30 matches found
CVE-2026-40418
Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally...
CVE-2026-35436
Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally...
EUVD-2026-29677
Improper access control in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally...
CVE-2026-40420
Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally...
CVE-2026-40418
Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally...
CVE-2026-35436
Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally...
CVE-2026-40420
Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally...
CVE-2026-40418 Microsoft Office Click-To-Run Elevation of Privilege Vulnerability
...
CVE-2026-40419 Microsoft Office Click-To-Run Elevation of Privilege Vulnerability
...
Microsoft Office Click-To-Run Elevation of Privilege Vulnerability
Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally...
PT-2026-40188
Name of the Vulnerable Software and Affected Versions Microsoft Office Click-To-Run affected versions not specified Description Insufficient granularity of access control in the Click-to-Run C2R technology of Microsoft Office and Microsoft 365 Apps for Enterprise allows an authorized attacker to...
PT-2026-40228
Use after free in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally...
PT-2026-40230
Improper access control in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally...
Security Updates for Microsoft Office Products C2R (October 2025)
The Microsoft Office Products are missing security updates. It is, therefore, affected by multiple vulnerabilities: - Remote code execution vulnerabilities that attackers can exploit to bypass authentication and execute unauthorized arbitrary commands. CVE-2025-59227, CVE-2025-59234 - A denial of...
EUVD-2019-10006
Malware in sbrugna...
CVE-2019-1449
A security feature bypass vulnerability exists in the way that Office Click-to-Run C2R components handle a specially crafted file, which could lead to a standard user, any AppContainer sandbox, and Office LPAC Protected View to escalate privileges to SYSTEM.To exploit this bug, an attacker would...
CVE-2023-36568
Microsoft Office Click-To-Run Elevation of Privilege Vulnerability...
Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Sep 2023)
This host is missing a critical security update according to Microsoft Office Click-to-Run update September 2023 SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
CVE-2020-16934
An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run C2R AppVLP handles certain files. An attacker who successfully exploited the vulnerability could elevate privileges. To exploit this vulnerability, an attacker would need to convince a user to open a...
CVE-2020-16928
An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run C2R AppVLP handles certain files. An attacker who successfully exploited the vulnerability could elevate privileges. To exploit this vulnerability, an attacker would need to convince a user to open a...