threat
engine
.sh
Back
·
··:··
Home
/
Product
/
microsoft office
Product
microsoft office
500 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-42832
all versions
Improper access control in Microsoft Office allows an unauthorized attacker to perform spoofing locally.
7.7
HIGH
CVE-2026-42831
< 16.0.19822.20190
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2026-40421
all versions
Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose informati
4.3
MEDIUM
CVE-2026-32200
all versions
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2026-32199
all versions
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2026-32198
all versions
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2026-32197
all versions
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2026-32190
all versions
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
8.4
HIGH
CVE-2026-32189
all versions
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2026-32188
all versions
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
7.1
HIGH
CVE-2026-26134
< 16.0.19822.20000
Integer overflow or wraparound in Microsoft Office allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-26113
all versions
Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally.
8.4
HIGH
CVE-2026-26112
all versions
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2026-26110
< 16.0.19822.20000
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code
8.4
HIGH
CVE-2026-26109
all versions
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
8.4
HIGH
CVE-2026-26108
all versions
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2026-26107
all versions
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2026-25180
< 16.0.19822.20000
Out-of-bounds read in Microsoft Graphics Component allows an unauthorized attacker to disclose information locally.
5.5
MEDIUM
CVE-2026-24285
< 16.0.19822.20000
Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.
7.0
HIGH
CVE-2026-21511
all versions
Deserialization of untrusted data in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network.
7.5
HIGH
CVE-2026-21261
all versions
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
5.5
MEDIUM
CVE-2026-21260
all versions
Exposure of sensitive information to an unauthorized actor in Microsoft Office Outlook allows an unauthorized attacker to perform
7.5
HIGH
CVE-2026-21259
all versions
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-21258
all versions
Improper input validation in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
5.5
MEDIUM
CVE-2026-21509
all versions
Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a security featu
7.8
HIGH
CVE-2026-20957
all versions
Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2026-20955
all versions
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2026-20953
all versions
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
8.4
HIGH
CVE-2026-20952
all versions
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
8.4
HIGH
CVE-2026-20950
all versions
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2026-20948
all versions
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2026-20946
all versions
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2026-20943
all versions
Untrusted search path in Microsoft Office allows an unauthorized attacker to execute code locally.
7.0
HIGH
CVE-2025-62564
all versions
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-62563
all versions
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-62562
all versions
Use after free in Microsoft Office Outlook allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-62561
all versions
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-62560
all versions
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-62559
all versions
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-62558
all versions
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-62557
all versions
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
8.4
HIGH
CVE-2025-62556
all versions
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-62555
all versions
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
7.0
HIGH
CVE-2025-62554
all versions
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code
8.4
HIGH
CVE-2025-62553
all versions
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-62552
all versions
Relative path traversal in Microsoft Office Access allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-62203
all versions
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-62202
all versions
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
7.1
HIGH
CVE-2025-62201
all versions
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-62200
all versions
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-62199
< 16.0.19426.20044
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-60727
all versions
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-60726
all versions
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
7.1
HIGH
CVE-2025-60724
< 16.0.19426.20044
Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network.
9.8
CRITICAL
CVE-2025-59240
all versions
Exposure of sensitive information to an unauthorized actor in Microsoft Office Excel allows an unauthorized attacker to disclose i
5.5
MEDIUM
CVE-2025-59238
all versions
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-59236
all versions
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
8.4
HIGH
CVE-2025-59235
all versions
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
7.1
HIGH
CVE-2025-59234
< 16.0.19328.20000
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-59233
all versions
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute
7.8
HIGH
CVE-2025-59232
all versions
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
7.1
HIGH
CVE-2025-59231
all versions
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute
7.8
HIGH
CVE-2025-59227
< 16.0.19328.20000
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-59225
all versions
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-59224
all versions
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-59223
all versions
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-59222
all versions
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-59221
all versions
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
7.0
HIGH
CVE-2025-54910
all versions
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
8.4
HIGH
CVE-2025-54908
all versions
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-54907
all versions
Heap-based buffer overflow in Microsoft Office Visio allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-54906
all versions
Free of memory not on the heap in Microsoft Office allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-54905
all versions
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
7.1
HIGH
CVE-2025-54904
all versions
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-54903
all versions
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-54902
all versions
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-54901
all versions
Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
5.5
MEDIUM
CVE-2025-54900
all versions
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-54899
all versions
Free of memory not on the heap in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-54898
all versions
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-54896
all versions
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-53799
< 16.0.19220.20000
Use of uninitialized resource in Windows Imaging Component allows an unauthorized attacker to disclose information locally.
