U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): microsoft excel
  • Search Type: Search All
  • CPE Name Search: false
There are 413 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2024-30042

Microsoft Excel Remote Code Execution Vulnerability

Published: May 14, 2024; 1:17:14 PM -0400
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2024-26257

Microsoft Excel Remote Code Execution Vulnerability

Published: April 09, 2024; 1:15:47 PM -0400
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2024-28111

Canarytokens helps track activity and actions on a network. Canarytokens.org supports exporting the history of a Canarytoken's incidents in CSV format. The generation of these CSV files is vulnerable to a CSV Injection vulnerability. This flaw can be used by an attacker who discovers an HTTP-based Canarytoken to target the Canarytoken's owner, if the owner exports the incident history to CSV and opens in a reader application such as Microsoft Excel. The impact is that this issue could lead to code execution on the machine on which the CSV file is opened. Version sha-c595a1f8 contains a fix for this issue.

Published: March 06, 2024; 5:15:57 PM -0500
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2024-20677

A security vulnerability exists in FBX that could lead to remote code execution. To mitigate this vulnerability, the ability to insert FBX files has been disabled in Word, Excel, PowerPoint and Outlook for Windows and Mac. Versions of Office that had this feature enabled will no longer have access to it. This includes Office 2019, Office 2021, Office LTSC for Mac 2021, and Microsoft 365. As of February 13, 2024, the ability to insert FBX files has also been disabled in 3D Viewer. 3D models in Office documents that were previously inserted from a FBX file will continue to work as expected unless the Link to File option was chosen at insert time. This change is effective as of the January 9, 2024 security update.

Published: January 09, 2024; 1:15:50 PM -0500
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-48289

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SpreadsheetConverter Import Spreadsheets from Microsoft Excel allows Stored XSS.This issue affects Import Spreadsheets from Microsoft Excel: from n/a through 10.1.3.

Published: November 30, 2023; 7:15:09 AM -0500
V4.0:(not available)
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2023-36041

Microsoft Excel Remote Code Execution Vulnerability

Published: November 14, 2023; 1:15:34 PM -0500
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-36037

Microsoft Excel Security Feature Bypass Vulnerability

Published: November 14, 2023; 1:15:33 PM -0500
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-36766

Microsoft Excel Information Disclosure Vulnerability

Published: September 12, 2023; 1:15:12 PM -0400
V4.0:(not available)
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-36896

Microsoft Excel Remote Code Execution Vulnerability

Published: August 08, 2023; 2:15:15 PM -0400
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-3527

A CSV injection vulnerability was found in the Avaya Call Management System (CMS) Supervisor web application which allows a user with administrative privileges to input crafted data which, when exported to a CSV file, may attempt arbitrary command execution on the system used to open the file by a spreadsheet software such as Microsoft Excel.  

Published: July 18, 2023; 6:15:09 PM -0400
V4.0:(not available)
V3.1: 6.8 MEDIUM
V2.0:(not available)
CVE-2023-33162

Microsoft Excel Information Disclosure Vulnerability

Published: July 11, 2023; 2:15:15 PM -0400
V4.0:(not available)
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-33161

Microsoft Excel Remote Code Execution Vulnerability

Published: July 11, 2023; 2:15:15 PM -0400
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-33158

Microsoft Excel Remote Code Execution Vulnerability

Published: July 11, 2023; 2:15:14 PM -0400
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-33137

Microsoft Excel Remote Code Execution Vulnerability

Published: June 13, 2023; 8:15:12 PM -0400
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-33133

Microsoft Excel Remote Code Execution Vulnerability

Published: June 13, 2023; 8:15:12 PM -0400
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-32029

Microsoft Excel Remote Code Execution Vulnerability

Published: June 13, 2023; 8:15:11 PM -0400
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-24953

Microsoft Excel Remote Code Execution Vulnerability

Published: May 09, 2023; 2:15:13 PM -0400
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-23399

Microsoft Excel Remote Code Execution Vulnerability

Published: March 14, 2023; 1:15:13 PM -0400
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-23398

Microsoft Excel Spoofing Vulnerability

Published: March 14, 2023; 1:15:13 PM -0400
V4.0:(not available)
V3.1: 7.1 HIGH
V2.0:(not available)
CVE-2023-23396

Microsoft Excel Denial of Service Vulnerability

Published: March 14, 2023; 1:15:13 PM -0400
V4.0:(not available)
V3.1: 6.5 MEDIUM
V2.0:(not available)