Microsoft Visio
Recent Microsoft Visio Security Advisories
| Advisory | Title | Published |
|---|---|---|
| CVE-2023-36865 | Microsoft Office Visio Remote Code Execution Vulnerability | August 8, 2023 |
| CVE-2023-36866 | Microsoft Office Visio Remote Code Execution Vulnerability | August 8, 2023 |
| CVE-2023-35372 | Microsoft Office Visio Remote Code Execution Vulnerability | August 8, 2023 |
| CVE-2023-21737 | Microsoft Office Visio Remote Code Execution Vulnerability | January 10, 2023 |
| CVE-2023-21736 | Microsoft Office Visio Remote Code Execution Vulnerability | January 10, 2023 |
| CVE-2023-21738 | Microsoft Office Visio Remote Code Execution Vulnerability | January 10, 2023 |
| CVE-2023-21741 | Microsoft Office Visio Information Disclosure Vulnerability | January 10, 2023 |
| CVE-2022-44696 | Microsoft Office Visio Remote Code Execution Vulnerability | December 13, 2022 |
| CVE-2022-44695 | Microsoft Office Visio Remote Code Execution Vulnerability | December 13, 2022 |
| CVE-2022-44694 | Microsoft Office Visio Remote Code Execution Vulnerability | December 13, 2022 |
By the Year
In 2023 there have been 3 vulnerabilities in Microsoft Visio with an average score of 7.6 out of ten. Last year Visio had 2 security vulnerabilities published. That is, 1 more vulnerability have already been reported in 2023 as compared to last year. Last year, the average CVE base score was greater by 0.23
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 3 | 7.57 |
| 2022 | 2 | 7.80 |
| 2021 | 1 | 7.00 |
| 2020 | 1 | 8.80 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Visio vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Visio Security Vulnerabilities
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2023-21736
7.8 - High
- January 10, 2023
Microsoft Office Visio Remote Code Execution Vulnerability
Microsoft Office Visio Information Disclosure Vulnerability
CVE-2023-21741
7.1 - High
- January 10, 2023
Microsoft Office Visio Information Disclosure Vulnerability
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2023-21737
7.8 - High
- January 10, 2023
Microsoft Office Visio Remote Code Execution Vulnerability
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2022-44695
7.8 - High
- December 13, 2022
Microsoft Office Visio Remote Code Execution Vulnerability
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2022-38010
7.8 - High
- September 13, 2022
Microsoft Office Visio Remote Code Execution Vulnerability
Microsoft Visio Security Feature Bypass Vulnerability
CVE-2021-27055
7 - High
- March 11, 2021
Microsoft Visio Security Feature Bypass Vulnerability
A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries
CVE-2020-0760
8.8 - High
- April 15, 2020
A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991.
Improper Input Validation
gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0
CVE-2008-3013
- September 11, 2008
gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed GIF image file containing many extension markers for graphic control extensions and subsequent unknown labels, aka "GDI+ GIF Parsing Vulnerability."
Resource Management Errors
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Works or by Microsoft? Click the Watch button to subscribe.