5.5
MEDIUM
CVE-2025-53766
< 16.0.19127.20000
Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network.
9.8
CRITICAL
CVE-2025-53761
all versions
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-53759
all versions
Use of uninitialized resource in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-53741
all versions
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-53740
all versions
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
8.4
HIGH
CVE-2025-53739
all versions
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute
7.8
HIGH
CVE-2025-53738
all versions
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-53737
all versions
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-53736
all versions
Buffer over-read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
6.8
MEDIUM
CVE-2025-53735
all versions
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-53734
all versions
Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-53733
all versions
Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally.
8.4
HIGH
CVE-2025-53732
< 16.0.19127.20000
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-53731
all versions
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
8.4
HIGH
CVE-2025-53730
all versions
Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-49711
all versions
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-49705
all versions
Heap-based buffer overflow in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-49703
all versions
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-49702
all versions
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code
7.8
HIGH
CVE-2025-49700
all versions
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-49699
all versions
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
7.0
HIGH
CVE-2025-49698
all versions
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-49697
all versions
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
8.4
HIGH
CVE-2025-49696
all versions
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.
8.4
HIGH
CVE-2025-49695
all versions
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
8.4
HIGH
CVE-2025-48812
all versions
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
5.5
MEDIUM
CVE-2025-47994
all versions
Deserialization of untrusted data in Microsoft Office allows an unauthorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2025-47953
all versions
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
8.4
HIGH
CVE-2025-47175
all versions
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-47173
all versions
Improper input validation in Microsoft Office allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-47171
all versions
Improper input validation in Microsoft Office Outlook allows an authorized attacker to execute code locally.
6.7
MEDIUM
CVE-2025-47169
all versions
Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-47168
all versions
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-47167
< 16.0.18925.20000
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code
8.4
HIGH
CVE-2025-47165
all versions
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-47164
all versions
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
8.4
HIGH
CVE-2025-47162
all versions
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
8.4
HIGH
CVE-2025-32704
all versions
Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
8.4
HIGH
CVE-2025-30388
< 16.0.18827.20000
Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-30386
< 16.0.18827.20000
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
8.4
HIGH
CVE-2025-30383
all versions
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute
7.8
HIGH
CVE-2025-30381
all versions
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-30379
all versions
Release of invalid pointer or reference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-30377
all versions
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
8.4
HIGH
CVE-2025-30376
all versions
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-30375
all versions
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute
7.8
HIGH
CVE-2025-29979
all versions
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-29977
all versions
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-29822
all versions
Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker to bypass a security feature loca
7.8
HIGH
CVE-2025-29820
all versions
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-29816
all versions
Improper input validation in Microsoft Office Word allows an unauthorized attacker to bypass a security feature over a network.
7.5
HIGH
CVE-2025-29792
all versions
Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.
7.3
HIGH
CVE-2025-29791
all versions
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code
7.8
HIGH
CVE-2025-27752
all versions
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-27751
all versions
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-27750
all versions
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-27749
all versions
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-27748
all versions
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-27747
all versions
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-27746
all versions
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-27745
all versions
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-27744
all versions
Improper access control in Microsoft Office allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2025-26687
< 16.0.18730.20000
Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network.
