Microsoft Publisher
Recent Microsoft Publisher Security Advisories
Advisory | Title | Published |
---|---|---|
CVE-2023-28287 | Microsoft Publisher Remote Code Execution Vulnerability | April 11, 2023 |
CVE-2023-28295 | Microsoft Publisher Remote Code Execution Vulnerability | April 11, 2023 |
CVE-2023-21715 | Microsoft Publisher Security Features Bypass Vulnerability | February 14, 2023 |
By the Year
In 2024 there have been 1 vulnerability in Microsoft Publisher with an average score of 7.8 out of ten. Last year Publisher had 2 security vulnerabilities published. At the current rates, it appears that the number of vulnerabilities last year and this year may equal out. Interestingly, the average vulnerability score and the number of vulnerabilities for 2024 and last year was the same.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 1 | 7.80 |
2023 | 2 | 7.80 |
2022 | 1 | 5.50 |
2021 | 0 | 0.00 |
2020 | 1 | 8.80 |
2019 | 0 | 0.00 |
2018 | 1 | 7.80 |
It may take a day or so for new Publisher vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Publisher Security Vulnerabilities
Microsoft Office Remote Code Execution Vulnerability
CVE-2024-20673
7.8 - High
- February 13, 2024
Microsoft Office Remote Code Execution Vulnerability
Microsoft Publisher Remote Code Execution Vulnerability
CVE-2023-28295
7.8 - High
- June 17, 2023
Microsoft Publisher Remote Code Execution Vulnerability
Microsoft Publisher Remote Code Execution Vulnerability
CVE-2023-28287
7.8 - High
- June 17, 2023
Microsoft Publisher Remote Code Execution Vulnerability
Microsoft Office Security Feature Bypass Vulnerability
CVE-2022-29107
5.5 - Medium
- May 10, 2022
Microsoft Office Security Feature Bypass Vulnerability
A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries
CVE-2020-0760
8.8 - High
- April 15, 2020
A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991.
Improper Input Validation
A remote code execution vulnerability exists when Microsoft Publisher fails to utilize features
CVE-2018-8245
7.8 - High
- June 14, 2018
A remote code execution vulnerability exists when Microsoft Publisher fails to utilize features that lock down the Local Machine zone when instantiating OLE objects, aka "Microsoft Publisher Remote Code Execution Vulnerability." This affects Microsoft Publisher.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Publisher or by Microsoft? Click the Watch button to subscribe.