cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-38016,https://securityvulnerability.io/vulnerability/CVE-2024-38016,Remote Code Execution Vulnerability Affects Microsoft Office Visio,"Microsoft Office Visio is impacted by a vulnerability that allows for remote code execution through malicious crafted files. When a user opens a specially crafted file, the vulnerability could potentially allow an attacker to run arbitrary code on the user's system. This security issue underlines the importance of ensuring that users are adequately protected through security updates and patches from Microsoft. Users are advised to exercise caution when handling unfamiliar files and to implement security best practices.",Microsoft,"Microsoft Office Ltsc 2021,Microsoft 365 Apps For Enterprise,Microsoft Office 2019,Microsoft Visio 2016",7.8,HIGH,0.0005000000237487257,false,false,false,false,,false,false,2024-09-19T17:09:59.949Z,0
CVE-2024-43463,https://securityvulnerability.io/vulnerability/CVE-2024-43463,Microsoft Office Visio Remote Code Execution Vulnerability,"A significant vulnerability exists in Microsoft Office Visio that enables remote code execution by allowing an attacker to exploit the application through maliciously crafted content. Successful exploitation could result in the execution of arbitrary code on the targeted machine, giving the attacker unauthorized access and the ability to manipulate data or install harmful software. This flaw underscores the need for users to apply the latest security updates and adopt stringent security practices to mitigate potential attacks.",Microsoft,"Microsoft Office 2019,Microsoft 365 Apps For Enterprise,Microsoft Office Ltsc 2021,Microsoft Visio 2016",7.8,HIGH,0.0005000000237487257,false,false,false,false,,false,false,2024-09-10T16:53:49.777Z,0
CVE-2024-20673,https://securityvulnerability.io/vulnerability/CVE-2024-20673,Microsoft Office Remote Code Execution Vulnerability,"A vulnerability exists in Microsoft Office where maliciously crafted documents can potentially allow an attacker to execute arbitrary code on a user's system. This occurs when a user opens a specially crafted Office file that can lead to unauthorized access and control over the affected system. The vulnerability highlights significant risks posed to users, emphasizing the necessity for prompt updates and security best practices to mitigate potential exploits.",Microsoft,"Microsoft Office 2019,Microsoft Office Ltsc 2021,Microsoft Excel 2016,Microsoft Office 2016,Microsoft Powerpoint 2016,Microsoft Visio 2016,Microsoft Word 2016,Microsoft Publisher 2016,Skype For Business 2016",7.8,HIGH,0.0005300000193528831,false,false,false,false,,false,false,2024-02-13T18:02:25.889Z,0
CVE-2023-36866,https://securityvulnerability.io/vulnerability/CVE-2023-36866,Microsoft Office Visio Remote Code Execution Vulnerability,Microsoft Office Visio Remote Code Execution Vulnerability,Microsoft,"Microsoft Office Ltsc 2021,Microsoft 365 Apps For Enterprise,Microsoft Office 2019,Microsoft Visio 2016",7.8,HIGH,0.0015999999595806003,false,false,false,false,,false,false,2023-08-08T18:15:00.000Z,0
CVE-2023-35372,https://securityvulnerability.io/vulnerability/CVE-2023-35372,Microsoft Office Visio Remote Code Execution Vulnerability,Microsoft Office Visio Remote Code Execution Vulnerability,Microsoft,"Microsoft Office Ltsc 2021,Microsoft 365 Apps For Enterprise,Microsoft Office 2019,Microsoft Visio 2016",7.8,HIGH,0.0015999999595806003,false,false,false,false,,false,false,2023-08-08T18:15:00.000Z,0
CVE-2023-21741,https://securityvulnerability.io/vulnerability/CVE-2023-21741,Microsoft Office Visio Information Disclosure Vulnerability,Microsoft Office Visio Information Disclosure Vulnerability,Microsoft,"Microsoft Office Ltsc 2021,Microsoft Visio 2013 Service Pack 1,Microsoft 365 Apps For Enterprise,Microsoft Office 2019,Microsoft Visio 2016",7.1,HIGH,0.001979999942705035,false,false,false,false,,false,false,2023-01-10T00:00:00.000Z,0
CVE-2023-21736,https://securityvulnerability.io/vulnerability/CVE-2023-21736,Microsoft Office Visio Remote Code Execution Vulnerability,Microsoft Office Visio Remote Code Execution Vulnerability,Microsoft,"Microsoft Office 2019,Microsoft 365 Apps For Enterprise,Microsoft Office Ltsc 2021,Microsoft Visio 2013 Service Pack 1,Microsoft Visio 2016",7.8,HIGH,0.0052999998442828655,false,false,false,false,,false,false,2023-01-10T00:00:00.000Z,0
