Microsoft

Onenote

15 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2025-29822

  • EPSS 0.21%
  • Published 08.04.2025 17:23:32
  • Last modified 08.07.2025 17:12:21

Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker to bypass a security feature locally.

7.8

CVE-2025-21402

  • EPSS 0.21%
  • Published 14.01.2025 18:16:04
  • Last modified 27.01.2025 18:34:23

Microsoft Office OneNote Remote Code Execution Vulnerability

7.1

CVE-2024-41159

Exploit
  • EPSS 0.01%
  • Published 18.12.2024 23:15:08
  • Last modified 25.08.2025 14:02:49

A library injection vulnerability exists in Microsoft OneNote 16.83 for macOS. A specially crafted library can leverage OneNote's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program ...

5.4

CVE-2023-36769

  • EPSS 0.1%
  • Published 06.11.2023 23:15:10
  • Last modified 28.02.2025 20:15:45

Microsoft OneNote Spoofing Vulnerability

6.5

CVE-2023-33140

Exploit
  • EPSS 4.96%
  • Published 14.06.2023 00:15:12
  • Last modified 10.04.2025 19:19:37

Microsoft OneNote Spoofing Vulnerability

6.5

CVE-2023-21721

  • EPSS 1.45%
  • Published 14.02.2023 20:15:14
  • Last modified 21.11.2024 07:43:30

Microsoft OneNote Elevation of Privilege Vulnerability

9.3

CVE-2017-8509

  • EPSS 7.05%
  • Published 15.06.2017 01:29:03
  • Last modified 20.04.2025 01:37:25

A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, C...

9.3

CVE-2017-0197

  • EPSS 27.81%
  • Published 12.04.2017 14:59:01
  • Last modified 20.04.2025 01:37:25

Microsoft OneNote 2007 SP3 and Microsoft OneNote 2010 SP2 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office DLL Loading Vulnerability."

5.5

CVE-2016-3315

  • EPSS 34.66%
  • Published 09.08.2016 21:59:21
  • Last modified 12.04.2025 10:46:40

Microsoft OneNote 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, and 2016 for Mac allow remote attackers to obtain sensitive information via a crafted OneNote file, aka "Microsoft OneNote Information Disclosure Vulnerability."

9.3

CVE-2015-2503

  • EPSS 19.43%
  • Published 11.11.2015 11:59:18
  • Last modified 12.04.2025 10:46:40

Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 S...