Visio Microsoft Visio

Do you want an email whenever new security vulnerabilities are reported in Microsoft Visio?

Recent Microsoft Visio Security Advisories

Advisory Title Published
CVE-2023-36865 Microsoft Office Visio Remote Code Execution Vulnerability August 8, 2023
CVE-2023-36866 Microsoft Office Visio Remote Code Execution Vulnerability August 8, 2023
CVE-2023-35372 Microsoft Office Visio Remote Code Execution Vulnerability August 8, 2023
CVE-2023-21737 Microsoft Office Visio Remote Code Execution Vulnerability January 10, 2023
CVE-2023-21736 Microsoft Office Visio Remote Code Execution Vulnerability January 10, 2023
CVE-2023-21738 Microsoft Office Visio Remote Code Execution Vulnerability January 10, 2023
CVE-2023-21741 Microsoft Office Visio Information Disclosure Vulnerability January 10, 2023
CVE-2022-44696 Microsoft Office Visio Remote Code Execution Vulnerability December 13, 2022
CVE-2022-44695 Microsoft Office Visio Remote Code Execution Vulnerability December 13, 2022
CVE-2022-44694 Microsoft Office Visio Remote Code Execution Vulnerability December 13, 2022

By the Year

In 2023 there have been 3 vulnerabilities in Microsoft Visio with an average score of 7.6 out of ten. Last year Visio had 2 security vulnerabilities published. That is, 1 more vulnerability have already been reported in 2023 as compared to last year. Last year, the average CVE base score was greater by 0.23

Year Vulnerabilities Average Score
2023 3 7.57
2022 2 7.80
2021 1 7.00
2020 1 8.80
2019 0 0.00
2018 0 0.00

It may take a day or so for new Visio vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Visio Security Vulnerabilities

Microsoft Office Visio Remote Code Execution Vulnerability

CVE-2023-21736 7.8 - High - January 10, 2023

Microsoft Office Visio Remote Code Execution Vulnerability

Microsoft Office Visio Information Disclosure Vulnerability

CVE-2023-21741 7.1 - High - January 10, 2023

Microsoft Office Visio Information Disclosure Vulnerability

Microsoft Office Visio Remote Code Execution Vulnerability

CVE-2023-21737 7.8 - High - January 10, 2023

Microsoft Office Visio Remote Code Execution Vulnerability

Microsoft Office Visio Remote Code Execution Vulnerability

CVE-2022-44695 7.8 - High - December 13, 2022

Microsoft Office Visio Remote Code Execution Vulnerability

Microsoft Office Visio Remote Code Execution Vulnerability

CVE-2022-38010 7.8 - High - September 13, 2022

Microsoft Office Visio Remote Code Execution Vulnerability

Microsoft Visio Security Feature Bypass Vulnerability

CVE-2021-27055 7 - High - March 11, 2021

Microsoft Visio Security Feature Bypass Vulnerability

A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries

CVE-2020-0760 8.8 - High - April 15, 2020

A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991.

Improper Input Validation

gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0

CVE-2008-3013 - September 11, 2008

gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed GIF image file containing many extension markers for graphic control extensions and subsequent unknown labels, aka "GDI+ GIF Parsing Vulnerability."

Resource Management Errors

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Works or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

subscribe