Lucene search

K
MicrosoftOffice

950 matches found

CVE
CVE
added 2025/07/08 5:15 p.m.43 views

CVE-2025-47994

Deserialization of untrusted data in Microsoft Office allows an unauthorized attacker to elevate privileges locally.

8.6CVSS6.4AI score0.00174EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.43 views

CVE-2025-49696

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.

8.4CVSS6.8AI score0.00086EPSS
CVE
CVE
added 2007/01/09 10:0 p.m.42 views

CVE-2006-5574

Unspecified vulnerability in the Brazilian Portuguese Grammar Checker in Microsoft Office 2003 and the Multilingual Interface for Office 2003, Project 2003, and Visio 2003 allows user-assisted remote attackers to execute arbitrary code via crafted text that is not properly parsed.

9.3CVSS7.6AI score0.3955EPSS
CVE
CVE
added 2007/06/07 9:30 p.m.42 views

CVE-2007-3109

The CERN Image Map Dispatcher (htimage.exe) in Microsoft FrontPage allows remote attackers to determine the existence, and possibly partial contents, of arbitrary files under the web root via a relative pathname in the PATH_INFO.

6.4CVSS6.7AI score0.1688EPSS
CVE
CVE
added 2007/12/13 7:46 p.m.42 views

CVE-2007-6329

Microsoft Office 2007 12.0.6015.5000 and MSO 12.0.6017.5000 do not sign the metadata of Office Open XML (OOXML) documents, which makes it easier for remote attackers to modify Dublin Core metadata fields, as demonstrated by the (1) LastModifiedBy and (2) creator fields in docProps/core.xml in the O...

6.4CVSS6.6AI score0.22475EPSS
CVE
CVE
added 2008/03/11 11:44 p.m.42 views

CVE-2008-0114

Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office for Mac 2004 allows user-assisted remote attackers to execute arbitrary code via crafted Style records that trigger memory corruption.

9.3CVSS9.7AI score0.61261EPSS
CVE
CVE
added 2008/05/13 10:20 p.m.42 views

CVE-2008-0119

Unspecified vulnerability in Microsoft Publisher in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 SP1 and earlier allows remote attackers to execute arbitrary code via a Publisher file with crafted object header data that triggers memory corruption, aka "Publisher Object Handler Validation Vul...

9.3CVSS7.3AI score0.53903EPSS
CVE
CVE
added 2010/10/13 7:0 p.m.42 views

CVE-2010-2750

Array index error in Microsoft Word 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Word document that triggers memory corruption, aka "Word Index Vulnerability."

9.3CVSS7.4AI score0.57317EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.42 views

CVE-2025-49703

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

7.8CVSS7.3AI score0.00079EPSS
CVE
CVE
added 2014/09/19 10:55 a.m.41 views

CVE-2006-1318

Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, Office 2004 for Mac, and Office X for Mac do not properly parse record lengths, which allows remote attackers to execute arbitrary code via a malformed control in an Office document, aka "Microsoft Office Control Vulnerability."

9.3CVSS7.8AI score0.1806EPSS
CVE
CVE
added 2007/02/13 9:28 p.m.41 views

CVE-2007-0208

Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 to 2006, and Office 2004 for Mac does not correctly check the properties of certain documents and warn the user of macro content, which allows user-assisted remote attackers to execute arbitrary code.

9.3CVSS7.2AI score0.57631EPSS
CVE
CVE
added 2008/03/11 11:44 p.m.41 views

CVE-2008-0110

Unspecified vulnerability in Microsoft Outlook in Office 2000 SP3, XP SP3, 2003 SP2 and Sp3, and Office System allows user-assisted remote attackers to execute arbitrary code via a crafted mailto URI.

9.3CVSS7.2AI score0.54784EPSS
CVE
CVE
added 2008/05/13 10:20 p.m.41 views

CVE-2008-1091

Unspecified vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via a Rich Text Format (.rtf) file with a malformed string that triggers a "memory calculation error" and a heap-based bu...

9.3CVSS7.4AI score0.62379EPSS
CVE
CVE
added 2013/09/11 2:3 p.m.41 views

CVE-2013-3853

Microsoft Office 2007 SP3 and Word 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3854.

9.3CVSS7.6AI score0.52849EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.41 views

CVE-2025-49695

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

8.4CVSS7.3AI score0.00086EPSS
CVE
CVE
added 2007/01/09 11:28 p.m.40 views

CVE-2007-0034

Buffer overflow in the Advanced Search (Finder.exe) feature of Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted Outlook Saved Searches (OSS) file that triggers memory corruption, aka "Microsoft Outlook Advanced Find Vulnerability."

9.3CVSS7.5AI score0.6293EPSS
CVE
CVE
added 2009/09/13 10:30 p.m.40 views

CVE-2008-7217

Microsoft Office 2008 for Mac, when running on Macintosh systems that restrict Office access to administrators, does not enforce this restriction for user ID 502, which allows local users with that ID to bypass intended security policy and access Office programs, related to permissions and ownershi...

4.6CVSS6.6AI score0.00253EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.40 views

CVE-2025-49700

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

7.8CVSS7.3AI score0.00079EPSS
CVE
CVE
added 2002/06/25 4:0 a.m.39 views

CVE-2002-0021

Network Product Identification (PID) Checker in Microsoft Office v. X for Mac allows remote attackers to cause a denial of service (crash) via a malformed product announcement.

