Office

office

Vendor: Microsoft • 1,032 CVEs

CVEs (1,032)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-30376 1Microsoft 5365 Apps ExcelOffice+2 more May 19, 2025 May 13, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-30375 1Microsoft 5365 Apps ExcelOffice+2 more May 19, 2025 May 13, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-29979 1Microsoft 5365 Apps ExcelOffice+2 more May 19, 2025 May 13, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-29977 1Microsoft 5365 Apps ExcelOffice+2 more May 19, 2025 May 13, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-29822 1Microsoft 3Office Office Long Term Servicing ChannelOnenote Jul 8, 2025 Apr 8, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker to bypass a security feature locally.
CVE-2025-29820 1Microsoft 4365 Apps OfficeOffice Long Term Servicing Channel+1 more Jul 8, 2025 Apr 8, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-29816 1Microsoft 4365 Apps OfficeOffice Long Term Servicing Channel+1 more Jul 9, 2025 Apr 8, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Improper input validation in Microsoft Office Word allows an unauthorized attacker to bypass a security feature over a network.
CVE-2025-29792 1Microsoft 3365 Apps OfficeOffice Long Term Servicing Channel Jul 9, 2025 Apr 8, 2025 N/A· v4 7.3 HIGH· v3 N/A· v2 Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.
CVE-2025-29791 1Microsoft 3365 Apps OfficeOffice Long Term Servicing Channel Jul 9, 2025 Apr 8, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-27752 1Microsoft 3365 Apps OfficeOffice Long Term Servicing Channel Jul 9, 2025 Apr 8, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-27751 1Microsoft 5365 Apps ExcelOffice+2 more Jul 9, 2025 Apr 8, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-27750 1Microsoft 4365 Apps ExcelOffice+1 more Jul 9, 2025 Apr 8, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-27749 1Microsoft 3365 Apps OfficeOffice Long Term Servicing Channel Jul 9, 2025 Apr 8, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-27748 1Microsoft 3365 Apps OfficeOffice Long Term Servicing Channel Jul 9, 2025 Apr 8, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-27747 1Microsoft 6365 Apps OfficeOffice Long Term Servicing Channel+3 more Jul 9, 2025 Apr 8, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-27746 1Microsoft 5365 Apps OfficeOffice Long Term Servicing Channel+2 more Jul 9, 2025 Apr 8, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-27745 1Microsoft 3365 Apps OfficeOffice Long Term Servicing Channel Jul 9, 2025 Apr 8, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-27744 1Microsoft 1Office Jul 9, 2025 Apr 8, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Improper access control in Microsoft Office allows an authorized attacker to elevate privileges locally.
CVE-2025-26687 1Microsoft 16Office Windows 10 1507Windows 10 1607+13 more Jul 9, 2025 Apr 8, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-26642 1Microsoft 7365 Apps AccessExcel+4 more Jul 9, 2025 Apr 8, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.

Previous 1...789...52 Next