408 matches found
CVE-2025-21366
Microsoft Access Remote Code Execution Vulnerability
CVE-2025-27749
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-29820
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-47167
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2018-8627
An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Micros...
CVE-2020-17067
Microsoft Excel Security Feature Bypass Vulnerability
CVE-2021-38653
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2023-36565
Microsoft Office Graphics Elevation of Privilege Vulnerability
CVE-2025-26642
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2022-38049
Microsoft Office Graphics Remote Code Execution Vulnerability
CVE-2025-24081
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-27752
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2019-1463
An information disclosure vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory, aka 'Microsoft Access Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1400.
CVE-2021-24108
Microsoft Office Remote Code Execution Vulnerability
CVE-2023-33153
Microsoft Outlook Remote Code Execution Vulnerability
CVE-2023-33158
Microsoft Excel Remote Code Execution Vulnerability
CVE-2018-8522
A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook. This CVE ID is unique from CVE-2018-8524,...
CVE-2018-8573
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Microsoft Word, Office 365 ProPlus, Microsoft Office. This CVE ID is unique from CVE-2018-8539.
CVE-2019-0674
A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0671, CVE-2019-0672, CVE-2019-0673, CVE-...
CVE-2019-1449
A security feature bypass vulnerability exists in the way that Office Click-to-Run (C2R) components handle a specially crafted file, which could lead to a standard user, any AppContainer sandbox, and Office LPAC Protected View to escalate privileges to SYSTEM.To exploit this bug, an attacker would ...
CVE-2020-1321
A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory, aka 'Microsoft Office Remote Code Execution Vulnerability'.
CVE-2020-16928
An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. An attacker who successfully exploited the vulnerability could elevate privileges.To exploit this vulnerability, an attacker would need to convince a user to open a speci...
CVE-2023-33162
Microsoft Excel Information Disclosure Vulnerability
CVE-2024-49030
Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-27748
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2019-0825
A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0823, CVE-2019-0824, CVE-2019-0826, CVE-...
CVE-2019-0826
A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0823, CVE-2019-0824, CVE-2019-0825, CVE-...
CVE-2020-16934
An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. An attacker who successfully exploited the vulnerability could elevate privileges.To exploit this vulnerability, an attacker would need to convince a user to open a speci...
CVE-2024-43465
Microsoft Excel Elevation of Privilege Vulnerability
CVE-2021-27054
Microsoft Excel Remote Code Execution Vulnerability
CVE-2021-27055
Microsoft Visio Security Feature Bypass Vulnerability
CVE-2021-38654
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2022-44694
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2022-44696
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2022-44713
Microsoft Outlook for Mac Spoofing Vulnerability
CVE-2024-43505
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2024-49028
Microsoft Excel Remote Code Execution Vulnerability
CVE-2018-8524
A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook. This CVE ID is unique from CVE-2018-8522,...
CVE-2021-42293
Microsoft Jet Red Database Engine and Access Connectivity Engine Elevation of Privilege Vulnerability
CVE-2024-49065
Microsoft Office Remote Code Execution Vulnerability
CVE-2020-17063
Microsoft Office Online Spoofing Vulnerability
CVE-2024-49059
Microsoft Office Elevation of Privilege Vulnerability
CVE-2019-1199
A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative ...
CVE-2021-42295
Visual Basic for Applications Information Disclosure Vulnerability
CVE-2021-43255
Microsoft Office Trust Center Spoofing Vulnerability
CVE-2025-21392
Microsoft Office Remote Code Execution Vulnerability
CVE-2025-29816
Improper input validation in Microsoft Office Word allows an unauthorized attacker to bypass a security feature over a network.
CVE-2018-8558
An information disclosure vulnerability exists when Microsoft Outlook fails to respect "Default link type" settings configured via the SharePoint Online Admin Center, aka "Microsoft Outlook Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office. This CVE ID is uniq...
CVE-2018-8598
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8627.
CVE-2019-1204
An elevation of privilege vulnerability exists when Microsoft Outlook initiates processing of incoming messages without sufficient validation of the formatting of the messages. An attacker who successfully exploited the vulnerability could attempt to force Outlook to load a local or remote message ...