Microsoft Office Web Apps Server — known CVE vulnerabilities
Every CVE whose affected-product data names Microsoft Office Web Apps Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (62)
CVE-2015-6093 — CVSS 9.3 (critical): Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Word Automation Services on SharePoint Server…
CVE-2014-0260 — CVSS 9.3 (critical): Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office Compatibility Pack SP3; Word Viewer; SharePoint Server 2010…
CVE-2015-0085 — CVSS 9.3 (critical): Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010…
CVE-2015-0086 — CVSS 9.3 (critical): Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 Gold and SP1, Word 2013 RT Gold and SP1, Word Viewer, Office…
CVE-2014-0251 — CVSS 9.0 (critical): Microsoft Windows SharePoint Services 3.0 SP3; SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 Gold and SP1; SharePoint Foundation…
CVE-2017-8509 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office…
CVE-2019-0585 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft…
CVE-2017-8512 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office…
CVE-2017-8511 — CVSS 7.8 (high): A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office…
CVE-2017-8742 — CVSS 7.8 (high): A remote code execution vulnerability exists in Microsoft PowerPoint 2007 Service Pack 3, Microsoft PowerPoint 2010 Service Pack 2…
CVE-2018-0797 — CVSS 7.8 (high): Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way RTF…
CVE-2016-0022 — CVSS 7.8 (high): Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac…
CVE-2016-0052 — CVSS 7.8 (high): Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac…
CVE-2016-0053 — CVSS 7.8 (high): Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Office Compatibility Pack SP3, Word…
CVE-2016-0127 — CVSS 7.8 (high): Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office Compatibility Pack SP3, Word Viewer, Word…
CVE-2016-0134 — CVSS 7.8 (high): Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac…
CVE-2016-3282 — CVSS 7.8 (high): Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac…
CVE-2016-3357 — CVSS 7.8 (high): Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Word for Mac 2011, Word 2016 for Mac, Word…
CVE-2018-8577 — CVSS 7.8 (high): A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka…
CVE-2019-1201 — CVSS 7.8 (high): A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who…
CVE-2016-0025 — CVSS 7.3 (high): Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office 2016, Word 2016, Word for Mac 2011, Word…
CVE-2019-0561 — CVSS 5.5 (medium): An information disclosure vulnerability exists when Microsoft Word macro buttons are used improperly, aka "Microsoft Word Information…
CVE-2017-0195 — CVSS 5.4 (medium): Microsoft Excel Services on Microsoft SharePoint Server 2010 SP1 and SP2, Microsoft Excel Web Apps 2010 SP2, Microsoft Office Web Apps 2010…
CVE-2014-1754 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2013 Gold and SP1, SharePoint Foundation 2013 Gold and SP1, Office…
CVE-2018-0919 — CVSS 3.3 (low): Microsoft Office 2010 SP2, 2013 SP1, and 2016, Microsoft Office 2016 Click-to-Run Microsoft Office 2016 for Mac, Microsoft Office Web Apps…