Word@2016 Security Vulnerabilities and Issues — Word@2016 CVE List

Lucene search

MicrosoftWord2016

103 matches found

CVE•added 2018/01/10 1:29 a.m.•2248 views

CVE-2018-0802

Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797 a...

9.3CVSS8.5AI score0.94103EPSS

CVE•added 2018/01/10 1:29 a.m.•1241 views

CVE-2018-0798

Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability".

9.3CVSS8.8AI score0.9418EPSS

CVE•added 2019/01/08 9:29 p.m.•1134 views

CVE-2019-0585

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft SharePoint, Microsof...

9.3CVSS8.3AI score0.32912EPSS

CVE•added 2017/10/13 1:29 p.m.•914 views

CVE-2017-11826

Microsoft Office 2010, SharePoint Enterprise Server 2010, SharePoint Server 2010, Web Applications, Office Web Apps Server 2010 and 2013, Word Viewer, Word 2007, 2010, 2013 and 2016, Word Automation Services, and Office Online Server allow remote code execution when the software fails to properly h...

9.3CVSS7.9AI score0.89654EPSS

CVE•added 2016/10/14 2:59 a.m.•906 views

CVE-2016-7193

Microsoft Word 2007 SP2, Office 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 201...

9.3CVSS7.8AI score0.78411EPSS

CVE•added 2023/09/12 5:15 p.m.•756 views

CVE-2023-36761

Microsoft Word Information Disclosure Vulnerability

6.5CVSS6AI score0.0371EPSS

CVE•added 2023/09/12 5:15 p.m.•537 views

CVE-2023-36762

Microsoft Word Remote Code Execution Vulnerability

7.3CVSS7.3AI score0.00128EPSS

CVE•added 2024/02/13 6:15 p.m.•349 views

CVE-2024-20673

Microsoft Office Remote Code Execution Vulnerability

7.8CVSS7.7AI score0.00408EPSS

CVE•added 2024/11/12 6:15 p.m.•261 views

CVE-2024-49033

Microsoft Word Security Feature Bypass Vulnerability

7.5CVSS7.4AI score0.03753EPSS

CVE•added 2017/05/12 2:29 p.m.•238 views

CVE-2017-0281

Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2016, Office Online Server 2016, Office Web Apps 2010 SP2,Office Web Apps 2013 SP1, Project Server 2013 SP1, SharePoint Enterprise Server 2013 SP1, SharePoint Enterprise Server 2016, SharePoint Foundation 2013 SP1, Sharepoint Serve...

9.3CVSS8.1AI score0.92255EPSS

CVE•added 2024/02/13 6:15 p.m.•232 views

CVE-2024-21379

Microsoft Word Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.00411EPSS

CVE•added 2022/03/09 5:15 p.m.•216 views

CVE-2022-24511

Microsoft Office Word Tampering Vulnerability

5.5CVSS5.6AI score0.00689EPSS

CVE•added 2023/05/09 6:15 p.m.•193 views

CVE-2023-29335

Microsoft Word Security Feature Bypass Vulnerability

7.5CVSS7.4AI score0.00434EPSS

CVE•added 2021/07/16 9:15 p.m.•191 views

CVE-2021-34452

Microsoft Word Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.0082EPSS

CVE•added 2021/10/13 1:15 a.m.•185 views

CVE-2021-40486

Microsoft Word Remote Code Execution Vulnerability

7.8CVSS7.7AI score0.02746EPSS

CVE•added 2020/07/14 11:15 p.m.•179 views

CVE-2020-1446

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1447, CVE-2020-1448.

8.8CVSS8.8AI score0.43263EPSS

CVE•added 2020/10/16 11:15 p.m.•175 views

CVE-2020-16933

<p>A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file...

8.8CVSS6.6AI score0.0284EPSS

CVE•added 2018/01/10 1:29 a.m.•166 views

CVE-2018-0797

Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way RTF content is handled, aka "Microsoft Word Memory Corruption Vulnerability".

9.3CVSS8.2AI score0.44732EPSS

CVE•added 2020/04/15 3:15 p.m.•166 views

CVE-2020-0760

A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991.

8.8CVSS8.5AI score0.34566EPSS

CVE•added 2019/08/14 9:15 p.m.•155 views

CVE-2019-1201

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. The file could then...

9.3CVSS7.8AI score0.12398EPSS

CVE•added 2022/05/10 9:15 p.m.•155 views

CVE-2022-29107

Microsoft Office Security Feature Bypass Vulnerability

5.5CVSS5.6AI score0.02947EPSS

CVE•added 2021/05/11 7:15 p.m.•153 views

CVE-2021-31177

Microsoft Office Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.03529EPSS

CVE•added 2018/01/10 1:29 a.m.•152 views

CVE-2018-0812

Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Memory Corruption Vulnerability".

9.3CVSS8.2AI score0.38537EPSS

CVE•added 2022/01/11 9:15 p.m.•148 views

CVE-2022-21842

Microsoft Word Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.01897EPSS

CVE•added 2021/04/13 8:15 p.m.•145 views

CVE-2021-28453

Microsoft Word Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.0241EPSS

CVE•added 2016/06/16 1:59 a.m.•143 views

CVE-2016-0025

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office 2016, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Offi...

