Skip to main content

Access

21 CVEs product

Monthly

CVE-2025-26642 HIGH This Week

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Buffer Overflow 365 Apps Access +5
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2025-21395 HIGH PATCH CERT-EU This Month

Microsoft Access Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft 365 Apps +3
NVD
CVSS 3.1
7.8
EPSS
1.8%
CVE-2025-21366 HIGH PATCH CERT-EU This Month

Microsoft Access Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Microsoft Memory Corruption Use After Free RCE 365 Apps +3
NVD
CVSS 3.1
7.8
EPSS
1.8%
CVE-2025-21186 HIGH PATCH CERT-EU This Month

Microsoft Access Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft 365 Apps +3
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2024-49142 HIGH This Week

Microsoft Access Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Microsoft RCE Memory Corruption 365 Apps +3
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-31701 MEDIUM This Month

VMware Workspace ONE Access and Identity Manager contain a broken authentication vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass VMware Access Cloud Foundation Identity Manager Connector
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2022-31700 HIGH This Week

VMware Workspace ONE Access and Identity Manager contain an authenticated remote code execution vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE VMware Access Cloud Foundation Identity Manager
NVD
CVSS 3.1
7.2
EPSS
1.1%
CVE-2020-1582 HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

RCE Microsoft 365 Apps Access Office
NVD
CVSS 3.1
7.8
EPSS
2.7%
CVE-2020-0760 HIGH PATCH This Week

A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Access Excel Office +7
NVD
CVSS 3.1
8.8
EPSS
8.6%
CVE-2019-18780 CRITICAL PATCH Act Now

An arbitrary command injection vulnerability in the Cluster Server component of Veritas InfoScale allows an unauthenticated remote attacker to execute arbitrary commands as root or administrator. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Command Injection Access Access Appliance Flex Appliance +3
NVD
CVSS 3.1
9.8
EPSS
6.1%
CVE-2019-11899 HIGH This Week

An unauthenticated attacker can achieve unauthorized access to sensitive data by exploiting Windows SMB protocol on a client installation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Information Disclosure Access
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2019-11898 CRITICAL Act Now

Unauthorized APE administration privileges can be achieved by reverse engineering one of the APE service tools. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Access
NVD
CVSS 3.1
9.9
EPSS
1.1%
CVE-2018-8312 HIGH PATCH This Week

A remote code execution vulnerability exists when Microsoft Access fails to properly handle objects in memory, aka "Microsoft Access Remote Code Execution Vulnerability." This affects Microsoft. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Access Office
NVD
CVSS 3.0
7.8
EPSS
19.5%
CVE-2018-0903 HIGH PATCH This Week

Microsoft Access 2010 SP2, Microsoft Access 2013 SP1, Microsoft Access 2016, and Microsoft Office 2016 Click-to-Run allow a remote code execution vulnerability due to how objects are handled in. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Access Office
NVD
CVSS 3.0
7.8
EPSS
16.6%
CVE-2017-6406 HIGH This Week

An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Access Netbackup Netbackup Appliance
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-6400 HIGH This Week

An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Access Netbackup Netbackup Appliance
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-6399 HIGH This Week

An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Access Netbackup Netbackup Appliance
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2015-2503 CRITICAL Act Now

Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese). Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 15.5% and no vendor patch available.

Privilege Escalation Microsoft Access Excel Infopath +11
NVD
CVSS 2.0
9.3
EPSS
15.5%
CVE-2013-3157 CRITICAL Emergency

Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Office allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Access file,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 73.5% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Access
NVD
CVSS 2.0
9.3
EPSS
73.5%
Threat
4.1
CVE-2013-3156 CRITICAL Emergency

Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Office allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Access file,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 53.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Access
NVD
CVSS 2.0
9.3
EPSS
53.2%
CVE-2013-3155 CRITICAL Emergency

Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Office allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Access file,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 58.0% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Access
NVD
CVSS 2.0
9.3
EPSS
58.0%
EPSS 1% CVSS 7.8
HIGH This Week

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Buffer Overflow +7
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Month

Microsoft Access Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +5
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Month

Microsoft Access Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Microsoft Memory Corruption Use After Free +5
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Month

Microsoft Access Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +5
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Microsoft Access Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Microsoft RCE +5
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

VMware Workspace ONE Access and Identity Manager contain a broken authentication vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass VMware Access +2
NVD
EPSS 1% CVSS 7.2
HIGH This Week

VMware Workspace ONE Access and Identity Manager contain an authenticated remote code execution vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE VMware Access +2
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

RCE Microsoft 365 Apps +2
NVD
EPSS 9% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Access +9
NVD
EPSS 6% CVSS 9.8
CRITICAL PATCH Act Now

An arbitrary command injection vulnerability in the Cluster Server component of Veritas InfoScale allows an unauthenticated remote attacker to execute arbitrary commands as root or administrator. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Command Injection Access +5
NVD
EPSS 1% CVSS 7.5
HIGH This Week

An unauthenticated attacker can achieve unauthorized access to sensitive data by exploiting Windows SMB protocol on a client installation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Information Disclosure +1
NVD
EPSS 1% CVSS 9.9
CRITICAL Act Now

Unauthorized APE administration privileges can be achieved by reverse engineering one of the APE service tools. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Access
NVD
EPSS 20% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists when Microsoft Access fails to properly handle objects in memory, aka "Microsoft Access Remote Code Execution Vulnerability." This affects Microsoft. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Access +1
NVD
EPSS 17% CVSS 7.8
HIGH PATCH This Week

Microsoft Access 2010 SP2, Microsoft Access 2013 SP1, Microsoft Access 2016, and Microsoft Office 2016 Click-to-Run allow a remote code execution vulnerability due to how objects are handled in. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Access +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Access Netbackup +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Access Netbackup +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Access Netbackup +1
NVD
EPSS 15% CVSS 9.3
CRITICAL Act Now

Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese). Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 15.5% and no vendor patch available.

Privilege Escalation Microsoft Access +13
NVD
EPSS 73% 4.1 CVSS 9.3
CRITICAL Emergency

Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Office allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Access file,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 73.5% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft +2
NVD
EPSS 53% CVSS 9.3
CRITICAL Emergency

Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Office allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Access file,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 53.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft +2
NVD
EPSS 58% CVSS 9.3
CRITICAL Emergency

Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Office allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Access file,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 58.0% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy