneNote Remote Code Execution Vulnerability
- risk 0.46cvss 7.1epss 0.00
AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.
- risk 0.38cvss 5.5epss 0.30
Microsoft OneNote 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, and 2016 for Mac allow remote attackers to obtain sensitive information via a crafted OneNote file, aka "Microsoft OneNote Information Disclosure Vulnerability."
- CVE-2004-0200Sep 28, 2004risk 0.07cvss —epss 0.49
Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length…
- CVE-2008-3007Sep 11, 2008risk 0.03cvss —epss 0.32
Argument injection vulnerability in a URI handler in Microsoft Office XP SP3, 2003 SP2 and SP3, 2007 Office System Gold and SP1, and Office OneNote 2007 Gold and SP1 allow remote attackers to execute arbitrary code via a crafted onenote:// URL, aka "Uniform Resource Locator…
- CVE-2013-0086Mar 13, 2013risk 0.02cvss —epss 0.24
Microsoft OneNote 2010 SP1 does not properly determine buffer sizes during memory allocation, which allows remote attackers to obtain sensitive information via a crafted OneNote file, aka "Buffer Size Validation Vulnerability."
- CVE-2022-44691Dec 13, 2022risk 0.01cvss —epss 0.01
Microsoft Office OneNote Remote Code Execution Vulnerability
- CVE-2015-2503Nov 11, 2015risk 0.01cvss —epss 0.17
Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 SP2, OneNote 2010 SP2,…
- CVE-2008-3068Jul 7, 2008risk 0.01cvss —epss 0.17
Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail message or (2) signed document, which allows…
- CVE-2006-3877Oct 10, 2006risk 0.01cvss —epss 0.12
Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435,…
- CVE-2025-29822Apr 8, 2025risk 0.00cvss —epss 0.01
Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker to bypass a security feature locally.
- CVE-2024-41159Dec 18, 2024risk 0.00cvss —epss 0.01
A library injection vulnerability exists in Microsoft OneNote 16.83 for macOS. A specially crafted library can leverage OneNote's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability…
- CVE-2024-21384Feb 13, 2024risk 0.00cvss —epss 0.01
Microsoft Office OneNote Remote Code Execution Vulnerability
- CVE-2023-36769Nov 6, 2023risk 0.00cvss —epss 0.00
Microsoft OneNote Spoofing Vulnerability
- CVE-2023-33140Jun 13, 2023risk 0.00cvss —epss 0.02
Microsoft OneNote Spoofing Vulnerability
- CVE-2023-21721Feb 14, 2023risk 0.00cvss —epss 0.01
Microsoft OneNote Elevation of Privilege Vulnerability