421 matches found
CVE-2018-8558
An information disclosure vulnerability exists when Microsoft Outlook fails to respect "Default link type" settings configured via the SharePoint Online Admin Center, aka "Microsoft Outlook Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office. This CVE ID is uniq...
CVE-2018-8598
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8627.
CVE-2019-1204
An elevation of privilege vulnerability exists when Microsoft Outlook initiates processing of incoming messages without sufficient validation of the formatting of the messages. An attacker who successfully exploited the vulnerability could attempt to force Outlook to load a local or remote message ...
CVE-2018-8427
An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka "Microsoft Graphics Components Information Disclosure Vulnerability." This affects Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Windows Server 2008, Micr...
CVE-2025-24078
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-47165
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2018-8576
A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook. This CVE ID is unique from CVE-2018-8522,...
CVE-2018-8597
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8...
CVE-2024-43616
Microsoft Office Remote Code Execution Vulnerability
CVE-2025-24080
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-24082
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-27745
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-27746
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2018-8504
A remote code execution vulnerability exists in Microsoft Word software when the software fails to properly handle objects in Protected View, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Microsoft SharePoint Server, Office 365 ProPlus, Microsoft Office, Microsoft Word.
CVE-2020-16855
An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory.Exploitation of the vulnerab...
CVE-2024-43463
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2025-24079
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2018-8579
An information disclosure vulnerability exists when attaching files to Outlook messages, aka "Microsoft Outlook Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office. This CVE ID is unique from CVE-2018-8558.
CVE-2025-47164
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2018-8501
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in Protected View, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Office 365 ProPlus, PowerPoint Viewer, Microsoft Office, Microsoft PowerPo...
CVE-2023-36009
Microsoft Word Information Disclosure Vulnerability
CVE-2025-24057
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-21394
Microsoft Excel Remote Code Execution Vulnerability
CVE-2022-38001
Microsoft Office Spoofing Vulnerability
CVE-2025-30386
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-47168
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-32704
Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-24083
Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-21390
Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-24075
Stack-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2024-49029
Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-30377
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-21386
Microsoft Excel Remote Code Execution Vulnerability
CVE-2024-49032
Microsoft Office Graphics Remote Code Execution Vulnerability
CVE-2025-21383
Microsoft Excel Information Disclosure Vulnerability
CVE-2025-47169
Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2024-49027
Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-47173
Improper input validation in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-30383
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-29979
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-30375
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-30376
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-47171
Improper input validation in Microsoft Office Outlook allows an authorized attacker to execute code locally.
CVE-2025-30379
Release of invalid pointer or reference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-29977
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-30381
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-49697
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-49696
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-47994
Deserialization of untrusted data in Microsoft Office allows an unauthorized attacker to elevate privileges locally.
CVE-2025-49695
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.