Excel Microsoft Excel Spreadsheet Software

Do you want an email whenever new security vulnerabilities are reported in Microsoft Excel?

Recent Microsoft Excel Security Advisories

Advisory Title Published
CVE-2023-23398 Microsoft Excel Spoofing Vulnerability March 14, 2023
CVE-2023-23396 Microsoft Excel Denial of Service Vulnerability March 14, 2023
CVE-2023-23399 Microsoft Excel Remote Code Execution Vulnerability March 14, 2023
CVE-2022-41104 Microsoft Excel Security Feature Bypass Vulnerability November 8, 2022
CVE-2022-41106 Microsoft Excel Remote Code Execution Vulnerability November 8, 2022
CVE-2022-41105 Microsoft Excel Information Disclosure Vulnerability November 8, 2022
CVE-2022-41063 Microsoft Excel Remote Code Execution Vulnerability November 8, 2022
CVE-2022-33631 Microsoft Excel Security Feature Bypass Vulnerability August 9, 2022
CVE-2022-33648 Microsoft Excel Remote Code Execution Vulnerability August 9, 2022
CVE-2022-30173 Microsoft Excel Remote Code Execution Vulnerability June 14, 2022

Known Exploited Microsoft Excel Vulnerabilities

The following Microsoft Excel vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.

Title Description Added
Microsoft Excel Remote Code Execution Vulnerability A remote code execution vulnerability exists in Microsoft Excel when the software fails to properly handle objects in memory. CVE-2019-1297 March 3, 2022
Microsoft Office Security Feature Bypass Vulnerability A security feature bypass vulnerability exists when Microsoft Office improperly handles input. An attacker who successfully exploited the vulnerability could execute arbitrary commands. CVE-2016-7262 March 3, 2022
Microsoft Excel Featheader Record Memory Corruption Vulnerability Microsoft Office Excel allows remote attackers to execute arbitrary code via a spreadsheet with a FEATHEADER record containing an invalid cbHdrData size element that affects a pointer offset. CVE-2009-3129 March 3, 2022

@msexcel Tweets

Would you rather stop using keyboard shortcuts or never use another PivotTable?
Wed Mar 22 18:00:00 +0000 2023

By the Year

In 2023 there have been 2 vulnerabilities in Microsoft Excel with an average score of 6.7 out of ten. Last year Excel had 10 security vulnerabilities published. Right now, Excel is on track to have less security vulnerabilities in 2023 than it did last year. Last year, the average CVE base score was greater by 0.97

Year Vulnerabilities Average Score
2023 2 6.65
2022 10 7.62
2021 28 7.51
2020 32 7.95
2019 11 7.51
2018 22 7.23

It may take a day or so for new Excel vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Excel Security Vulnerabilities

Microsoft Excel Remote Code Execution Vulnerability

CVE-2023-23399 7.8 - High - March 14, 2023

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Excel Spoofing Vulnerability

CVE-2023-23398 5.5 - Medium - March 14, 2023

Microsoft Excel Spoofing Vulnerability

Microsoft Excel Security Feature Bypass Vulnerability.

CVE-2022-41104 7.8 - High - November 09, 2022

Microsoft Excel Security Feature Bypass Vulnerability.

Microsoft Excel Remote Code Execution Vulnerability

CVE-2022-41106 7.8 - High - November 09, 2022

Microsoft Excel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-41063.

Microsoft Excel Remote Code Execution Vulnerability

CVE-2022-41063 7.8 - High - November 09, 2022

Microsoft Excel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-41106.

Microsoft Excel Security Feature Bypass Vulnerability.

CVE-2022-33631 7.3 - High - August 09, 2022

Microsoft Excel Security Feature Bypass Vulnerability.

Microsoft Excel Remote Code Execution Vulnerability.

CVE-2022-30173 7.8 - High - June 15, 2022

Microsoft Excel Remote Code Execution Vulnerability.

Microsoft Excel Remote Code Execution Vulnerability

CVE-2022-29110 7.8 - High - May 10, 2022

Microsoft Excel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-29109.

Windows Graphics Component Remote Code Execution Vulnerability.

CVE-2022-26903 7.8 - High - April 15, 2022

Windows Graphics Component Remote Code Execution Vulnerability.

