CVSS: 7.8EPSS: 14%CPEs: 3EXPL: 0CVE-2022-24510 – Microsoft Office Visio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-24510
Microsoft Office Visio Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota de Microsoft Office Visio. Este ID de CVE es diferente de CVE-2022-24461, CVE-2022-24509 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Visio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of EMR_COMMENT_EMFPLUS records in EMF images. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24510 •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2022-23252 – Microsoft Office Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-23252
Microsoft Office Information Disclosure Vulnerability Una Vulnerabilidad de Divulgación de Información de Microsoft Office • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23252 •
CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2022-22716 – Microsoft Excel Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-22716
Microsoft Excel Information Disclosure Vulnerability Una Vulnerabilidad de Divulgación de Información de Microsoft Excel This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XLS files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22716 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 35%CPEs: 12EXPL: 0CVE-2022-22003 – Microsoft Office Graphics Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-22003
Microsoft Office Graphics Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de Código Remota de Microsoft Office Graphics • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22003 •
CVSS: 7.8EPSS: 35%CPEs: 3EXPL: 0CVE-2022-21988 – Microsoft Office Visio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-21988
Microsoft Office Visio Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de Código Remota de Microsoft Office Visio This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Visio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of EMR_DELETEOBJECT records in EMF images. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21988 •