518 matches found
The vulnerability of Microsoft Office and Microsoft 365 Apps for Enterprise packages relates to operations that occur outside of the buffer in memory, allowing attackers to disclose protected information.
The vulnerability of Microsoft Office and Microsoft 365 Apps for Enterprise packages is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is protected by these applications...
CVE-2026-45472
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...
CVE-2026-45456
Access of resource using incompatible type 'type confusion' in Microsoft Office allows an unauthorized attacker to execute code locally...
CVE-2026-45645
Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally...
CVE-2026-45460
Buffer over-read in Microsoft Office allows an unauthorized attacker to disclose information locally...
CVE-2026-45463 Microsoft Office Remote Code Execution Vulnerability
...
CVE-2026-45463 Microsoft Office Remote Code Execution Vulnerability
...
CVE-2026-45460 Microsoft Office Information Disclosure Vulnerability
...
CVE-2026-44824
CVE-2026-44824 affects Microsoft Office and is a heap-based buffer overflow that enables local code execution. The issue requires user interaction and has a CVSS v3.1 base score of 7.8 (HIGH) with LOCAL attack vector, no privileges required, and high impact on confidentiality, integrity, and avai...
CVE-2026-44821 Microsoft Office Information Disclosure Vulnerability
...
CVE-2026-44818
CVE-2026-44818 affects Microsoft Excel. A integer underflow (wrap/wraparound) in Excel is described as allowing an unauthorized attacker to execute code locally. The associated CVSS 3.1 vector indicates Local attack vector, high impact on confidentiality, integrity, and availability, with High pr...
CVE-2026-45485
CVE-2026-45485: In Microsoft Office, an out-of-bounds read leads to local information disclosure. Documents confirm the vulnerability and its impact (local disclosure) with low severity (CVSS 3.1:3.3). Exploitation details and affected component/version specifics are not provided in the supplied ...
CVE-2026-45474 Microsoft Office Remote Code Execution Vulnerability
...
CVE-2026-45475 Microsoft Office Remote Code Execution Vulnerability
...
Microsoft Excel Remote Code Execution Vulnerability
Access of resource using incompatible type 'type confusion' in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
KLA91068 ACE vulnerability in Microsoft Office
A remote code execution vulnerability was found in Microsoft Office. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2026-45659 Exploitation Public exploits exist for this vulnerability. Related products Microsoft-SharePoint CVE list CVE-2026-4565...
CVE-2026-40361
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...
CVE-2026-40420 Microsoft Office Click-To-Run Elevation of Privilege Vulnerability
...
CVE-2026-40363 Microsoft Office Remote Code Execution Vulnerability
...
CVE-2026-40363 Microsoft Office Remote Code Execution Vulnerability
...