CVE-2023-21737,https://securityvulnerability.io/vulnerability/CVE-2023-21737,Microsoft Office Visio Remote Code Execution Vulnerability,Microsoft Office Visio Remote Code Execution Vulnerability,Microsoft,"Microsoft Office 2019,Microsoft 365 Apps For Enterprise,Microsoft Office Ltsc 2021,Microsoft Visio 2013 Service Pack 1,Microsoft Visio 2016",7.8,HIGH,0.0052999998442828655,false,false,false,false,,false,false,2023-01-10T00:00:00.000Z,0
CVE-2022-44695,https://securityvulnerability.io/vulnerability/CVE-2022-44695,Microsoft Office Visio Remote Code Execution Vulnerability,Microsoft Office Visio Remote Code Execution Vulnerability,Microsoft,"Microsoft Office 2019,Microsoft 365 Apps For Enterprise,Microsoft Office Ltsc 2021,Microsoft Visio 2013 Service Pack 1,Microsoft Visio 2016",7.8,HIGH,0.006279999855905771,false,false,false,false,,false,false,2022-12-13T00:00:00.000Z,0
CVE-2022-38010,https://securityvulnerability.io/vulnerability/CVE-2022-38010,Microsoft Office Visio Remote Code Execution Vulnerability,Microsoft Office Visio Remote Code Execution Vulnerability,Microsoft,"Microsoft Office 2019,Microsoft 365 Apps For Enterprise,Microsoft Office Ltsc 2021,Microsoft Visio 2013 Service Pack 1,Microsoft Visio 2016",7.8,HIGH,0.0038499999791383743,false,false,false,false,,false,false,2022-09-13T18:42:19.000Z,0
CVE-2021-27055,https://securityvulnerability.io/vulnerability/CVE-2021-27055,Microsoft Visio Security Feature Bypass Vulnerability,Microsoft Visio Security Feature Bypass Vulnerability,Microsoft,"Microsoft Visio 2013 Service Pack 1,Microsoft Visio 2013 Service Pack 1,Microsoft Visio 2016,Microsoft Visio 2010 Service Pack 2,Microsoft Office 2019,Microsoft 365 Apps For Enterprise",7,HIGH,0.004860000219196081,false,false,false,false,,false,false,2021-03-11T15:48:18.000Z,0
CVE-2020-0760,https://securityvulnerability.io/vulnerability/CVE-2020-0760,,"A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991.",Microsoft,"Microsoft Project,Microsoft Office,Office 365 Proplus,Microsoft Excel,Microsoft Powerpoint,Microsoft Visio,Microsoft Word,Microsoft Publisher 2016 (32-bit Edition),Microsoft Publisher 2016 (64-bit Edition),Microsoft Access,Microsoft Outlook,Microsoft Publisher 2013 Service Pack 1 (32-bit Editions),Microsoft Publisher 2013 Service Pack 1 (64-bit Editions),Microsoft Publisher",8.8,HIGH,0.06233999878168106,false,false,false,false,,false,false,2020-04-15T15:12:40.000Z,0
CVE-2016-3364,https://securityvulnerability.io/vulnerability/CVE-2016-3364,,"Microsoft Visio 2016 allows remote attackers to execute arbitrary code via a crafted document, aka ""Microsoft Office Memory Corruption Vulnerability.""",Microsoft,Visio,7.8,HIGH,0.2513599991798401,false,false,false,false,,false,false,2016-09-14T10:00:00.000Z,0
CVE-2016-3235,https://securityvulnerability.io/vulnerability/CVE-2016-3235,,"Microsoft Visio 2007 SP3, Visio 2010 SP2, Visio 2013 SP1, Visio 2016, Visio Viewer 2007 SP3, and Visio Viewer 2010 mishandle library loading, which allows local users to gain privileges via a crafted application, aka ""Microsoft Office OLE DLL Side Loading Vulnerability.""",Microsoft,"Visio,Visio Viewer",7.8,HIGH,0.025539999827742577,true,false,false,true,,false,false,2016-06-16T01:00:00.000Z,0
CVE-2016-0012,https://securityvulnerability.io/vulnerability/CVE-2016-0012,,"Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Office 2016, Excel 2016, PowerPoint 2016, Visio 2016, Word 2016, and Visual Basic 6.0 Runtime allow remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka ""Microsoft Office ASLR Bypass.""",Microsoft,"Word,Powerpoint,Excel,Visio,Office,Visual Basics",4.3,MEDIUM,0.14215999841690063,false,false,false,false,,false,false,2016-01-13T02:00:00.000Z,0
