Search Results (495 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-0028 1 Microsoft 2 Excel, Office 2026-04-16 N/A
Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via a BIFF parsing format file containing malformed BOOLERR records that lead to memory corruption, probably involving invalid pointers.
CVE-2006-1306 1 Microsoft 2 Excel, Excel Viewer 2026-04-16 N/A
Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted BIFF record with an attacker-controlled array index that is used for a function pointer, aka "Malformed OBJECT record Vulnerability."
CVE-2002-0618 1 Microsoft 2 Excel, Office 2026-04-16 N/A
The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code in the Local Computer zone by embedding HTML scripts within an Excel workbook that contains an XSL stylesheet, aka "Excel XSL Stylesheet Script Execution".
CVE-2002-0615 1 Microsoft 2 Excel, Office 2026-04-16 N/A
The Windows Media Active Playlist in Microsoft Windows Media Player 7.1 stores information in a well known location on the local file system, allowing attackers to execute HTML scripts in the Local Computer zone, aka "Media Playback Script Invocation".
CVE-2006-1302 1 Microsoft 2 Excel, Excel Viewer 2026-04-16 N/A
Buffer overflow in Microsoft Excel 2000 through 2003 allows user-assisted attackers to execute arbitrary code via a .xls file with certain crafted fields in a SELECTION record, which triggers memory corruption, aka "Malformed SELECTION record Vulnerability."
CVE-2006-1301 1 Microsoft 2 Excel, Excel Viewer 2026-04-16 N/A
Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted SELECTION record that triggers memory corruption, a different vulnerability than CVE-2006-1302.
CVE-2000-0597 1 Microsoft 2 Excel, Powerpoint 2026-04-16 N/A
Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97 are marked as safe for scripting, which allows remote attackers to force Internet Explorer or some email clients to save files to arbitrary locations via the Visual Basic for Applications (VBA) SaveAs function, aka the "Office HTML Script" vulnerability.
CVE-2006-0029 1 Microsoft 2 Excel, Office 2026-04-16 N/A
Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed description, which leads to memory corruption.
CVE-2002-0152 1 Microsoft 6 Entourage, Excel, Ie and 3 more 2026-04-16 N/A
Buffer overflow in various Microsoft applications for Macintosh allows remote attackers to cause a denial of service (crash) or execute arbitrary code by invoking the file:// directive with a large number of / characters, which affects Internet Explorer 5.1, Outlook Express 5.0 through 5.0.2, Entourage v. X and 2001, PowerPoint v. X, 2001, and 98, and Excel v. X and 2001 for Macintosh.
CVE-2006-1304 1 Microsoft 2 Excel, Excel Viewer 2026-04-16 N/A
Buffer overflow in Microsoft Excel 2000 through 2003 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted COLINFO record, which triggers the overflow during a "data filling operation."
CVE-2006-1309 1 Microsoft 2 Excel, Excel Viewer 2026-04-16 N/A
Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted LABEL record that triggers memory corruption.
CVE-2026-21259 1 Microsoft 9 365 Apps, Excel, Excel 2016 and 6 more 2026-04-15 7.8 High
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate privileges locally.
CVE-2026-21258 1 Microsoft 11 365 Apps, Excel, Excel 2016 and 8 more 2026-04-15 5.5 Medium
Improper input validation in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
CVE-2026-21261 1 Microsoft 11 365 Apps, Excel, Excel 2016 and 8 more 2026-04-15 5.5 Medium
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
CVE-2026-26133 1 Microsoft 35 365 Copilot, 365 Copilot Android, 365 Copilot For Android and 32 more 2026-04-14 7.1 High
AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.
CVE-2026-26109 1 Microsoft 13 365 Apps, Excel, Excel 2016 and 10 more 2026-04-14 8.4 High
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-26108 1 Microsoft 11 365 Apps, Excel, Excel 2016 and 8 more 2026-04-14 7.8 High
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-26107 1 Microsoft 11 365 Apps, Excel, Excel 2016 and 8 more 2026-04-14 7.8 High
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-26112 1 Microsoft 11 365 Apps, Excel, Excel 2016 and 8 more 2026-04-14 7.8 High
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-21362 1 Microsoft 11 365 Apps, Excel, Excel 2016 and 8 more 2026-02-26 8.4 High
Microsoft Excel Remote Code Execution Vulnerability