CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-38010 – Microsoft Office Visio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-38010
Microsoft Office Visio Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota de Microsoft Office Visio. Este ID de CVE es diferente de CVE-2022-37963 • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38010 •
CVSS: 7.0EPSS: 0%CPEs: 5EXPL: 0CVE-2021-27055 – Microsoft Visio Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-27055
Microsoft Visio Security Feature Bypass Vulnerability Una Vulnerabilidad de Omisión de la Característica de Seguridad de Microsoft Visio • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27055 •
CVSS: 8.8EPSS: 4%CPEs: 33EXPL: 0CVE-2020-0760
https://notcve.org/view.php?id=CVE-2020-0760
A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991. Hay una vulnerabilidad de ejecución de código remota cuando Microsoft Office carga inapropiadamente bibliotecas de tipos arbitrarios, también se conoce como "Microsoft Office Remote Code Execution Vulnerability". Este ID de CVE es diferente de CVE-2020-0991. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0760 •
CVSS: 9.3EPSS: 25%CPEs: 1EXPL: 0CVE-2016-3364
https://notcve.org/view.php?id=CVE-2016-3364
Microsoft Visio 2016 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." Microsoft Visio 2016 permite a atacantes remotos ejecutar código arbitrario a través de un documento manipulado, vulnerabilidad también conocida como "Microsoft Office Memory Corruption Vulnerability". • http://www.securityfocus.com/bid/92803 http://www.securitytracker.com/id/1036785 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-107 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 2CVE-2016-3235 – Microsoft Office OLE DLL Side Loading Vulnerability
https://notcve.org/view.php?id=CVE-2016-3235
Microsoft Visio 2007 SP3, Visio 2010 SP2, Visio 2013 SP1, Visio 2016, Visio Viewer 2007 SP3, and Visio Viewer 2010 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Loading Vulnerability." Microsoft Visio 2007 SP3, Visio 2010 SP2, Visio 2013 SP1, Visio 2016, Visio Viewer 2007 SP3 y Visio Viewer 2010 no maneja adecuadamente la carga de librerías, lo que permite a usuarios locales obtener privilegios a través de una aplicación manipulada, también conocida como "Microsoft Office OLE DLL Side Loading Vulnerability." Microsoft Office Object Linking & Embedding (OLE) dynamic link library (DLL) contains a side loading vulnerability due to it improperly validating input before loading libraries. Successful exploitation allows for remote code execution. • https://www.exploit-db.com/exploits/41706 http://packetstormsecurity.com/files/137490/Microsoft-Visio-DLL-Hijacking.html http://seclists.org/fulldisclosure/2016/Jun/32 http://www.securityfocus.com/archive/1/538685/100/0/threaded http://www.securitytracker.com/id/1036093 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-070 https://www.securify.nl/advisory/SFY20150804/microsoft_visio_multiple_dll_side_loading_vulnerabilities.html https://securify.nl/advisory/SFY20150801/com •