7.5
HIGH
CVE-2025-26642
all versions
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-26630
all versions
Use after free in Microsoft Office Access allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-24083
all versions
Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-24082
all versions
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-24081
all versions
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-24080
all versions
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-24079
all versions
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-24078
all versions
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
7.0
HIGH
CVE-2025-24075
all versions
Stack-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-24057
all versions
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-21394
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2025-21392
all versions
Microsoft Office Remote Code Execution Vulnerability
7.8
HIGH
CVE-2025-21390
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2025-21387
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2025-21386
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2025-21383
all versions
Microsoft Excel Information Disclosure Vulnerability
7.8
HIGH
CVE-2025-21381
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2025-21402
all versions
Microsoft Office OneNote Remote Code Execution Vulnerability
7.8
HIGH
CVE-2025-21395
all versions
Microsoft Access Remote Code Execution Vulnerability
7.8
HIGH
CVE-2025-21366
all versions
Microsoft Access Remote Code Execution Vulnerability
7.8
HIGH
CVE-2025-21362
all versions
Microsoft Excel Remote Code Execution Vulnerability
8.4
HIGH
CVE-2025-21361
all versions
Microsoft Outlook Remote Code Execution Vulnerability
7.8
HIGH
CVE-2025-21357
all versions
Microsoft Outlook Remote Code Execution Vulnerability
6.7
MEDIUM
CVE-2025-21356
all versions
Microsoft Office Visio Remote Code Execution Vulnerability
7.8
HIGH
CVE-2025-21354
all versions
Microsoft Excel Remote Code Execution Vulnerability
8.4
HIGH
CVE-2025-21346
all versions
Microsoft Office Security Feature Bypass Vulnerability
7.1
HIGH
CVE-2025-21345
all versions
Microsoft Office Visio Remote Code Execution Vulnerability
7.8
HIGH
CVE-2025-21338
< 16.0.18429.20000
GDI+ Remote Code Execution Vulnerability
7.8
HIGH
CVE-2025-21186
all versions
Microsoft Access Remote Code Execution Vulnerability
7.8
HIGH
CVE-2024-49142
all versions
Microsoft Access Remote Code Execution Vulnerability
7.8
HIGH
CVE-2024-49069
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2024-49065
all versions
Microsoft Office Remote Code Execution Vulnerability
5.5
MEDIUM
CVE-2024-49059
all versions
Microsoft Office Elevation of Privilege Vulnerability
7.0
HIGH
CVE-2024-43600
all versions
Microsoft Office Elevation of Privilege Vulnerability
7.8
HIGH
CVE-2024-49033
all versions
Microsoft Word Security Feature Bypass Vulnerability
7.5
HIGH
CVE-2024-49032
all versions
Microsoft Office Graphics Remote Code Execution Vulnerability
7.8
HIGH
CVE-2024-49031
all versions
Microsoft Office Graphics Remote Code Execution Vulnerability
7.8
HIGH
CVE-2024-49030
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2024-49029
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2024-49028
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2024-49027
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2024-49026
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2024-43616
all versions
Microsoft Office Remote Code Execution Vulnerability
7.8
HIGH
CVE-2024-43609
all versions
Microsoft Office Spoofing Vulnerability
6.5
MEDIUM
CVE-2024-43505
all versions
Microsoft Office Visio Remote Code Execution Vulnerability
7.8
HIGH
CVE-2024-43504
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2024-38016
all versions
Microsoft Office Visio Remote Code Execution Vulnerability
7.8
HIGH
CVE-2024-43465
all versions
Microsoft Excel Elevation of Privilege Vulnerability
7.8
HIGH
CVE-2024-43463
all versions
Microsoft Office Visio Remote Code Execution Vulnerability
7.8
HIGH
CVE-2024-38250
all versions
Windows Graphics Component Elevation of Privilege Vulnerability
7.8
HIGH
CVE-2024-38173
all versions
Microsoft Outlook Remote Code Execution Vulnerability
6.7
MEDIUM
CVE-2024-38171
all versions
Microsoft PowerPoint Remote Code Execution Vulnerability
7.8
HIGH
CVE-2024-38169
all versions
Microsoft Office Visio Remote Code Execution Vulnerability
7.8
HIGH
CVE-2024-38200
