Publisher Microsoft Publisher

Do you want an email whenever new security vulnerabilities are reported in Microsoft Publisher?

Recent Microsoft Publisher Security Advisories

Advisory Title Published
CVE-2023-28287 Microsoft Publisher Remote Code Execution Vulnerability April 11, 2023
CVE-2023-28295 Microsoft Publisher Remote Code Execution Vulnerability April 11, 2023
CVE-2023-21715 Microsoft Publisher Security Features Bypass Vulnerability February 14, 2023

By the Year

In 2024 there have been 1 vulnerability in Microsoft Publisher with an average score of 7.8 out of ten. Last year Publisher had 2 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Publisher in 2024 could surpass last years number. Interestingly, the average vulnerability score and the number of vulnerabilities for 2024 and last year was the same.

Year Vulnerabilities Average Score
2024 1 7.80
2023 2 7.80
2022 1 5.50
2021 0 0.00
2020 1 8.80
2019 0 0.00
2018 1 7.80

It may take a day or so for new Publisher vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Publisher Security Vulnerabilities

Microsoft Office Remote Code Execution Vulnerability

CVE-2024-20673 7.8 - High - February 13, 2024

Microsoft Office Remote Code Execution Vulnerability

Microsoft Publisher Remote Code Execution Vulnerability

CVE-2023-28295 7.8 - High - June 17, 2023

Microsoft Publisher Remote Code Execution Vulnerability

Microsoft Publisher Remote Code Execution Vulnerability

CVE-2023-28287 7.8 - High - June 17, 2023

Microsoft Publisher Remote Code Execution Vulnerability

Microsoft Office Security Feature Bypass Vulnerability

CVE-2022-29107 5.5 - Medium - May 10, 2022

Microsoft Office Security Feature Bypass Vulnerability

A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries

CVE-2020-0760 8.8 - High - April 15, 2020

A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991.

Improper Input Validation

A remote code execution vulnerability exists when Microsoft Publisher fails to utilize features

CVE-2018-8245 7.8 - High - June 14, 2018

A remote code execution vulnerability exists when Microsoft Publisher fails to utilize features that lock down the Local Machine zone when instantiating OLE objects, aka "Microsoft Publisher Remote Code Execution Vulnerability." This affects Microsoft Publisher.

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Publisher or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

subscribe