CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Microsoft » Word » 2013 SP1 * * : Security Vulnerabilities

Cpe Name:cpe:2.3:a:microsoft:word:2013:sp1:*:*:rt:*:*:*
CVSS Scores Greater Than: 0   1   2   3   4   5   6   7   8   9  
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2022-29107 863 Bypass 2022-05-10 2022-05-19
4.3
 None Remote Medium Not required Partial None None
Microsoft Office Security Feature Bypass Vulnerability.
2 CVE-2021-40486 Exec Code 2021-10-13 2021-10-19
6.8
 None Remote Medium Not required Partial Partial Partial
Microsoft Word Remote Code Execution Vulnerability
3 CVE-2021-31180 Exec Code 2021-05-11 2021-05-18
6.8
 None Remote Medium Not required Partial Partial Partial
Microsoft Office Graphics Remote Code Execution Vulnerability
4 CVE-2021-31178 200 +Info 2021-05-11 2021-05-17
4.3
 None Remote Medium Not required Partial None None
Microsoft Office Information Disclosure Vulnerability
5 CVE-2021-31177 416 Exec Code 2021-05-11 2021-05-17
6.8
 None Remote Medium Not required Partial Partial Partial
Microsoft Office Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31175, CVE-2021-31176, CVE-2021-31179.
6 CVE-2021-28453 Exec Code 2021-04-13 2021-06-04
6.8
 None Remote Medium Not required Partial Partial Partial
Microsoft Word Remote Code Execution Vulnerability
7 CVE-2021-1716 Exec Code 2021-01-12 2021-01-14
9.3
 None Remote Medium Not required Complete Complete Complete
Microsoft Word Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1715.
8 CVE-2021-1715 787 Exec Code 2021-01-12 2021-03-04
9.3
 None Remote Medium Not required Complete Complete Complete
Microsoft Word Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1716.
9 CVE-2020-17020 287 Bypass 2020-11-11 2021-07-21
2.1
 None Local Low Not required Partial None None
Microsoft Word Security Feature Bypass Vulnerability
10 CVE-2020-16933 755 Bypass 2020-10-16 2020-10-21
6.8
 None Remote Medium Not required Partial Partial Partial
A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files, aka 'Microsoft Word Security Feature Bypass Vulnerability'.
11 CVE-2020-1583 200 +Info 2020-08-17 2021-07-21
4.3
 None Remote Medium Not required Partial None None
An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory, aka 'Microsoft Word Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1502, CVE-2020-1503.
12 CVE-2020-1503 200 +Info 2020-08-17 2021-07-21
4.3
 None Remote Medium Not required Partial None None
An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory, aka 'Microsoft Word Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1502, CVE-2020-1583.
13 CVE-2020-1445 200 +Info 2020-07-14 2021-07-21
4.3
 None Remote Medium Not required Partial None None
An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka 'Microsoft Office Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1342.
14 CVE-2020-1342 908 2020-07-14 2021-07-21
4.3
 None Remote Medium Not required Partial None None
An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka 'Microsoft Office Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1445.
15 CVE-2020-1229 200 Bypass +Info 2020-06-09 2021-07-21
4.3
 None Remote Medium Not required Partial None None
A security feature bypass vulnerability exists in Microsoft Outlook when Office fails to enforce security settings configured on a system, aka 'Microsoft Outlook Security Feature Bypass Vulnerability'.
16 CVE-2020-1218 94 Exec Code 2020-09-11 2021-07-21
6.8
 None Remote Medium Not required Partial Partial Partial
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1338.
17 CVE-2020-0980 119 Exec Code Overflow 2020-04-15 2021-07-21
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'.
18 CVE-2020-0892 119 Exec Code Overflow 2020-03-12 2021-07-21
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0850, CVE-2020-0851, CVE-2020-0852, CVE-2020-0855.
19 CVE-2020-0850 119 Exec Code Overflow 2020-03-12 2021-07-21
6.8
 None Remote Medium Not required Partial Partial Partial
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0851, CVE-2020-0852, CVE-2020-0855, CVE-2020-0892.
20 CVE-2020-0760 20 Exec Code 2020-04-15 2021-07-21
6.8
 None Remote Medium Not required Partial Partial Partial
A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991.
21 CVE-2019-1461 DoS 2019-12-10 2020-08-24
7.1
 None Remote Medium Not required None None Complete
A denial of service vulnerability exists in Microsoft Word software when the software fails to properly handle objects in memory, aka 'Microsoft Word Denial of Service Vulnerability'.
22 CVE-2019-1201 Exec Code 2019-08-14 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1205.
23 CVE-2019-1034 Exec Code 2019-06-12 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1035.
24 CVE-2019-0585 Exec Code 2019-01-08 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft SharePoint, Microsoft Office Online Server, Microsoft Word, Microsoft SharePoint Server.
25 CVE-2019-0561 2019-01-08 2020-08-24
4.3
 None Remote Medium Not required Partial None None
An information disclosure vulnerability exists when Microsoft Word macro buttons are used improperly, aka "Microsoft Word Information Disclosure Vulnerability." This affects Microsoft Word, Office 365 ProPlus, Microsoft Office, Word.
