Microsoft Onenote
7 CVEs affecting Microsoft Onenote. Latest disclosed: 2025-01-14. Critical: 0, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-8509 | High | 8.8 | 2017-06-15 | A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Executio… |
CVE-2014-2815 | High | 8.8 | 2014-08-12 | Microsoft OneNote 2007 SP3 allows remote attackers to execute arbitrary code via a crafted OneNote file that triggers creation of an executable file in a start… |
CVE-2025-21402 | High | 7.8 | 2025-01-14 | Microsoft Office OneNote Remote Code Execution Vulnerability |
CVE-2017-0197 | High | 7.8 | 2017-04-12 | Microsoft OneNote 2007 SP3 and Microsoft OneNote 2010 SP2 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office DLL Lo… |
CVE-2024-41159 | High | 7.1 | 2024-12-18 | A library injection vulnerability exists in Microsoft OneNote 16.83 for macOS. A specially crafted library can leverage OneNote's access privileges, leading to… |
CVE-2016-3315 | Medium | 5.5 | 2016-08-09 | Microsoft OneNote 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, and 2016 for Mac allow remote attackers to obtain sensitive information via a crafted OneNot… |
CVE-2015-2503 | | 2015-11-11 | Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word… |