Microsoft Office Online Server
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Microsoft Office Online Server.
Recent Microsoft Office Online Server Security Advisories
Advisory | Title | Published |
---|---|---|
CVE-2021-34451 | Microsoft Office Online Server Spoofing Vulnerability | July 13, 2021 |
By the Year
In 2025 there have been 15 vulnerabilities in Microsoft Office Online Server with an average score of 7.8 out of ten. Last year, in 2024 Office Online Server had 3 security vulnerabilities published. That is, 12 more vulnerabilities have already been reported in 2025 as compared to last year. However, the average CVE base score of the vulnerabilities in 2025 is greater by 0.04.
Year | Vulnerabilities | Average Score |
---|---|---|
2025 | 15 | 7.84 |
2024 | 3 | 7.80 |
2023 | 11 | 7.45 |
2022 | 13 | 6.89 |
2021 | 30 | 7.41 |
2020 | 29 | 7.31 |
2019 | 10 | 7.29 |
2018 | 6 | 6.82 |
It may take a day or so for new Office Online Server vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Office Online Server Security Vulnerabilities
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel
CVE-2025-30383
7.8 - High
- May 13, 2025
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Object Type Confusion
Heap-based buffer overflow in Microsoft Office Excel
CVE-2025-30376
7.8 - High
- May 13, 2025
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Memory Corruption
Use after free in Microsoft Office
CVE-2025-30377
7.8 - High
- May 13, 2025
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Dangling pointer
Release of invalid pointer or reference in Microsoft Office Excel
CVE-2025-30379
7.8 - High
- May 13, 2025
Release of invalid pointer or reference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Release of Invalid Pointer or Reference
Out-of-bounds read in Microsoft Office Excel
CVE-2025-30381
7.8 - High
- May 13, 2025
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Out-of-bounds Read
Use after free in Microsoft Office Excel
CVE-2025-29977
7.8 - High
- May 13, 2025
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Dangling pointer
Heap-based buffer overflow in Microsoft Office Excel
CVE-2025-29979
7.8 - High
- May 13, 2025
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Memory Corruption
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel
CVE-2025-30375
7.8 - High
- May 13, 2025
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Object Type Confusion
Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-21381
7.8 - High
- February 11, 2025
Microsoft Excel Remote Code Execution Vulnerability
Untrusted Pointer Dereference
Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-21386
7.8 - High
- February 11, 2025
Microsoft Excel Remote Code Execution Vulnerability
Dangling pointer
Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-21390
7.8 - High
- February 11, 2025
Microsoft Excel Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-21394
7.8 - High
- February 11, 2025
Microsoft Excel Remote Code Execution Vulnerability
Dangling pointer
Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-21387
7.8 - High
- February 11, 2025
Microsoft Excel Remote Code Execution Vulnerability
Dangling pointer
Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-21354
7.8 - High
- January 14, 2025
Microsoft Excel Remote Code Execution Vulnerability
Untrusted Pointer Dereference
Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-21362
8.4 - High
- January 14, 2025
Microsoft Excel Remote Code Execution Vulnerability
Dangling pointer
Microsoft Excel Remote Code Execution Vulnerability
CVE-2024-49026
7.8 - High
- November 12, 2024
Microsoft Excel Remote Code Execution Vulnerability
Command Injection
Microsoft Excel Elevation of Privilege Vulnerability
CVE-2024-43465
7.8 - High
- September 10, 2024
Microsoft Excel Elevation of Privilege Vulnerability
Dangling pointer
Microsoft Excel Remote Code Execution Vulnerability
CVE-2024-30042
7.8 - High
- May 14, 2024
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Information Disclosure Vulnerability
CVE-2023-36766
5.5 - Medium
- September 12, 2023
Microsoft Excel Information Disclosure Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-36896
7.8 - High
- August 08, 2023
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office Remote Code Execution Vulnerability
CVE-2023-35371
7.8 - High
- August 08, 2023
Microsoft Office Remote Code Execution Vulnerability
Microsoft Excel Information Disclosure Vulnerability
CVE-2023-33162
5.5 - Medium
- July 11, 2023
Microsoft Excel Information Disclosure Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-32029
7.8 - High
- June 14, 2023
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-33133
7.8 - High
- June 14, 2023
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-33137
7.8 - High
- June 14, 2023
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-24953
7.8 - High
- May 09, 2023
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Denial of Service Vulnerability
CVE-2023-23396
6.5 - Medium
- March 14, 2023
Microsoft Excel Denial of Service Vulnerability
Resource Exhaustion
Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-23399
7.8 - High
- March 14, 2023
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Word Remote Code Execution Vulnerability
CVE-2023-21716
9.8 - Critical
- February 14, 2023
Microsoft Word Remote Code Execution Vulnerability
Microsoft Word Information Disclosure Vulnerability
CVE-2022-41060
5.5 - Medium
- November 09, 2022
Microsoft Word Information Disclosure Vulnerability
Microsoft Word Remote Code Execution Vulnerability
CVE-2022-41061
7.8 - High
- November 09, 2022
Microsoft Word Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
CVE-2022-41063
7.8 - High
- November 09, 2022
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Word Information Disclosure Vulnerability
CVE-2022-41103
5.5 - Medium
- November 09, 2022
Microsoft Word Information Disclosure Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
CVE-2022-41106
8.8 - High
- November 09, 2022
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
CVE-2022-33648
7.8 - High
- August 09, 2022
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office Information Disclosure Vulnerability
CVE-2022-30159
5.5 - Medium
- June 15, 2022
Microsoft Office Information Disclosure Vulnerability
Microsoft Office Information Disclosure Vulnerability
CVE-2022-30171
5.5 - Medium
- June 15, 2022
Microsoft Office Information Disclosure Vulnerability
Microsoft Office Information Disclosure Vulnerability
CVE-2022-30172
5.5 - Medium
- June 15, 2022
Microsoft Office Information Disclosure Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
CVE-2022-29109
7.8 - High
- May 10, 2022
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
CVE-2022-26901
7.8 - High
- April 15, 2022
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Information Disclosure Vulnerability
CVE-2022-22716
5.5 - Medium
- February 09, 2022
Microsoft Excel Information Disclosure Vulnerability
Buffer Overflow
Microsoft Office Remote Code Execution Vulnerability
CVE-2022-21840
8.8 - High
- January 11, 2022
Microsoft Office Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
CVE-2021-43256
7.8 - High
- December 15, 2021
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
CVE-2021-40442
7.8 - High
- November 10, 2021
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
CVE-2021-40474
7.8 - High
- October 13, 2021
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Word Remote Code Execution Vulnerability
CVE-2021-40486
7.8 - High
- October 13, 2021
Microsoft Word Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
CVE-2021-40485
7.8 - High
- October 13, 2021
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Information Disclosure Vulnerability
CVE-2021-40472
5.5 - Medium
- October 13, 2021
Microsoft Excel Information Disclosure Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
CVE-2021-38655
7.8 - High
- September 15, 2021
Microsoft Excel Remote Code Execution Vulnerability
Dangling pointer
Microsoft Office Online Server Spoofing Vulnerability
CVE-2021-34451
5.3 - Medium
- July 16, 2021
Microsoft Office Online Server Spoofing Vulnerability
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Office Online Server or by Microsoft? Click the Watch button to subscribe.
