Vulnerabilities > Microsoft > Onenote
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-14 | CVE-2025-21402 | Unspecified vulnerability in Microsoft Office and Onenote Microsoft Office OneNote Remote Code Execution Vulnerability | 7.8 |
| 2023-11-06 | CVE-2023-36769 | Unspecified vulnerability in Microsoft Onenote Microsoft OneNote Spoofing Vulnerability | 5.4 |
| 2017-06-15 | CVE-2017-8509 | Unspecified vulnerability in Microsoft products A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". | 8.8 |
| 2017-04-12 | CVE-2017-0197 | Improper Input Validation vulnerability in Microsoft Onenote 2007/2010 Microsoft OneNote 2007 SP3 and Microsoft OneNote 2010 SP2 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office DLL Loading Vulnerability." | 7.8 |
| 2016-08-09 | CVE-2016-3315 | Information Exposure vulnerability in Microsoft Onenote and Onenote for mac Microsoft OneNote 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, and 2016 for Mac allow remote attackers to obtain sensitive information via a crafted OneNote file, aka "Microsoft OneNote Information Disclosure Vulnerability." | 5.5 |
| 2014-08-12 | CVE-2014-2815 | Unspecified vulnerability in Microsoft Onenote 2007 Microsoft OneNote 2007 SP3 allows remote attackers to execute arbitrary code via a crafted OneNote file that triggers creation of an executable file in a startup folder, aka "OneNote Remote Code Execution Vulnerability." | 8.8 |