all versions
Microsoft Office Spoofing Vulnerability
6.5
MEDIUM
CVE-2024-39817
>= 10.0.0 and < 10.8.7
Insertion of sensitive information into sent data issue exists in Cybozu Office 10.0.0 to 10.8.6, which may allow a user who can l
6.5
MEDIUM
CVE-2024-38021
all versions
Microsoft Outlook Remote Code Execution Vulnerability
8.8
HIGH
CVE-2024-38020
all versions
Microsoft Outlook Spoofing Vulnerability
6.5
MEDIUM
CVE-2024-30104
all versions
Microsoft Office Remote Code Execution Vulnerability
7.8
HIGH
CVE-2024-30103
all versions
Microsoft Outlook Remote Code Execution Vulnerability
8.8
HIGH
CVE-2024-30101
all versions
Microsoft Office Remote Code Execution Vulnerability
7.5
HIGH
CVE-2024-30042
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2024-26257
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2024-21379
all versions
Microsoft Word Remote Code Execution Vulnerability
7.8
HIGH
CVE-2024-21378
all versions
Microsoft Outlook Remote Code Execution Vulnerability
8.8
HIGH
CVE-2024-20673
all versions
Microsoft Office Remote Code Execution Vulnerability
7.8
HIGH
CVE-2024-20677
all versions
A security vulnerability exists in FBX that could lead to remote code execution. To mitigate this vulnerability, the ability to in
7.8
HIGH
CVE-2023-36009
all versions
Microsoft Word Information Disclosure Vulnerability
5.5
MEDIUM
CVE-2023-35636
all versions
Microsoft Outlook Information Disclosure Vulnerability
6.5
MEDIUM
CVE-2023-36413
all versions
Microsoft Office Security Feature Bypass Vulnerability
6.5
MEDIUM
CVE-2023-36045
all versions
Microsoft Office Graphics Remote Code Execution Vulnerability
7.8
HIGH
CVE-2023-36041
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2023-36037
all versions
Microsoft Excel Security Feature Bypass Vulnerability
7.8
HIGH
CVE-2023-36569
all versions
Microsoft Office Elevation of Privilege Vulnerability
8.4
HIGH
CVE-2023-36568
all versions
Microsoft Office Click-To-Run Elevation of Privilege Vulnerability
7.0
HIGH
CVE-2023-36565
< 16.0.16827.20138
Microsoft Office Graphics Elevation of Privilege Vulnerability
7.0
HIGH
CVE-2023-41764
all versions
Microsoft Office Spoofing Vulnerability
5.5
MEDIUM
CVE-2023-36767
all versions
Microsoft Office Security Feature Bypass Vulnerability
4.3
MEDIUM
CVE-2023-36766
all versions
Microsoft Excel Information Disclosure Vulnerability
7.8
HIGH
CVE-2023-36765
all versions
Microsoft Office Elevation of Privilege Vulnerability
7.8
HIGH
CVE-2023-36763
all versions
Microsoft Outlook Information Disclosure Vulnerability
7.5
HIGH
CVE-2023-36762
all versions
Microsoft Word Remote Code Execution Vulnerability
7.3
HIGH
CVE-2023-36761
all versions
Microsoft Word Information Disclosure Vulnerability
6.5
MEDIUM
CVE-2023-36897
all versions
Visual Studio Tools for Office Runtime Spoofing Vulnerability
8.1
HIGH
CVE-2023-36896
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2023-36895
all versions
Microsoft Outlook Remote Code Execution Vulnerability
7.8
HIGH
CVE-2023-36893
all versions
Microsoft Outlook Spoofing Vulnerability
6.5
MEDIUM
CVE-2023-36866
all versions
Microsoft Office Visio Remote Code Execution Vulnerability
7.8
HIGH
CVE-2023-36865
all versions
Microsoft Office Visio Remote Code Execution Vulnerability
7.8
HIGH
CVE-2023-35372
all versions
Microsoft Office Visio Remote Code Execution Vulnerability
7.8
HIGH
CVE-2023-35371
all versions
Microsoft Office Remote Code Execution Vulnerability
7.8
HIGH
CVE-2023-35311
all versions
Microsoft Outlook Security Feature Bypass Vulnerability
8.8
HIGH
CVE-2023-33162
all versions
Microsoft Excel Information Disclosure Vulnerability
5.5
MEDIUM
CVE-2023-33161
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2023-33158
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2023-33153
all versions
Microsoft Outlook Remote Code Execution Vulnerability
6.8
MEDIUM
CVE-2023-33152
all versions
Microsoft ActiveX Remote Code Execution Vulnerability
7.0
HIGH
CVE-2023-33151
all versions
Microsoft Outlook Spoofing Vulnerability
6.5
MEDIUM
CVE-2023-33150
all versions
Microsoft Office Security Feature Bypass Vulnerability
9.6
CRITICAL
CVE-2023-33149
all versions
Microsoft Office Graphics Remote Code Execution Vulnerability
7.8
HIGH
CVE-2023-33148
all versions
Microsoft Office Elevation of Privilege Vulnerability
7.8
HIGH
CVE-2023-28295
all versions
Microsoft Publisher Remote Code Execution Vulnerability
7.8
HIGH
CVE-2023-28287
all versions
Microsoft Publisher Remote Code Execution Vulnerability
7.8
HIGH
CVE-2023-33146
all versions
Microsoft Office Remote Code Execution Vulnerability
7.8
HIGH
CVE-2023-33137
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2023-33131
all versions
Microsoft Outlook Remote Code Execution Vulnerability
8.8
HIGH
CVE-2023-32029
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2023-29344
all versions
Microsoft Office Remote Code Execution Vulnerability
7.8
HIGH
CVE-2022-35742
all versions
Microsoft Outlook Denial of Service Vulnerability
7.5
HIGH
CVE-2023-29335
all versions
Microsoft Word Security Feature Bypass Vulnerability
7.5
HIGH
CVE-2023-29333
all versions
Microsoft Access Denial of Service Vulnerability
3.3
LOW
CVE-2023-24953
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2023-28311
all versions
Microsoft Word Remote Code Execution Vulnerability
7.8
HIGH
CVE-2023-28285
all versions
Microsoft Office Remote Code Execution Vulnerability
7.8
HIGH
CVE-2023-24910
all versions
Windows Graphics Component Elevation of Privilege Vulnerability
7.8
HIGH
CVE-2023-23399
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2023-23398
all versions
Microsoft Excel Spoofing Vulnerability
7.1
HIGH
CVE-2023-23397
all versions
Microsoft Outlook Elevation of Privilege Vulnerability
9.8
CRITICAL
CVE-2023-23391
all versions
Office for Android Spoofing Vulnerability
5.5
MEDIUM
CVE-2023-21716
all versions
Microsoft Word Remote Code Execution Vulnerability
9.8
CRITICAL
CVE-2023-21741
all versions
Microsoft Office Visio Information Disclosure Vulnerability
7.1
HIGH
CVE-2023-21738
all versions
Microsoft Office Visio Remote Code Execution Vulnerability
7.8
HIGH
CVE-2023-21737
all versions
Microsoft Office Visio Remote Code Execution Vulnerability
7.8
HIGH
CVE-2023-21736
all versions
Microsoft Office Visio Remote Code Execution Vulnerability
7.8
HIGH
CVE-2023-21735
all versions
Microsoft Office Remote Code Execution Vulnerability
7.8
HIGH
CVE-2023-21734
all versions
Microsoft Office Remote Code Execution Vulnerability
7.8
HIGH
CVE-2022-44713
all versions
Microsoft Outlook for Mac Spoofing Vulnerability
7.5
HIGH
CVE-2022-44696
all versions
Microsoft Office Visio Remote Code Execution Vulnerability
7.8
HIGH
CVE-2022-44695
all versions
Microsoft Office Visio Remote Code Execution Vulnerability
7.8
HIGH
CVE-2022-44694
all versions
Microsoft Office Visio Remote Code Execution Vulnerability
7.8
HIGH
CVE-2022-44692
all versions
Microsoft Office Graphics Remote Code Execution Vulnerability
7.8
HIGH
CVE-2022-44691
all versions
Microsoft Office OneNote Remote Code Execution Vulnerability
7.8
HIGH
CVE-2022-41107
all versions
Microsoft Office Graphics Remote Code Execution Vulnerability
7.8
HIGH
CVE-2022-41106
all versions
Microsoft Excel Remote Code Execution Vulnerability
8.8
HIGH
CVE-2022-41105
all versions
Microsoft Excel Information Disclosure Vulnerability
5.5
MEDIUM
CVE-2022-41104
all versions
Microsoft Excel Security Feature Bypass Vulnerability
5.5
MEDIUM
CVE-2022-41103
all versions
Microsoft Word Information Disclosure Vulnerability
5.5
MEDIUM
CVE-2022-41063
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2022-41061
all versions
Microsoft Word Remote Code Execution Vulnerability
7.8
HIGH
CVE-2022-41060
all versions
Microsoft Word Information Disclosure Vulnerability
5.5
MEDIUM
CVE-2022-41043
all versions
Microsoft Office Information Disclosure Vulnerability
3.3
LOW
CVE-2022-41031
all versions
Microsoft Word Remote Code Execution Vulnerability
7.8
HIGH
CVE-2022-38049
all versions
Microsoft Office Graphics Remote Code Execution Vulnerability
7.8
HIGH
CVE-2022-38048
all versions
Microsoft Office Remote Code Execution Vulnerability
7.8
HIGH
CVE-2022-38001
all versions
Microsoft Office Spoofing Vulnerability
6.5
MEDIUM
CVE-2022-38010
all versions
Microsoft Office Visio Remote Code Execution Vulnerability
7.8
HIGH
CVE-2022-37963
all versions
Microsoft Office Visio Remote Code Execution Vulnerability
7.8
HIGH
CVE-2022-37962
all versions
Microsoft PowerPoint Remote Code Execution Vulnerability
7.8
HIGH
CVE-2022-33311
>= 10.0.0 and <= 10.8.5
Browse restriction bypass vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker t
4.3
MEDIUM
CVE-2022-33151
>= 10.0.0 and <= 10.8.5
Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows remote attackers to inject
6.1
MEDIUM
CVE-2022-32583
>= 10.0.0 and <= 10.8.5
Operation restriction bypass vulnerability in Scheduler of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker t
4.3
MEDIUM