Microsoft Excel Remote Code Execution Vulnerability

CVE-2022-26901 7.8 - High - April 15, 2022

Microsoft Excel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24473.

Microsoft Excel Information Disclosure Vulnerability.

CVE-2022-22716 5.5 - Medium - February 09, 2022

Microsoft Excel Information Disclosure Vulnerability.

Exposure of Resource to Wrong Sphere

Microsoft Office Remote Code Execution Vulnerability.

CVE-2022-21840 8.8 - High - January 11, 2022

Microsoft Office Remote Code Execution Vulnerability.

Code Injection

Microsoft Excel Remote Code Execution Vulnerability

CVE-2021-43256 7.8 - High - December 15, 2021

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Excel Security Feature Bypass Vulnerability

CVE-2021-42292 7.8 - High - November 10, 2021

Microsoft Excel Security Feature Bypass Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

CVE-2021-40442 7.8 - High - November 10, 2021

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

CVE-2021-40485 7.8 - High - October 13, 2021

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-40471, CVE-2021-40473, CVE-2021-40474, CVE-2021-40479.

Microsoft Excel Remote Code Execution Vulnerability

CVE-2021-40474 7.8 - High - October 13, 2021

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-40471, CVE-2021-40473, CVE-2021-40479, CVE-2021-40485.

Microsoft Excel Information Disclosure Vulnerability

CVE-2021-40472 5.5 - Medium - October 13, 2021

Microsoft Excel Information Disclosure Vulnerability

Microsoft Office Graphics Remote Code Execution Vulnerability

CVE-2021-38660 7.8 - High - September 15, 2021

Microsoft Office Graphics Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-38658.

Microsoft Excel Remote Code Execution Vulnerability

CVE-2021-38655 7.8 - High - September 15, 2021

Microsoft Excel Remote Code Execution Vulnerability

Dangling pointer

Microsoft Excel Remote Code Execution Vulnerability

CVE-2021-34501 8.8 - High - July 14, 2021

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34518.

Microsoft Excel Remote Code Execution Vulnerability

CVE-2021-34518 7.8 - High - July 14, 2021

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34501.

Microsoft Excel Remote Code Execution Vulnerability

CVE-2021-31939 7.8 - High - June 08, 2021

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Office Remote Code Execution Vulnerability

CVE-2021-31179 7.8 - High - May 11, 2021

Microsoft Office Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31175, CVE-2021-31176, CVE-2021-31177.

Microsoft Office Information Disclosure Vulnerability

CVE-2021-31178 5.5 - Medium - May 11, 2021

Microsoft Office Information Disclosure Vulnerability

Information Disclosure

Microsoft Office Remote Code Execution Vulnerability

CVE-2021-31177 7.8 - High - May 11, 2021

Microsoft Office Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31175, CVE-2021-31176, CVE-2021-31179.

Dangling pointer

Microsoft Excel Information Disclosure Vulnerability

CVE-2021-31174 5.5 - Medium - May 11, 2021

Microsoft Excel Information Disclosure Vulnerability

Information Disclosure

Microsoft Office Remote Code Execution Vulnerability

CVE-2021-31175 7.8 - High - May 11, 2021

Microsoft Office Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31176, CVE-2021-31177, CVE-2021-31179.

Dangling pointer

Microsoft Excel Remote Code Execution Vulnerability

CVE-2021-28451 7.8 - High - April 13, 2021

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28454.

Microsoft Office Remote Code Execution Vulnerability

CVE-2021-28449 7.8 - High - April 13, 2021

Microsoft Office Remote Code Execution Vulnerability

Microsoft Excel Information Disclosure Vulnerability

CVE-2021-28456 5.5 - Medium - April 13, 2021

Microsoft Excel Information Disclosure Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

CVE-2021-27053 7.8 - High - March 11, 2021

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-27054.

Microsoft Excel Remote Code Execution Vulnerability

CVE-2021-27054 7.8 - High - March 11, 2021

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-27053.

Microsoft Office Remote Code Execution Vulnerability

CVE-2021-27057 7.8 - High - March 11, 2021

Microsoft Office Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24108, CVE-2021-27059.

Microsoft Excel Remote Code Execution Vulnerability

CVE-2021-24067 7.8 - High - February 25, 2021

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24068, CVE-2021-24069, CVE-2021-24070.

