Filtered by vendor Microsoft
Subscriptions
Filtered by product Office
Subscriptions
Total
980 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-2545 | 1 Microsoft | 1 Office | 2025-10-22 | 7.8 High |
| Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted EPS image, aka "Microsoft Office Malformed EPS File Vulnerability." | ||||
| CVE-2015-2424 | 1 Microsoft | 6 Excel Viewer, Office, Office Compatibility Pack and 3 more | 2025-10-22 | 8.8 High |
| Microsoft PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, Word 2010 SP2, PowerPoint 2013 SP1, Word 2013 SP1, and PowerPoint 2013 RT SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." | ||||
| CVE-2015-1770 | 1 Microsoft | 1 Office | 2025-10-22 | 8.8 High |
| Microsoft Office 2013 SP1 and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Uninitialized Memory Use Vulnerability." | ||||
| CVE-2015-1642 | 1 Microsoft | 1 Office | 2025-10-22 | 7.8 High |
| Microsoft Office 2007 SP3, 2010 SP2, and 2013 SP1 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." | ||||
| CVE-2015-1641 | 1 Microsoft | 6 Office, Office Compatibility Pack, Office Web Apps and 3 more | 2025-10-22 | 7.8 High |
| Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, and Office Web Apps Server 2010 SP2 and 2013 SP1 allow remote attackers to execute arbitrary code via a crafted RTF document, aka "Microsoft Office Memory Corruption Vulnerability." | ||||
| CVE-2024-38226 | 1 Microsoft | 2 Office, Publisher | 2025-10-21 | 7.3 High |
| Microsoft Publisher Security Feature Bypass Vulnerability | ||||
| CVE-2024-38189 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2025-10-21 | 8.8 High |
| Microsoft Project Remote Code Execution Vulnerability | ||||
| CVE-2024-21413 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2025-10-21 | 9.8 Critical |
| Microsoft Outlook Remote Code Execution Vulnerability | ||||
| CVE-2023-36761 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2025-10-21 | 6.5 Medium |
| Microsoft Word Information Disclosure Vulnerability | ||||
| CVE-2023-35311 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2025-10-21 | 8.8 High |
| Microsoft Outlook Security Feature Bypass Vulnerability | ||||
| CVE-2025-53784 | 1 Microsoft | 8 365, 365 Apps, Office and 5 more | 2025-10-15 | 8.4 High |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-53766 | 1 Microsoft | 20 Gdi+, Gdiplus, Office and 17 more | 2025-10-15 | 9.8 Critical |
| Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-53740 | 1 Microsoft | 10 365, 365 Apps, Office and 7 more | 2025-10-15 | 8.4 High |
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-53739 | 1 Microsoft | 13 365, 365 Apps, Excel and 10 more | 2025-10-15 | 7.8 High |
| Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-53738 | 1 Microsoft | 11 365, 365 Apps, Office and 8 more | 2025-10-15 | 7.8 High |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-53737 | 1 Microsoft | 11 365, 365 Apps, Excel and 8 more | 2025-10-15 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-53736 | 1 Microsoft | 15 365, 365 Apps, Office and 12 more | 2025-10-15 | 6.8 Medium |
| Buffer over-read in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2025-53735 | 1 Microsoft | 11 365, 365 Apps, Excel and 8 more | 2025-10-15 | 7.8 High |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-53734 | 1 Microsoft | 8 365, 365 Apps, Office and 5 more | 2025-10-15 | 7.8 High |
| Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-53733 | 1 Microsoft | 14 365, 365 Apps, Office and 11 more | 2025-10-15 | 8.4 High |
| Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||