Vulnerabilities > Microsoft > Excel > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-15 | CVE-2018-8382 | Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel. | 4.3 |
| 2018-06-14 | CVE-2018-8246 | Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel. | 4.3 |
| 2018-05-09 | CVE-2018-8163 | Information Exposure vulnerability in Microsoft Excel and Office An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Office, Microsoft Excel. | 4.3 |
| 2018-03-14 | CVE-2018-0907 | Unspecified vulnerability in Microsoft Excel and Office Microsoft Excel 2007 SP3, Microsoft Excel 2010 SP2, Microsoft Excel 2013 SP1, Microsoft Excel 2016, Microsoft Office 2016 Click-to-Run and Microsoft Office 2016 for Mac allow a security feature bypass vulnerability due to how macro settings are enforced, aka "Microsoft Office Excel Security Feature Bypass". network microsoft | 6.8 |
| 2017-11-15 | CVE-2017-11877 | Unspecified vulnerability in Microsoft Excel, Excel Viewer and Office Compatibility Pack Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Compatibility Pack Service Pack 3, Microsoft Excel Viewer 2007 Service Pack 3, and Microsoft Excel 2016 for Mac allow a security feature bypass by not enforcing macro settings on an Excel document, aka "Microsoft Excel Security Feature Bypass Vulnerability". | 5.5 |
| 2017-04-12 | CVE-2017-0194 | Information Exposure vulnerability in Microsoft Excel and Office Compatibility Pack Microsoft Excel 2007 SP3, Microsoft Excel 2010 SP2, and Office Compatibility Pack SP2 allow remote attackers to obtain sensitive information from process memory via a crafted Office document, aka "Microsoft Office Information Disclosure Vulnerability." | 4.3 |
| 2016-12-20 | CVE-2016-7267 | Improper Input Validation vulnerability in Microsoft Excel 2010/2013/2016 Microsoft Excel 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 misparses file formats, which makes it easier for remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Security Feature Bypass Vulnerability." | 4.3 |
| 2016-12-20 | CVE-2016-7266 | Improper Input Validation vulnerability in Microsoft products Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, and Excel 2016 for Mac mishandle a registry check, which allows user-assisted remote attackers to execute arbitrary commands via crafted embedded content in a document, aka "Microsoft Office Security Feature Bypass Vulnerability." | 6.8 |
| 2016-12-20 | CVE-2016-7265 | Out-of-bounds Read vulnerability in Microsoft products Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, and Excel Services on SharePoint Server 2010 SP2 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka "Microsoft Office Information Disclosure Vulnerability." | 5.8 |
| 2016-12-20 | CVE-2016-7264 | Out-of-bounds Read vulnerability in Microsoft products Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, Excel for Mac 2011, and Excel 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka "Microsoft Office Information Disclosure Vulnerability." | 5.8 |