CVE-2015-2503,https://securityvulnerability.io/vulnerability/CVE-2015-2503,,"Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 SP2, OneNote 2010 SP2, PowerPoint 2010 SP2, Project 2010 SP2, Publisher 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Pinyin IME 2010, Access 2013 SP1, Excel 2013 SP1, InfoPath 2013 SP1, OneNote 2013 SP1, PowerPoint 2013 SP1, Project 2013 SP1, Publisher 2013 SP1, Visio 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, OneNote 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Access 2016, Excel 2016, OneNote 2016, PowerPoint 2016, Project 2016, Publisher 2016, Visio 2016, Word 2016, Skype for Business 2016, and Lync 2013 SP1 allow remote attackers to bypass a sandbox protection mechanism and gain privileges via a crafted web site that is accessed with Internet Explorer, as demonstrated by a transition from Low Integrity to Medium Integrity, aka ""Microsoft Office Elevation of Privilege Vulnerability.""",Microsoft,"Word,Onenote,Publisher,Powerpoint,Project Server,Infopath,Access,Excel,Project,Visio,Lync,Skype For Business,Pinyin Ime,Office 2007 Ime",,,0.006819999776780605,false,false,false,false,,false,false,2015-11-11T11:00:00.000Z,0
CVE-2015-2557,https://securityvulnerability.io/vulnerability/CVE-2015-2557,,"Buffer overflow in Microsoft Visio 2007 SP3 and 2010 SP2 allows remote attackers to execute arbitrary code via crafted UML data in an Office document, aka ""Microsoft Office Memory Corruption Vulnerability.""",Microsoft,Visio,,,0.8352199792861938,false,false,false,false,,false,false,2015-10-14T01:00:00.000Z,0
CVE-2015-2423,https://securityvulnerability.io/vulnerability/CVE-2015-2423,,"Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Visio 2013 RT SP1, Word 2013 RT SP1, and Internet Explorer 7 through 11 allow remote attackers to gain privileges and obtain sensitive information via a crafted command-line parameter to an Office application or Notepad, as demonstrated by a transition from Low Integrity to Medium Integrity, aka ""Unsafe Command Line Parameter Passing Vulnerability.""",Microsoft,"Word,Powerpoint,Excel,Visio,Office",,,0.016349999234080315,false,false,false,false,,false,false,2015-08-15T00:00:00.000Z,0
CVE-2013-1301,https://securityvulnerability.io/vulnerability/CVE-2013-1301,,"Microsoft Visio 2003 SP3 2007 SP3, and 2010 SP1 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, aka ""XML External Entities Resolution Vulnerability.""",Microsoft,Visio,,,0.022040000185370445,false,false,false,false,,false,false,2013-05-15T01:00:00.000Z,0
CVE-2013-0079,https://securityvulnerability.io/vulnerability/CVE-2013-0079,,"Microsoft Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visio file that triggers incorrect memory allocation, aka ""Visio Viewer Tree Object Type Confusion Vulnerability.""",Microsoft,"Visio Viewer,Office Filter Pack,Visio",,,0.8975800275802612,false,false,false,false,,false,false,2013-03-13T00:00:00.000Z,0
CVE-2012-1888,https://securityvulnerability.io/vulnerability/CVE-2012-1888,,"Buffer overflow in Microsoft Visio 2010 SP1 and Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visio file, aka ""Visio DXF File Format Buffer Overflow Vulnerability.""",Microsoft,"Visio Viewer,Visio",,,0.9425299763679504,false,false,false,false,,false,false,2012-08-15T01:00:00.000Z,0
CVE-2012-0018,https://securityvulnerability.io/vulnerability/CVE-2012-0018,,"Microsoft Visio Viewer 2010 Gold and SP1 does not properly validate attributes in Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka ""VSD File Format Memory Corruption Vulnerability.""",Microsoft,Visio Viewer,,,0.9520000219345093,false,false,false,false,,false,false,2012-05-09T00:00:00.000Z,0
CVE-2012-0136,https://securityvulnerability.io/vulnerability/CVE-2012-0136,,"Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka ""VSD File Format Memory Corruption Vulnerability,"" a different vulnerability than CVE-2012-0019, CVE-2012-0020, CVE-2012-0137, and CVE-2012-0138.",Microsoft,Visio Viewer,,,0.51774001121521,false,false,false,false,,false,false,2012-02-14T22:00:00.000Z,0
CVE-2012-0138,https://securityvulnerability.io/vulnerability/CVE-2012-0138,,"Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka ""VSD File Format Memory Corruption Vulnerability,"" a different vulnerability than CVE-2012-0019, CVE-2012-0020, CVE-2012-0136, and CVE-2012-0137.",Microsoft,Visio Viewer,,,0.51774001121521,false,false,false,false,,false,false,2012-02-14T22:00:00.000Z,0
CVE-2012-0137,https://securityvulnerability.io/vulnerability/CVE-2012-0137,,"Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka ""VSD File Format Memory Corruption Vulnerability,"" a different vulnerability than CVE-2012-0019, CVE-2012-0020, CVE-2012-0136, and CVE-2012-0138.",Microsoft,Visio Viewer,,,0.51774001121521,false,false,false,false,,false,false,2012-02-14T22:00:00.000Z,0