Skip to main content

Visio

18 CVEs product

Monthly

CVE-2024-38016 HIGH PATCH This Week

Microsoft Office Visio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass RCE Microsoft 365 Apps Office +2
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2024-43463 HIGH PATCH This Week

Microsoft Office Visio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft RCE Memory Corruption 365 Apps +3
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2024-20673 HIGH PATCH This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Excel Office Office Long Term Servicing Channel +5
NVD VulDB
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-21741 HIGH This Week

Microsoft Office Visio Information Disclosure Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Microsoft 365 Apps Office +2
NVD
CVSS 3.1
7.1
EPSS
1.8%
CVE-2023-21737 HIGH This Week

Microsoft Office Visio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Microsoft Heap Overflow 365 Apps +3
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-21736 HIGH This Week

Microsoft Office Visio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft 365 Apps Office Office Long Term Servicing Channel +1
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2022-44695 HIGH This Week

Microsoft Office Visio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE 365 Apps Office Office Long Term Servicing Channel +1
NVD VulDB
CVSS 3.1
7.8
EPSS
2.3%
CVE-2022-38010 HIGH This Week

Microsoft Office Visio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE 365 Apps Office Office Long Term Servicing Channel +1
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-27055 HIGH PATCH This Week

Microsoft Visio Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Microsoft Authentication Bypass 365 Apps Office Visio
NVD
CVSS 3.1
7.0
EPSS
2.2%
CVE-2020-0760 HIGH PATCH This Week

A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Access Excel Office +7
NVD
CVSS 3.1
8.8
EPSS
8.6%
CVE-2016-3364 HIGH Act Now

Microsoft Visio 2016 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability.". Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 19.3% and no vendor patch available.

RCE Buffer Overflow Microsoft Visio
NVD
CVSS 3.0
7.8
EPSS
19.3%
CVE-2016-0012 MEDIUM This Month

Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.6% and no vendor patch available.

Information Disclosure Microsoft Excel Office Powerpoint +3
NVD
CVSS 3.0
4.3
EPSS
10.6%
CVE-2015-2503 CRITICAL Act Now

Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese). Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 15.5% and no vendor patch available.

Privilege Escalation Microsoft Access Excel Infopath +11
NVD
CVSS 2.0
9.3
EPSS
15.5%
CVE-2015-2557 CRITICAL Emergency

Buffer overflow in Microsoft Visio 2007 SP3 and 2010 SP2 allows remote attackers to execute arbitrary code via crafted UML data in an Office document, aka "Microsoft Office Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 34.6% and no vendor patch available.

RCE Buffer Overflow Microsoft Visio
NVD
CVSS 2.0
9.3
EPSS
34.6%
CVE-2015-2423 MEDIUM PATCH This Month

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Excel 2007 SP3,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 14.9%.

Information Disclosure Microsoft Excel Office Powerpoint +12
NVD
CVSS 2.0
4.3
EPSS
14.9%
CVE-2013-1301 MEDIUM This Month

Microsoft Visio 2003 SP3 2007 SP3, and 2010 SP1 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 27.8% and no vendor patch available.

Information Disclosure Microsoft Visio
NVD
CVSS 2.0
4.3
EPSS
27.8%
CVE-2013-0079 CRITICAL Emergency

Microsoft Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visio file that triggers incorrect memory allocation, aka "Visio Viewer Tree Object Type Confusion. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 59.5% and no vendor patch available.

Microsoft RCE Office Filter Pack Visio Visio Viewer
NVD
CVSS 2.0
9.3
EPSS
59.5%
CVE-2012-1888 CRITICAL Emergency

Buffer overflow in Microsoft Visio 2010 SP1 and Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visio file, aka "Visio DXF File Format Buffer Overflow. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 59.8% and no vendor patch available.

Buffer Overflow Microsoft RCE Visio Visio Viewer
NVD
CVSS 2.0
9.3
EPSS
59.8%
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Microsoft Office Visio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass RCE Microsoft +4
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Microsoft Office Visio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft RCE +5
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Excel +7
NVD VulDB
EPSS 2% CVSS 7.1
HIGH This Week

Microsoft Office Visio Information Disclosure Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Microsoft +4
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Microsoft Office Visio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Microsoft +5
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Microsoft Office Visio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft 365 Apps +3
NVD
EPSS 2% CVSS 7.8
HIGH This Week

Microsoft Office Visio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE 365 Apps +3
NVD VulDB
EPSS 1% CVSS 7.8
HIGH This Week

Microsoft Office Visio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE 365 Apps +3
NVD
EPSS 2% CVSS 7.0
HIGH PATCH This Week

Microsoft Visio Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Microsoft Authentication Bypass 365 Apps +2
NVD
EPSS 9% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Access +9
NVD
EPSS 19% CVSS 7.8
HIGH Act Now

Microsoft Visio 2016 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability.". Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 19.3% and no vendor patch available.

RCE Buffer Overflow Microsoft +1
NVD
EPSS 11% CVSS 4.3
MEDIUM This Month

Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.6% and no vendor patch available.

Information Disclosure Microsoft Excel +5
NVD
EPSS 15% CVSS 9.3
CRITICAL Act Now

Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese). Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 15.5% and no vendor patch available.

Privilege Escalation Microsoft Access +13
NVD
EPSS 35% CVSS 9.3
CRITICAL Emergency

Buffer overflow in Microsoft Visio 2007 SP3 and 2010 SP2 allows remote attackers to execute arbitrary code via crafted UML data in an Office document, aka "Microsoft Office Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 34.6% and no vendor patch available.

RCE Buffer Overflow Microsoft +1
NVD
EPSS 15% CVSS 4.3
MEDIUM PATCH This Month

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Excel 2007 SP3,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 14.9%.

Information Disclosure Microsoft Excel +14
NVD
EPSS 28% CVSS 4.3
MEDIUM This Month

Microsoft Visio 2003 SP3 2007 SP3, and 2010 SP1 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 27.8% and no vendor patch available.

Information Disclosure Microsoft Visio
NVD
EPSS 60% CVSS 9.3
CRITICAL Emergency

Microsoft Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visio file that triggers incorrect memory allocation, aka "Visio Viewer Tree Object Type Confusion. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 59.5% and no vendor patch available.

Microsoft RCE Office Filter Pack +2
NVD
EPSS 60% CVSS 9.3
CRITICAL Emergency

Buffer overflow in Microsoft Visio 2010 SP1 and Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visio file, aka "Visio DXF File Format Buffer Overflow. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 59.8% and no vendor patch available.

Buffer Overflow Microsoft RCE +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy