Total
976 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-7193 | 1 Microsoft | 4 Office, Office Compatibility Pack, Word and 1 more | 2025-10-22 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Word 2007 SP2, Office 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, Office Web Apps Server 2013 SP1, and Office Online Server allow remote attackers to execute arbitrary code via a crafted RTF document, aka "Microsoft Office Memory Corruption Vulnerability." | |||||
| CVE-2015-2545 | 1 Microsoft | 1 Office | 2025-10-22 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted EPS image, aka "Microsoft Office Malformed EPS File Vulnerability." | |||||
| CVE-2015-2424 | 1 Microsoft | 6 Excel Viewer, Office, Office Compatibility Pack and 3 more | 2025-10-22 | 9.3 HIGH | 8.8 HIGH |
| Microsoft PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, Word 2010 SP2, PowerPoint 2013 SP1, Word 2013 SP1, and PowerPoint 2013 RT SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." | |||||
| CVE-2015-1770 | 1 Microsoft | 1 Office | 2025-10-22 | 9.3 HIGH | 8.8 HIGH |
| Microsoft Office 2013 SP1 and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Uninitialized Memory Use Vulnerability." | |||||
| CVE-2015-1642 | 1 Microsoft | 1 Office | 2025-10-22 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Office 2007 SP3, 2010 SP2, and 2013 SP1 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." | |||||
| CVE-2015-1641 | 1 Microsoft | 6 Office, Office Compatibility Pack, Office Web Apps and 3 more | 2025-10-22 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, and Office Web Apps Server 2010 SP2 and 2013 SP1 allow remote attackers to execute arbitrary code via a crafted RTF document, aka "Microsoft Office Memory Corruption Vulnerability." | |||||
| CVE-2025-59238 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2025-10-16 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-59221 | 1 Microsoft | 5 365 Apps, Office, Office Long Term Servicing Channel and 2 more | 2025-10-16 | N/A | 7.0 HIGH |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-59222 | 1 Microsoft | 5 365 Apps, Office, Office Long Term Servicing Channel and 2 more | 2025-10-16 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-59232 | 1 Microsoft | 7 365 Apps, Access, Excel and 4 more | 2025-10-16 | N/A | 7.1 HIGH |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | |||||
| CVE-2025-59235 | 1 Microsoft | 7 365 Apps, Access, Excel and 4 more | 2025-10-16 | N/A | 7.1 HIGH |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | |||||
| CVE-2025-59223 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2025-10-16 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-59224 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2025-10-16 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-59225 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2025-10-16 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-59227 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2025-10-16 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-53799 | 1 Microsoft | 16 Office, Windows 10 1507, Windows 10 1607 and 13 more | 2025-10-02 | N/A | 5.5 MEDIUM |
| Use of uninitialized resource in Windows Imaging Component allows an unauthorized attacker to disclose information locally. | |||||
| CVE-2025-54901 | 1 Microsoft | 4 365 Apps, Excel, Office and 1 more | 2025-10-01 | N/A | 5.5 MEDIUM |
| Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | |||||
| CVE-2025-54902 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2025-10-01 | N/A | 7.8 HIGH |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-54910 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2025-09-12 | N/A | 8.4 HIGH |
| Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-54908 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2025-09-12 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. | |||||