) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): Microsoft Ole
- Search Type: Search All
- CPE Name Search: false
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2023-21799 |
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Published: February 14, 2023; 3:15:15 PM -0500 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2023-21686 |
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Published: February 14, 2023; 3:15:12 PM -0500 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2023-21685 |
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Published: February 14, 2023; 3:15:12 PM -0500 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2023-21681 |
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Published: January 10, 2023; 5:15:16 PM -0500 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2022-38031 |
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Published: October 11, 2022; 3:15:15 PM -0400 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2022-37982 |
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Published: October 11, 2022; 3:15:13 PM -0400 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2022-35840 |
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Published: September 13, 2022; 3:15:11 PM -0400 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2022-35836 |
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Published: September 13, 2022; 3:15:11 PM -0400 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2022-35835 |
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Published: September 13, 2022; 3:15:11 PM -0400 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2022-35834 |
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Published: September 13, 2022; 3:15:11 PM -0400 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2022-34733 |
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Published: September 13, 2022; 3:15:10 PM -0400 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2022-34731 |
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Published: September 13, 2022; 3:15:10 PM -0400 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2020-1281 |
A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input, aka 'Windows OLE Remote Code Execution Vulnerability'. Published: June 09, 2020; 4:15:18 PM -0400 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2019-1484 |
A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input, aka 'Windows OLE Remote Code Execution Vulnerability'. Published: December 10, 2019; 5:15:18 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2019-0885 |
A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input, aka 'Windows OLE Remote Code Execution Vulnerability'. Published: May 16, 2019; 3:29:01 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2018-8307 |
A security feature bypass vulnerability exists when Microsoft WordPad improperly handles embedded OLE objects, aka "WordPad Security Feature Bypass Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. Published: July 10, 2018; 8:29:01 PM -0400 |
V4.0:(not available) V3.0: 5.3 MEDIUM V2.0: 6.8 MEDIUM |
| CVE-2018-8245 |
A remote code execution vulnerability exists when Microsoft Publisher fails to utilize features that lock down the Local Machine zone when instantiating OLE objects, aka "Microsoft Publisher Remote Code Execution Vulnerability." This affects Microsoft Publisher. Published: June 14, 2018; 8:29:02 AM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2018-0950 |
An information disclosure vulnerability exists when Office renders Rich Text Format (RTF) email messages containing OLE objects when a message is opened or previewed, aka "Microsoft Office Information Disclosure Vulnerability." This affects Microsoft Word, Microsoft Office. This CVE ID is unique from CVE-2018-1007. Published: April 11, 2018; 9:29:06 PM -0400 |
V4.0:(not available) V3.0: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2017-0211 |
An elevation of privilege vulnerability exists in Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 versions of Microsoft Windows OLE when it fails an integrity-level check, aka "Windows OLE Elevation of Privilege Vulnerability." Published: April 12, 2017; 10:59:01 AM -0400 |
V4.0:(not available) V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2016-7275 |
Microsoft Office 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Loading Vulnerability." Published: December 20, 2016; 1:59:00 AM -0500 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 7.2 HIGH |