Dangling pointer

Microsoft Excel Remote Code Execution Vulnerability

CVE-2021-24068 7.8 - High - February 25, 2021

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24067, CVE-2021-24069, CVE-2021-24070.

Microsoft Excel Remote Code Execution Vulnerability

CVE-2021-24069 7.8 - High - February 25, 2021

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24067, CVE-2021-24068, CVE-2021-24070.

Microsoft Excel Remote Code Execution Vulnerability

CVE-2021-24070 7.8 - High - February 25, 2021

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24067, CVE-2021-24068, CVE-2021-24069.

Dangling pointer

Microsoft Excel Remote Code Execution Vulnerability

CVE-2021-1713 7.8 - High - January 12, 2021

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1714.

Buffer Overflow

Microsoft Excel Remote Code Execution Vulnerability

CVE-2021-1714 7.8 - High - January 12, 2021

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1713.

Microsoft Excel Remote Code Execution Vulnerability

CVE-2020-17123 7.8 - High - December 10, 2020

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17122, CVE-2020-17125, CVE-2020-17127, CVE-2020-17128, CVE-2020-17129.

Microsoft Excel Remote Code Execution Vulnerability

CVE-2020-17125 7.8 - High - December 10, 2020

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17122, CVE-2020-17123, CVE-2020-17127, CVE-2020-17128, CVE-2020-17129.

Microsoft Excel Information Disclosure Vulnerability

CVE-2020-17126 5.5 - Medium - December 10, 2020

Microsoft Excel Information Disclosure Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

CVE-2020-17127 7.8 - High - December 10, 2020

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17122, CVE-2020-17123, CVE-2020-17125, CVE-2020-17128, CVE-2020-17129.

Microsoft Excel Remote Code Execution Vulnerability

CVE-2020-17128 7.8 - High - December 10, 2020

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17122, CVE-2020-17123, CVE-2020-17125, CVE-2020-17127, CVE-2020-17129.

Microsoft Excel Remote Code Execution Vulnerability

CVE-2020-17129 7.8 - High - December 10, 2020

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17122, CVE-2020-17123, CVE-2020-17125, CVE-2020-17127, CVE-2020-17128.

Microsoft Excel Security Feature Bypass Vulnerability

CVE-2020-17130 6.5 - Medium - December 10, 2020

Microsoft Excel Security Feature Bypass Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

CVE-2020-17064 7.8 - High - November 11, 2020

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17019, CVE-2020-17065, CVE-2020-17066.

Microsoft Excel Remote Code Execution Vulnerability

CVE-2020-17065 7.8 - High - November 11, 2020

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17019, CVE-2020-17064, CVE-2020-17066.

Microsoft Excel Remote Code Execution Vulnerability

CVE-2020-17066 7.8 - High - November 11, 2020

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17019, CVE-2020-17064, CVE-2020-17065.

Microsoft Excel Security Feature Bypass Vulnerability

CVE-2020-17067 7.8 - High - November 11, 2020

Microsoft Excel Security Feature Bypass Vulnerability

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2020-16929 7.8 - High - October 16, 2020

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-16930, CVE-2020-16931, CVE-2020-16932.

Dangling pointer

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2020-16931 7.8 - High - October 16, 2020

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-16929, CVE-2020-16930, CVE-2020-16932.

Use of Uninitialized Resource

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2020-16932 7.8 - High - October 16, 2020

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-16929, CVE-2020-16930, CVE-2020-16931.

Buffer Overflow

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory

CVE-2020-1224 5.5 - Medium - September 11, 2020

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.

Information Disclosure

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2020-1332 8.8 - High - September 11, 2020

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1193, CVE-2020-1335, CVE-2020-1594.

Buffer Overflow

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2020-1335 8.8 - High - September 11, 2020

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1193, CVE-2020-1332, CVE-2020-1594.

Buffer Overflow

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2020-1594 8.8 - High - September 11, 2020

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1193, CVE-2020-1332, CVE-2020-1335.

Buffer Overflow

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2020-1494 8.8 - High - August 17, 2020

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1495, CVE-2020-1496, CVE-2020-1498, CVE-2020-1504.

Buffer Overflow

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2020-1495 8.8 - High - August 17, 2020

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1494, CVE-2020-1496, CVE-2020-1498, CVE-2020-1504.

