Microsoft: >> Office Online Server >> 16.0.10416.20058 Security Vulnerabilities
Release of invalid pointer or reference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-05-13
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-05-13
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-05-13
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-05-13
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-05-13
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-05-13
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1327.
CVSS Score
8.8
EPSS Score
0.327
Published
2019-10-10
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft PowerPoint, Microsoft SharePoint, Microsoft PowerPoint Viewer, Office Online Server, Microsoft SharePoint Server.
CVSS Score
7.8
EPSS Score
0.313
Published
2018-12-12
A remote code execution vulnerability exists in Microsoft PowerPoint 2016, Microsoft SharePoint Enterprise Server 2016, and Office Online Server when they fail to properly handle objects in memory, aka "PowerPoint Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8742.
CVSS Score
7.8
EPSS Score
0.324
Published
2017-09-13
A remote code execution vulnerability exists in Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Web Apps 2013, Microsoft Office Compatibility Pack Service Pack 3, Microsoft Excel Web App 2013 Service Pack 1, Microsoft Excel Viewer 2007 Service Pack 3, and Office Online Server when they fail to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8630, CVE-2017-8632, and CVE-2017-8744.
CVSS Score
7.8
EPSS Score
0.214
Published
2017-09-13