CVE-2022-32544
>= 10.0.0 and <= 10.8.5
Operation restriction bypass vulnerability in Project of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to
4.3
MEDIUM
CVE-2022-32453
>= 10.0.0 and <= 10.8.5
HTTP header injection vulnerability in Cybozu Office 10.0.0 to 10.8.5 may allow a remote attacker to obtain and/or alter the data
6.5
MEDIUM
CVE-2022-32283
>= 10.0.0 and <= 10.8.5
Browse restriction bypass vulnerability in Cabinet of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to obt
4.3
MEDIUM
CVE-2022-30693
>= 10.0.0 and <= 10.8.5
Information disclosure vulnerability in the system configuration of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to obt
5.3
MEDIUM
CVE-2022-30604
>= 10.0.0 and <= 10.8.5
Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject
6.1
MEDIUM
CVE-2022-29891
>= 10.0.0 and <= 10.8.5
Browse restriction bypass vulnerability in Custom Ap of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to o
4.3
MEDIUM
CVE-2022-29487
>= 10.0.0 and <= 10.8.5
Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via un
6.1
MEDIUM
CVE-2022-28715
>= 10.0.0 and <= 10.8.5
Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject
6.1
MEDIUM
CVE-2022-25986
>= 10.0.0 and <= 10.8.5
Browse restriction bypass vulnerability in Scheduler of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to o
4.3
MEDIUM
CVE-2022-34717
all versions
Microsoft Office Remote Code Execution Vulnerability
8.8
HIGH
CVE-2022-33631
all versions
Microsoft Excel Security Feature Bypass Vulnerability
7.3
HIGH
CVE-2022-33632
all versions
Microsoft Office Security Feature Bypass Vulnerability
4.7
MEDIUM
CVE-2022-29109
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2022-29107
all versions
Microsoft Office Security Feature Bypass Vulnerability
5.5
MEDIUM
CVE-2022-26934
all versions
Windows Graphics Component Information Disclosure Vulnerability
6.5
MEDIUM
CVE-2022-26901
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2022-24473
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2022-24511
all versions
Microsoft Office Word Tampering Vulnerability
5.5
MEDIUM
CVE-2022-24510
all versions
Microsoft Office Visio Remote Code Execution Vulnerability
7.8
HIGH
CVE-2022-24509
all versions
Microsoft Office Visio Remote Code Execution Vulnerability
7.8
HIGH
CVE-2022-24462
all versions
Microsoft Word Security Feature Bypass Vulnerability
5.5
MEDIUM
CVE-2022-24461
all versions
Microsoft Office Visio Remote Code Execution Vulnerability
7.8
HIGH
CVE-2022-23252
all versions
Microsoft Office Information Disclosure Vulnerability
5.5
MEDIUM
CVE-2022-22716
all versions
Microsoft Excel Information Disclosure Vulnerability
5.5
MEDIUM
CVE-2022-22004
all versions
Microsoft Office ClickToRun Remote Code Execution Vulnerability
7.8
HIGH
CVE-2022-22003
all versions
Microsoft Office Graphics Remote Code Execution Vulnerability
7.8
HIGH
CVE-2022-21988
all versions
Microsoft Office Visio Remote Code Execution Vulnerability
7.8
HIGH
CVE-2022-21841
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2022-21840
all versions
Microsoft Office Remote Code Execution Vulnerability
8.8
HIGH
CVE-2021-43875
all versions
Microsoft Office Graphics Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-43256
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-43255
all versions
Microsoft Office Trust Center Spoofing Vulnerability
5.5
MEDIUM
CVE-2021-42295
all versions
Visual Basic for Applications Information Disclosure Vulnerability
5.5
MEDIUM
CVE-2021-42293
all versions
Microsoft Jet Red Database Engine and Access Connectivity Engine Elevation of Privilege Vulnerability
6.5
MEDIUM
CVE-2021-42296
all versions
Microsoft Word Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-42292
all versions
Microsoft Excel Security Feature Bypass Vulnerability
7.8
HIGH
CVE-2021-41368
all versions
Microsoft Access Remote Code Execution Vulnerability
6.1
MEDIUM
CVE-2021-40442
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-40486
all versions
Microsoft Word Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-40485
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-40481
all versions
Microsoft Office Visio Remote Code Execution Vulnerability
7.1
HIGH
CVE-2021-40480
all versions
Microsoft Office Visio Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-40479
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-40474
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-40473
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-40472