Buffer Overflow

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2020-1496 8.8 - High - August 17, 2020

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1494, CVE-2020-1495, CVE-2020-1498, CVE-2020-1504.

Buffer Overflow

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory

CVE-2020-1497 5.5 - Medium - August 17, 2020

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.

Information Disclosure

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2020-1498 8.8 - High - August 17, 2020

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1494, CVE-2020-1495, CVE-2020-1496, CVE-2020-1504.

Buffer Overflow

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2020-1504 8.8 - High - August 17, 2020

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1494, CVE-2020-1495, CVE-2020-1496, CVE-2020-1498.

Buffer Overflow

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2020-1225 8.8 - High - June 09, 2020

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1226.

Buffer Overflow

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2020-1226 8.8 - High - June 09, 2020

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1225.

Buffer Overflow

A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries

CVE-2020-0760 8.8 - High - April 15, 2020

A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991.

Improper Input Validation

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2020-0906 8.8 - High - April 15, 2020

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0979.

Buffer Overflow

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2020-0759 8.8 - High - February 11, 2020

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.

Buffer Overflow

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2020-0650 7.8 - High - January 14, 2020

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0651, CVE-2020-0653.

Buffer Overflow

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2020-0651 7.8 - High - January 14, 2020

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0650, CVE-2020-0653.

Buffer Overflow

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory

CVE-2020-0652 7.8 - High - January 14, 2020

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka 'Microsoft Office Memory Corruption Vulnerability'.

Buffer Overflow

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory

CVE-2019-1464 5.5 - Medium - December 10, 2019

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.

Information Disclosure

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory

CVE-2019-1446 5.5 - Medium - November 12, 2019

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.

Information Disclosure

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2019-1448 7.8 - High - November 12, 2019

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2019-1327 8.8 - High - October 10, 2019

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1331.

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2019-1331 8.8 - High - October 10, 2019

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1327.

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory

CVE-2019-1263 5.5 - Medium - September 11, 2019

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.

Information Disclosure

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2019-1297 8.8 - High - September 11, 2019

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2019-1110 8.8 - High - July 15, 2019

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1111.

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2019-1111 8.8 - High - July 15, 2019

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1110.

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2019-0828 7.8 - High - April 09, 2019

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory

CVE-2019-0669 6.5 - Medium - March 05, 2019

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2018-8597 7.8 - High - December 12, 2018

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8636.

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory

CVE-2018-8598 4.7 - Medium - December 12, 2018

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8627.

An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable

CVE-2018-8627 5.5 - Medium - December 12, 2018

An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel. This CVE ID is unique from CVE-2018-8598.

Use of Uninitialized Resource

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2018-8636 7.8 - High - December 12, 2018

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8597.

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2018-8577 7.8 - High - November 14, 2018

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel. This CVE ID is unique from CVE-2018-8574.

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in Protected View

CVE-2018-8502 8.8 - High - October 10, 2018

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in Protected View, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel.

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2018-8331 7.8 - High - September 13, 2018

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Office.

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory

CVE-2018-8429 5.5 - Medium - September 13, 2018

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel.

Information Disclosure

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2018-8375 7.8 - High - August 15, 2018

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8379.

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2018-8379 7.8 - High - August 15, 2018

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel. This CVE ID is unique from CVE-2018-8375.

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory

CVE-2018-8382 5.5 - Medium - August 15, 2018

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel.

Information Disclosure

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory

CVE-2018-8246 5.5 - Medium - June 14, 2018

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel.

Information Disclosure

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2018-8147 7.8 - High - May 09, 2018

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8148, CVE-2018-8162.

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2018-8148 7.8 - High - May 09, 2018

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8147, CVE-2018-8162.

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2018-8162 7.8 - High - May 09, 2018

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8147, CVE-2018-8148.

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory

CVE-2018-8163 5.5 - Medium - May 09, 2018

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Office, Microsoft Excel.

Information Disclosure

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2018-0920 7.8 - High - April 12, 2018

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel. This CVE ID is unique from CVE-2018-1011, CVE-2018-1027, CVE-2018-1029.

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Excel or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

Microsoft Excel
Spreadsheet Software

subscribe