10 results (0.006 seconds)

CVSS: 7.8EPSS: 17%CPEs: 12EXPL: 0

Microsoft Excel Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Microsoft Excel. Este ID de CVE es diferente de CVE-2022-24473 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XLS files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26901 •

CVSS: 7.8EPSS: 24%CPEs: 13EXPL: 0

Microsoft Excel Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Microsoft Excel • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43256 •

CVSS: 9.3EPSS: 97%CPEs: 25EXPL: 1

A remote code execution vulnerability exists in the way that the MSHTML engine inproperly validates input, aka "MSHTML Engine Remote Code Execution Vulnerability." This affects Microsoft Office, Microsoft Office Word Viewer, Internet Explorer 9, Internet Explorer 11, Microsoft Excel Viewer, Internet Explorer 10, Office 365 ProPlus. Existe una vulnerabilidad de ejecución remota de código debido a la forma en la que el motor MSHTML valida indebidamente las entradas. Esto también se conoce como "MSHTML Engine Remote Code Execution Vulnerability". Esto afecta a Microsoft Office, Microsoft Office Word Viewer, Internet Explorer 9, Internet Explorer 11, Microsoft Excel Viewer, Internet Explorer 10 y Office 365 ProPlus. • https://www.exploit-db.com/exploits/46536 http://www.securityfocus.com/bid/106402 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0541 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 5.5EPSS: 1%CPEs: 8EXPL: 0

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel. Existe una vulnerabilidad de divulgación de información cuando Microsoft Excel no muestra correctamente los contenidos de su memoria. Esto también se conoce como "Microsoft Excel Information Disclosure Vulnerability". Esto afecta a Microsoft Excel Viewer, Microsoft Office y Microsoft Excel. • http://www.securityfocus.com/bid/105000 http://www.securitytracker.com/id/1041463 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8382 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.3EPSS: 29%CPEs: 5EXPL: 0

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel. This CVE ID is unique from CVE-2018-8375. Existe una vulnerabilidad de ejecución remota de código en el software de Microsoft Excel cuando no gestiona correctamente objetos en la memoria. Esto también se conoce como "Microsoft Excel Remote Code Execution Vulnerability". • http://www.securityfocus.com/bid/104997 http://www.securitytracker.com/id/1041463 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8379 •