all versions
Microsoft Excel Information Disclosure Vulnerability
5.5
MEDIUM
CVE-2021-40471
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-40454
all versions
Rich Text Edit Control Information Disclosure Vulnerability
5.5
MEDIUM
CVE-2021-38658
all versions
Microsoft Office Graphics Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-38655
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-38654
all versions
Microsoft Office Visio Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-38653
all versions
Microsoft Office Visio Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-38650
all versions
Microsoft Office Spoofing Vulnerability
7.6
HIGH
CVE-2021-38646
all versions
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-36941
all versions
Microsoft Word Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-34478
all versions
Microsoft Office Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-34452
all versions
Microsoft Word Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-34501
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-34469
all versions
Microsoft Office Security Feature Bypass Vulnerability
8.2
HIGH
CVE-2021-31949
all versions
Microsoft Outlook Remote Code Execution Vulnerability
7.3
HIGH
CVE-2021-31941
all versions
Microsoft Office Graphics Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-31940
all versions
Microsoft Office Graphics Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-31939
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-31180
all versions
Microsoft Office Graphics Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-31179
all versions
Microsoft Office Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-31178
all versions
Microsoft Office Information Disclosure Vulnerability
5.5
MEDIUM
CVE-2021-31177
all versions
Microsoft Office Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-31176
all versions
Microsoft Office Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-31175
all versions
Microsoft Office Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-31174
all versions
Microsoft Excel Information Disclosure Vulnerability
5.5
MEDIUM
CVE-2021-28455
all versions
Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability
8.8
HIGH
CVE-2021-28456
all versions
Microsoft Excel Information Disclosure Vulnerability
5.5
MEDIUM
CVE-2021-28454
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-28453
all versions
Microsoft Word Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-28452
all versions
Microsoft Outlook Memory Corruption Vulnerability
7.1
HIGH
CVE-2021-28451
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-28449
all versions
Microsoft Office Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-20634
>= 10.0.0 and <= 10.8.4
Improper access control vulnerability in Custom App of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass acc
4.3
MEDIUM
CVE-2021-20633
>= 10.0.0 and <= 10.8.4
Improper access control vulnerability in Cabinet of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass access
4.3
MEDIUM
CVE-2021-20632
>= 10.0.0 and <= 10.8.4
Improper access control vulnerability in Bulletin Board of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass
4.3
MEDIUM
CVE-2021-20631
>= 10.0.0 and <= 10.8.4
Improper input validation vulnerability in Custom App of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attacker to alter the
6.5
MEDIUM
CVE-2021-20630
>= 10.0.0 and <= 10.8.4
Improper access control vulnerability in Phone Messages of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass
4.3
MEDIUM
CVE-2021-20629
>= 10.0.0 and <= 10.8.4
Cross-site scripting vulnerability in E-mail of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrary scri
6.1
MEDIUM
CVE-2021-20628
>= 10.0.0 and <= 10.8.4
Cross-site scripting vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrar
6.1
MEDIUM
CVE-2021-20627
>= 10.0.0 and <= 10.8.4
Cross-site scripting vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrar
6.1
MEDIUM
CVE-2021-20626
>= 10.0.0 and <= 10.8.4
Improper access control vulnerability in Workflow of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass acces
6.5
MEDIUM
CVE-2021-20625
>= 10.0.0 and <= 10.8.4
Improper access control vulnerability in Bulletin Board of Cybozu Office 10.0.0 to 10.8.4 allows an authenticated attacker to bypa
4.3
MEDIUM
CVE-2021-20624
>= 10.0.0 and <= 10.8.4
Improper access control vulnerability in Scheduler of Cybozu Office 10.0.0 to 10.8.4 allows an authenticated attacker to bypass ac
