Vulnerabilities (CVE)

Filtered by vendor Microsoft Subscribe
Filtered by product Excel
Total 342 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-3233 1 Microsoft 2 Excel, Office Compatibility Pack 2025-04-12 9.3 HIGH 7.3 HIGH
Microsoft Excel 2007 SP3, Excel 2010 SP2, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
CVE-2015-6040 1 Microsoft 4 Excel, Excel For Mac, Excel Viewer and 1 more 2025-04-12 9.3 HIGH N/A
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
CVE-2015-2423 1 Microsoft 15 Excel, Internet Explorer, Office and 12 more 2025-04-12 4.3 MEDIUM N/A
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Visio 2013 RT SP1, Word 2013 RT SP1, and Internet Explorer 7 through 11 allow remote attackers to gain privileges and obtain sensitive information via a crafted command-line parameter to an Office application or Notepad, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Unsafe Command Line Parameter Passing Vulnerability."
CVE-2016-3359 1 Microsoft 3 Excel, Excel Viewer, Office Compatibility Pack 2025-04-12 9.3 HIGH 7.8 HIGH
Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
CVE-2015-2523 1 Microsoft 3 Excel, Excel Viewer, Office Compatibility Pack 2025-04-12 9.3 HIGH N/A
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel for Mac 2011 and 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
CVE-2016-3363 1 Microsoft 3 Excel, Excel Viewer, Office Compatibility Pack 2025-04-12 9.3 HIGH 7.8 HIGH
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3381.
CVE-2016-0122 1 Microsoft 4 Excel, Excel Viewer, Office Compatibility Pack and 1 more 2025-04-12 9.3 HIGH 7.8 HIGH
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Word 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
CVE-2015-6038 1 Microsoft 5 Excel, Excel For Mac, Excel Viewer and 2 more 2025-04-12 9.3 HIGH N/A
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3, 2010 SP2, and 2013 SP1 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
CVE-2016-3362 1 Microsoft 5 Excel, Excel Viewer, Office Compatibility Pack and 2 more 2025-04-12 9.3 HIGH 7.8 HIGH
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Automation Services on SharePoint Server 2013 SP1, and Office Online Server allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3365.
CVE-2016-3279 1 Microsoft 9 Excel, Excel Rt, Office and 6 more 2025-04-12 4.3 MEDIUM 5.5 MEDIUM
Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Excel 2016, Word 2016, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted XLA file, aka "Microsoft Office Remote Code Execution Vulnerability."
CVE-2016-7267 1 Microsoft 1 Excel 2025-04-12 4.3 MEDIUM 5.5 MEDIUM
Microsoft Excel 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 misparses file formats, which makes it easier for remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Security Feature Bypass Vulnerability."
CVE-2016-7213 1 Microsoft 3 Excel, Excel For Mac, Office Compatibility Pack 2025-04-12 9.3 HIGH 7.8 HIGH
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
CVE-2010-0823 1 Microsoft 5 Excel, Office, Office Compatibility Pack and 2 more 2025-04-11 9.3 HIGH N/A
Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2003 SP3, 2007 SP1 and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; allows remote attackers to execute arbitrary code via a crafted Excel file, aka "Excel Memory Corruption Vulnerability," a different vulnerability than CVE-2010-1247 and CVE-2010-1249.
CVE-2010-3231 1 Microsoft 3 Excel, Office, Open Xml File Format Converter 2025-04-11 9.3 HIGH N/A
Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Excel Record Parsing Memory Corruption Vulnerability."
CVE-2011-1278 1 Microsoft 2 Excel, Office 2025-04-11 9.3 HIGH N/A
Microsoft Excel 2002 SP3 and Office 2004 for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel WriteAV Vulnerability."
CVE-2011-1989 1 Microsoft 7 Excel, Excel Viewer, Excel Web App and 4 more 2025-04-11 9.3 HIGH N/A
Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel 2010 Gold and SP1; Excel in Office 2010 Gold and SP1; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; Excel Services on Office SharePoint Server 2007 SP2; Excel Services on Office SharePoint Server 2010 Gold and SP1; and Excel Web App 2010 Gold and SP1 do not properly parse conditional expressions associated with formatting requirements, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Conditional Expression Parsing Vulnerability."
CVE-2011-1273 1 Microsoft 5 Excel, Excel Viewer, Office and 2 more 2025-04-11 9.3 HIGH N/A
Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Improper Record Parsing Vulnerability."
CVE-2010-3242 1 Microsoft 3 Excel, Office, Open Xml File Format Converter 2025-04-11 9.3 HIGH N/A
Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Ghost Record Type Parsing Vulnerability."
CVE-2013-3890 1 Microsoft 3 Excel, Excel Viewer, Office Compatibility Pack 2025-04-11 9.3 HIGH N/A
Microsoft Excel 2007 SP3, Excel Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Excel Memory Corruption Vulnerability."
CVE-2011-0978 1 Microsoft 4 Excel, Excel Viewer, Office and 1 more 2025-04-11 9.3 HIGH N/A
Stack-based buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code via vectors related to an axis properties record, and improper incrementing of an array index, aka "Excel Array Indexing Vulnerability."