) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): microsoft excel
- Search Type: Search All
- CPE Name Search: false
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2024-38734 |
Unrestricted Upload of File with Dangerous Type vulnerability in SpreadsheetConverter Import Spreadsheets from Microsoft Excel allows Code Injection.This issue affects Import Spreadsheets from Microsoft Excel: from n/a through 10.1.4. Published: July 12, 2024; 12:15:03 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-30042 |
Microsoft Excel Remote Code Execution Vulnerability Published: May 14, 2024; 1:17:14 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2024-26257 |
Microsoft Excel Remote Code Execution Vulnerability Published: April 09, 2024; 1:15:47 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2024-28111 |
Canarytokens helps track activity and actions on a network. Canarytokens.org supports exporting the history of a Canarytoken's incidents in CSV format. The generation of these CSV files is vulnerable to a CSV Injection vulnerability. This flaw can be used by an attacker who discovers an HTTP-based Canarytoken to target the Canarytoken's owner, if the owner exports the incident history to CSV and opens in a reader application such as Microsoft Excel. The impact is that this issue could lead to code execution on the machine on which the CSV file is opened. Version sha-c595a1f8 contains a fix for this issue. Published: March 06, 2024; 5:15:57 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-20677 |
A security vulnerability exists in FBX that could lead to remote code execution. To mitigate this vulnerability, the ability to insert FBX files has been disabled in Word, Excel, PowerPoint and Outlook for Windows and Mac. Versions of Office that had this feature enabled will no longer have access to it. This includes Office 2019, Office 2021, Office LTSC for Mac 2021, and Microsoft 365. As of February 13, 2024, the ability to insert FBX files has also been disabled in 3D Viewer. 3D models in Office documents that were previously inserted from a FBX file will continue to work as expected unless the Link to File option was chosen at insert time. This change is effective as of the January 9, 2024 security update. Published: January 09, 2024; 1:15:50 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-48289 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SpreadsheetConverter Import Spreadsheets from Microsoft Excel allows Stored XSS.This issue affects Import Spreadsheets from Microsoft Excel: from n/a through 10.1.3. Published: November 30, 2023; 7:15:09 AM -0500 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0:(not available) |
| CVE-2023-36041 |
Microsoft Excel Remote Code Execution Vulnerability Published: November 14, 2023; 1:15:34 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-36037 |
Microsoft Excel Security Feature Bypass Vulnerability Published: November 14, 2023; 1:15:33 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-36766 |
Microsoft Excel Information Disclosure Vulnerability Published: September 12, 2023; 1:15:12 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2023-36896 |
Microsoft Excel Remote Code Execution Vulnerability Published: August 08, 2023; 2:15:15 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-3527 |
A CSV injection vulnerability was found in the Avaya Call Management System (CMS) Supervisor web application which allows a user with administrative privileges to input crafted data which, when exported to a CSV file, may attempt arbitrary command execution on the system used to open the file by a spreadsheet software such as Microsoft Excel. Published: July 18, 2023; 6:15:09 PM -0400 |
V4.0:(not available) V3.1: 6.8 MEDIUM V2.0:(not available) |
| CVE-2023-33162 |
Microsoft Excel Information Disclosure Vulnerability Published: July 11, 2023; 2:15:15 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2023-33161 |
Microsoft Excel Remote Code Execution Vulnerability Published: July 11, 2023; 2:15:15 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-33158 |
Microsoft Excel Remote Code Execution Vulnerability Published: July 11, 2023; 2:15:14 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-33137 |
Microsoft Excel Remote Code Execution Vulnerability Published: June 13, 2023; 8:15:12 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-33133 |
Microsoft Excel Remote Code Execution Vulnerability Published: June 13, 2023; 8:15:12 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-32029 |
Microsoft Excel Remote Code Execution Vulnerability Published: June 13, 2023; 8:15:11 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-24953 |
Microsoft Excel Remote Code Execution Vulnerability Published: May 09, 2023; 2:15:13 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-23399 |
Microsoft Excel Remote Code Execution Vulnerability Published: March 14, 2023; 1:15:13 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-23398 |
Microsoft Excel Spoofing Vulnerability Published: March 14, 2023; 1:15:13 PM -0400 |
V4.0:(not available) V3.1: 7.1 HIGH V2.0:(not available) |