9.3CVSS7.2AI score0.2879EPSS

CVE•added 2021/05/11 7:15 p.m.•140 views

CVE-2021-31180

Microsoft Office Graphics Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.03334EPSS

CVE•added 2021/01/12 8:15 p.m.•136 views

CVE-2021-1715

Microsoft Word Remote Code Execution Vulnerability

9.3CVSS7.8AI score0.0208EPSS

CVE•added 2020/03/12 4:15 p.m.•133 views

CVE-2020-0850

8.8CVSS7.9AI score0.33652EPSS

CVE•added 2020/08/17 7:15 p.m.•131 views

CVE-2020-1583

An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data.To exploit the vulnerability, an attacker could craft a special documen...

8.8CVSS8AI score0.18011EPSS

CVE•added 2021/05/11 7:15 p.m.•130 views

CVE-2021-31178

Microsoft Office Information Disclosure Vulnerability

5.5CVSS6.1AI score0.14912EPSS

CVE•added 2017/06/15 1:29 a.m.•128 views

CVE-2017-8509

A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, CVE-2017-0260, and CVE-2017-8506.

9.3CVSS7.2AI score0.36403EPSS

CVE•added 2018/01/10 1:29 a.m.•125 views

CVE-2018-0793

Microsoft Outlook 2007, Microsoft Outlook 2010 and Microsoft Outlook 2013 allow a remote code execution vulnerability due to the way email messages are parsed, aka "Microsoft Outlook Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0791.

9.3CVSS8.3AI score0.41375EPSS

CVE•added 2019/05/16 7:29 p.m.•119 views

CVE-2019-0953

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'.

9.3CVSS7.9AI score0.25636EPSS

CVE•added 2020/04/15 3:15 p.m.•118 views

CVE-2020-0980

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'.

9.3CVSS8.3AI score0.33652EPSS

CVE•added 2022/11/09 10:15 p.m.•116 views

CVE-2022-41061

Microsoft Word Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.00249EPSS

CVE•added 2025/04/08 6:16 p.m.•115 views

CVE-2025-27747

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

7.8CVSS7.8AI score0.00079EPSS

CVE•added 2018/01/10 1:29 a.m.•114 views

CVE-2018-0804

9.3CVSS8.3AI score0.36911EPSS

CVE•added 2020/07/14 11:15 p.m.•113 views

CVE-2020-1342

An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka 'Microsoft Office Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1445.

5.5CVSS6AI score0.28299EPSS

CVE•added 2017/05/12 2:29 p.m.•111 views

CVE-2017-0254

Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Office for Mac 2011, Office for Mac 2016, Microsoft Office Web Apps 2010 SP2, Office Web Apps Server 2013 SP1, Word 2013 RT SP1, Word 2013 SP1, Word Automation Services on Microsoft SharePoint Server 2013 SP1, Offic...

9.3CVSS7.6AI score0.29025EPSS

CVE•added 2020/03/12 4:15 p.m.•110 views

CVE-2020-0892

9.3CVSS8AI score0.33652EPSS

CVE•added 2020/08/17 7:15 p.m.•110 views

CVE-2020-1503

5.5CVSS6.3AI score0.25763EPSS

CVE•added 2021/01/12 8:15 p.m.•110 views

CVE-2021-1716

Microsoft Word Remote Code Execution Vulnerability

9.3CVSS7.8AI score0.03413EPSS

CVE•added 2018/01/10 1:29 a.m.•109 views

CVE-2018-0792

Microsoft Word 2016 in Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0794.

9.3CVSS8.8AI score0.60791EPSS

CVE•added 2020/06/09 8:15 p.m.•109 views

CVE-2020-1229

A security feature bypass vulnerability exists in Microsoft Outlook when Office fails to enforce security settings configured on a system, aka 'Microsoft Outlook Security Feature Bypass Vulnerability'.

4.3CVSS4.6AI score0.09196EPSS

CVE•added 2019/12/10 10:15 p.m.•107 views

CVE-2019-1461

A denial of service vulnerability exists in Microsoft Word software when the software fails to properly handle objects in memory, aka 'Microsoft Word Denial of Service Vulnerability'.

7.1CVSS6.1AI score0.16941EPSS

CVE•added 2020/11/11 7:15 a.m.•103 views

CVE-2020-17020

Microsoft Word Security Feature Bypass Vulnerability

5.5CVSS3.5AI score0.01014EPSS

CVE•added 2020/09/11 5:15 p.m.•102 views

CVE-2020-1218

<p>A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the...

8.8CVSS7.7AI score0.07867EPSS

CVE•added 2020/07/14 11:15 p.m.•102 views

CVE-2020-1447

8.8CVSS8.8AI score0.43263EPSS

CVE•added 2022/11/09 10:15 p.m.•102 views

CVE-2022-41103

Microsoft Word Information Disclosure Vulnerability

5.5CVSS6.1AI score0.00285EPSS

Total number of security vulnerabilities103