26 CVE-2018-8573 Exec Code 2018-11-14 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Microsoft Word, Office 365 ProPlus, Microsoft Office. This CVE ID is unique from CVE-2018-8539.
27 CVE-2018-8504 Exec Code 2018-10-10 2019-10-03
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Word software when the software fails to properly handle objects in Protected View, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Microsoft SharePoint Server, Office 365 ProPlus, Microsoft Office, Microsoft Word.
28 CVE-2018-8310 2018-07-11 2020-08-24
5.0
 None Remote Low Not required None Partial None
A tampering vulnerability exists when Microsoft Outlook does not properly handle specific attachment types when rendering HTML emails, aka "Microsoft Office Tampering Vulnerability." This affects Microsoft Word, Microsoft Office.
29 CVE-2018-8161 Exec Code 2018-05-09 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Word, Word, Microsoft Office, Microsoft SharePoint. This CVE ID is unique from CVE-2018-8157, CVE-2018-8158.
30 CVE-2018-0950 2018-04-12 2020-08-24
4.3
 None Remote Medium Not required Partial None None
An information disclosure vulnerability exists when Office renders Rich Text Format (RTF) email messages containing OLE objects when a message is opened or previewed, aka "Microsoft Office Information Disclosure Vulnerability." This affects Microsoft Word, Microsoft Office. This CVE ID is unique from CVE-2018-1007.
31 CVE-2018-0919 125 2018-03-14 2020-08-24
4.3
 None Remote Medium Not required Partial None None
Microsoft Office 2010 SP2, 2013 SP1, and 2016, Microsoft Office 2016 Click-to-Run Microsoft Office 2016 for Mac, Microsoft Office Web Apps 2010 SP2, Microsoft Office Web Apps 2013 SP1, Microsoft SharePoint Enterprise Server 2013 SP1, Microsoft SharePoint Enterprise Server 2016, Microsoft SharePoint Server 2010 SP2, Microsoft Word 2010 SP2, Word 2013 SP1 and Microsoft Word 2016 allow an information disclosure vulnerability due to how variables are initialized, aka "Microsoft Office Information Disclosure Vulnerability".
32 CVE-2018-0862 Exec Code 2018-01-22 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0805, CVE-2018-0806, and CVE-2018-0807.
33 CVE-2018-0849 Exec Code 2018-01-22 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0805, CVE-2018-0806, and CVE-2018-0807.
34 CVE-2018-0848 Exec Code 2018-01-22 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0805, CVE-2018-0806, and CVE-2018-0807.
35 CVE-2018-0845 Exec Code 2018-01-22 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0805, CVE-2018-0806, and CVE-2018-0807.
36 CVE-2018-0812 787 Exec Code Mem. Corr. 2018-01-10 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Memory Corruption Vulnerability".
37 CVE-2018-0807 Exec Code 2018-01-10 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0804, CVE-2018-0805, and CVE-2018-0806.
38 CVE-2018-0806 Exec Code 2018-01-10 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0804, CVE-2018-0805, and CVE-2018-0807.
39 CVE-2018-0805 Exec Code 2018-01-10 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0804, CVE-2018-0806, and CVE-2018-0807
40 CVE-2018-0804 Exec Code 2018-01-10 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0805, CVE-2018-0806, and CVE-2018-0807.
41 CVE-2018-0802 787 Exec Code Mem. Corr. 2018-01-10 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797 and CVE-2018-0812.
42 CVE-2018-0801 Exec Code 2018-01-10 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Remote Code Execution Vulnerability".
43 CVE-2018-0798 787 Exec Code Mem. Corr. 2018-01-10 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability".
44 CVE-2018-0797 787 Exec Code Mem. Corr. 2018-01-10 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way RTF content is handled, aka "Microsoft Word Memory Corruption Vulnerability".
45 CVE-2018-0795 Exec Code 2018-01-10 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Remote Code Execution Vulnerability".
46 CVE-2018-0794 Exec Code 2018-01-10 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
Microsoft Word in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0792.
47 CVE-2018-0793 Exec Code 2018-01-10 2019-10-03
9.3
 None Remote Medium Not required Complete Complete Complete
Microsoft Outlook 2007, Microsoft Outlook 2010 and Microsoft Outlook 2013 allow a remote code execution vulnerability due to the way email messages are parsed, aka "Microsoft Outlook Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0791.
48 CVE-2017-8510 Exec Code 2017-06-15 2019-10-03
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8511, CVE-2017-8512, CVE-2017-0260, and CVE-2017-8506.
49 CVE-2017-8509 Exec Code 2017-06-15 2019-10-03
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, CVE-2017-0260, and CVE-2017-8506.
50 CVE-2017-0292 Exec Code 2017-06-15 2019-10-03
9.3
 None Remote Medium Not required Complete Complete Complete
Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows remote code execution if a user opens a specially crafted PDF file, aka "Windows PDF Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0291.
Total number of vulnerabilities : 76   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.