5CVSS6.9AI score0.19067EPSS
CVE
CVE
added 2006/09/05 5:4 p.m.39 views

CVE-2006-4534

Unspecified vulnerability in Microsoft Word 2000, 2002, and Office 2003 allows remote user-assisted attackers to execute arbitrary code via unspecified vectors involving a crafted file resulting in a malformed stack, as exploited by malware with names including Trojan.Mdropper.Q, Mofei, and Femo.

9.3CVSS7.4AI score0.46692EPSS
CVE
CVE
added 2007/10/09 10:17 p.m.39 views

CVE-2007-3899

Unspecified vulnerability in Microsoft Word 2000 SP3, Word 2002 SP3, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a malformed string in a Word file, aka "Word Memory Corruption Vulnerability."

9.3CVSS7.5AI score0.51546EPSS
CVE
CVE
added 2013/09/11 2:3 p.m.39 views

CVE-2013-3859

Microsoft Pinyin IME 2010, when used in conjunction with Microsoft Office 2010 SP1, does not properly restrict configuration options, which allows local users to gain privileges by starting Internet Explorer from the IME toolbar, aka "Chinese IME Vulnerability."

6.9CVSS6.5AI score0.00461EPSS
CVE
CVE
added 2025/08/12 6:15 p.m.36 views

CVE-2025-53733

Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally.

8.4CVSS7.5AI score0.00158EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.34 views

CVE-2025-49711

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS7.3AI score0.00079EPSS
CVE
CVE
added 2025/08/12 6:15 p.m.29 views

CVE-2025-53737

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS8AI score0.00068EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.28 views

CVE-2025-49699

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

7CVSS7.3AI score0.00072EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.27 views

CVE-2025-48812

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

5.5CVSS6AI score0.00058EPSS
CVE
CVE
added 2025/08/12 6:15 p.m.27 views

CVE-2025-53735

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS7.8AI score0.00068EPSS
CVE
CVE
added 2025/08/12 6:15 p.m.26 views

CVE-2025-53732

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

7.8CVSS8AI score0.00068EPSS
CVE
CVE
added 2025/08/12 6:15 p.m.23 views

CVE-2025-53731

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

8.4CVSS7.8AI score0.00063EPSS
CVE
CVE
added 2025/08/12 6:15 p.m.23 views

CVE-2025-53740

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

8.4CVSS7.8AI score0.00063EPSS
CVE
CVE
added 2025/08/12 6:15 p.m.18 views

CVE-2025-53741

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS8AI score0.00068EPSS
CVE
CVE
added 2025/08/12 6:15 p.m.17 views

CVE-2025-53730

Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.

7.8CVSS7.8AI score0.00068EPSS
CVE
CVE
added 2025/09/09 5:16 p.m.17 views

CVE-2025-54905

Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

7.1CVSS6AI score0.00055EPSS
CVE
CVE
added 2025/09/09 5:16 p.m.17 views

CVE-2025-54906

Free of memory not on the heap in Microsoft Office allows an unauthorized attacker to execute code locally.

7.8CVSS6.8AI score0.00062EPSS
CVE
CVE
added 2025/09/09 5:16 p.m.17 views

CVE-2025-54910

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

8.4CVSS7.2AI score0.00057EPSS
CVE
CVE
added 2025/08/12 6:15 p.m.16 views

CVE-2025-53736

Buffer over-read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

6.8CVSS6.7AI score0.00051EPSS
CVE
CVE
added 2025/08/12 6:15 p.m.16 views

CVE-2025-53761

Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

7.8CVSS7.7AI score0.00068EPSS
CVE
CVE
added 2025/08/12 6:15 p.m.15 views

CVE-2025-53734

Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.

7.8CVSS7.8AI score0.00068EPSS
CVE
CVE
added 2025/08/12 6:15 p.m.15 views

CVE-2025-53738

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

7.8CVSS7.8AI score0.00068EPSS
CVE
CVE
added 2025/08/12 6:15 p.m.15 views

CVE-2025-53759

Use of uninitialized resource in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS7.5AI score0.00129EPSS
CVE
CVE
added 2025/08/12 6:15 p.m.14 views

CVE-2025-53739

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS7.5AI score0.00129EPSS
CVE
CVE
added 2025/09/09 5:16 p.m.12 views

CVE-2025-54907

Heap-based buffer overflow in Microsoft Office Visio allows an unauthorized attacker to execute code locally.

7.8CVSS7.2AI score0.00062EPSS
CVE
CVE
added 2025/09/09 5:16 p.m.11 views

CVE-2025-54898

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS6.8AI score0.00062EPSS
CVE
CVE
added 2025/09/09 5:16 p.m.11 views

CVE-2025-54900

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS7.2AI score0.00062EPSS
CVE
CVE
added 2025/09/09 5:16 p.m.11 views

CVE-2025-54903

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS7AI score0.00062EPSS
CVE
CVE
added 2025/09/09 5:16 p.m.11 views

CVE-2025-54904

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS7AI score0.00062EPSS
CVE
CVE
added 2025/09/09 5:16 p.m.11 views

CVE-2025-54908

Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

7.8CVSS7AI score0.00062EPSS
CVE
CVE
added 2025/09/09 5:16 p.m.10 views

CVE-2025-54896

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS7AI score0.00062EPSS
CVE
CVE
added 2025/09/09 5:16 p.m.10 views

CVE-2025-54899

Free of memory not on the heap in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS6.8AI score0.00062EPSS
Total number of security vulnerabilities950