Office@* Security Vulnerabilities and Issues — Office@* CVE List

Lucene search

MicrosoftOffice*

32 matches found

CVE•added 2025/01/14 6:16 p.m.•93 views

CVE-2025-21346

Microsoft Office Security Feature Bypass Vulnerability

7.8CVSS6.8AI score0.00204EPSS

CVE•added 2025/04/08 6:16 p.m.•93 views

CVE-2025-29792

Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.

7.3CVSS7.5AI score0.00178EPSS

CVE•added 2025/04/08 6:16 p.m.•90 views

CVE-2025-29791

Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.

7.8CVSS7.5AI score0.0143EPSS

CVE•added 2025/04/08 6:16 p.m.•88 views

CVE-2025-27744

Improper access control in Microsoft Office allows an authorized attacker to elevate privileges locally.

7.8CVSS7AI score0.00061EPSS

CVE•added 2025/04/08 6:16 p.m.•86 views

CVE-2025-27749

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

7.8CVSS7.8AI score0.00742EPSS

CVE•added 2025/04/08 6:16 p.m.•86 views

CVE-2025-29820

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

7.8CVSS7.8AI score0.00079EPSS

CVE•added 2025/06/10 5:23 p.m.•86 views

CVE-2025-47167

Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.

8.4CVSS8.4AI score0.00163EPSS

CVE•added 2025/04/08 6:15 p.m.•85 views

CVE-2025-26642

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.

7.8CVSS7.4AI score0.001EPSS

CVE•added 2025/01/14 6:15 p.m.•84 views

CVE-2025-21338

GDI+ Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.00266EPSS

CVE•added 2025/04/08 6:16 p.m.•84 views

CVE-2025-27752

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS8AI score0.00742EPSS

CVE•added 2025/04/08 6:16 p.m.•82 views

CVE-2025-27748

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

7.8CVSS7.8AI score0.00742EPSS

CVE•added 2025/02/11 6:15 p.m.•76 views

CVE-2025-21392

Microsoft Office Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.0015EPSS

CVE•added 2025/04/08 6:16 p.m.•76 views

CVE-2025-29816

Improper input validation in Microsoft Office Word allows an unauthorized attacker to bypass a security feature over a network.

7.5CVSS7.1AI score0.00027EPSS

CVE•added 2025/04/08 6:15 p.m.•74 views

CVE-2025-26687

Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network.

7.5CVSS7.5AI score0.0006EPSS

CVE•added 2025/06/10 5:23 p.m.•73 views

CVE-2025-47162

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

8.4CVSS8.6AI score0.00063EPSS

CVE•added 2025/03/11 5:16 p.m.•72 views

CVE-2025-24080

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

7.8CVSS7.6AI score0.00158EPSS

CVE•added 2025/04/08 6:16 p.m.•71 views

CVE-2025-27745

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

7.8CVSS7.8AI score0.00742EPSS

CVE•added 2025/04/08 6:16 p.m.•71 views

CVE-2025-27746

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

7.8CVSS7.8AI score0.00079EPSS

CVE•added 2025/06/10 5:24 p.m.•69 views

CVE-2025-47953

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

8.4CVSS8.8AI score0.00067EPSS

CVE•added 2025/03/11 5:16 p.m.•67 views

CVE-2025-24057

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

7.8CVSS7.8AI score0.00302EPSS

CVE•added 2025/05/13 5:16 p.m.•64 views

CVE-2025-30386

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

8.4CVSS7.8AI score0.00063EPSS

CVE•added 2025/03/11 5:16 p.m.•63 views

CVE-2025-24083

Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally.

7.8CVSS7.7AI score0.00158EPSS

CVE•added 2025/05/13 5:16 p.m.•61 views

CVE-2025-30377

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

8.4CVSS8.9AI score0.00066EPSS

CVE•added 2025/06/10 5:23 p.m.•61 views

CVE-2025-47164

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

8.4CVSS8.8AI score0.00063EPSS

CVE•added 2025/06/10 5:23 p.m.•52 views

CVE-2025-47173

Improper input validation in Microsoft Office allows an unauthorized attacker to execute code locally.

7.8CVSS7.7AI score0.00059EPSS

CVE•added 2025/05/13 5:16 p.m.•51 views

CVE-2025-30388

Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.

7.8CVSS8AI score0.00079EPSS

CVE•added 2025/05/13 5:15 p.m.•49 views

CVE-2025-29979

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

7.8CVSS8.1AI score0.00079EPSS

CVE•added 2025/07/08 5:15 p.m.•22 views

CVE-2025-49697

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

8.4CVSS7.3AI score0.00057EPSS

CVE•added 2025/07/08 5:15 p.m.•19 views

CVE-2025-49696

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.

8.4CVSS6.8AI score0.00075EPSS

CVE•added 2025/07/08 5:15 p.m.•18 views

CVE-2025-49695

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

8.4CVSS7.3AI score0.00075EPSS

CVE•added 2025/07/08 5:15 p.m.•17 views

CVE-2025-47994

Deserialization of untrusted data in Microsoft Office allows an unauthorized attacker to elevate privileges locally.

8.6CVSS6.4AI score0.00136EPSS

CVE•added 2025/07/08 5:15 p.m.•15 views

CVE-2025-49702

Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.

7.8CVSS6.9AI score0.00117EPSS