6.5
MEDIUM
CVE-2021-27059
all versions
Microsoft Office Remote Code Execution Vulnerability
7.6
HIGH
CVE-2021-27057
all versions
Microsoft Office Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-27056
all versions
Microsoft PowerPoint Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-27055
all versions
Microsoft Visio Security Feature Bypass Vulnerability
7.0
HIGH
CVE-2021-27054
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-27053
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-24108
all versions
Microsoft Office Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-24070
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-24069
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-24067
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-1716
all versions
Microsoft Word Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-1715
all versions
Microsoft Word Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-1714
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-1713
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-1711
all versions
Microsoft Office Remote Code Execution Vulnerability
7.8
HIGH
CVE-2020-17129
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2020-17128
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2020-17126
all versions
Microsoft Excel Information Disclosure Vulnerability
5.5
MEDIUM
CVE-2020-17125
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2020-17124
all versions
Microsoft PowerPoint Remote Code Execution Vulnerability
7.8
HIGH
CVE-2020-17122
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2020-17119
all versions
Microsoft Outlook Information Disclosure Vulnerability
6.5
MEDIUM
CVE-2020-17067
all versions
Microsoft Excel Security Feature Bypass Vulnerability
7.8
HIGH
CVE-2020-17065
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2020-17064
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2020-17063
all versions
Microsoft Office Online Spoofing Vulnerability
6.8
MEDIUM
CVE-2020-17062
all versions
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
7.8
HIGH
CVE-2020-17020
all versions
Microsoft Word Security Feature Bypass Vulnerability
3.3
LOW
CVE-2020-17019
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8
HIGH
CVE-2020-16957
all versions
<p>A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in
7.8
HIGH
CVE-2020-16955
all versions
<p>An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files
7.8
HIGH
CVE-2020-16954
all versions
<p>A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in
7.8
HIGH
CVE-2020-16949
all versions
<p>A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in me
4.7
MEDIUM
CVE-2020-16947
all versions
<p>A remote code execution vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects i
7.5
HIGH
CVE-2020-16934
all versions
<p>An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files
7.0
HIGH
CVE-2020-16933
all versions
<p>A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. An attac
7.0
HIGH
CVE-2020-16932
all versions
<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in
7.8
HIGH
CVE-2020-16931
all versions
<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in
7.8
HIGH
CVE-2020-16930
all versions
<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in
7.8
HIGH
CVE-2020-16929
all versions
<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in
7.8
HIGH
CVE-2020-16928
all versions
<p>An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files
7.8
HIGH
CVE-2020-1594
all versions
<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in
7.8
HIGH
CVE-2020-1338
all versions
<p>A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An
7.8
HIGH
CVE-2020-1335
all versions
<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in
7.8
HIGH
CVE-2020-1332
all versions
<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in
7.8
HIGH
CVE-2020-1224
all versions
<p>An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacke
5.5
MEDIUM
CVE-2020-1218
all versions
<p>A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An
7.8
HIGH
CVE-2020-1193
all versions
<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in
7.8
HIGH
CVE-2020-16855
all versions
<p>An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized
5.5
MEDIUM
CVE-2020-1583
all versions
An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker wh
8.8
HIGH
CVE-2020-1582
all versions
A remote code execution vulnerability exists in Microsoft Access software when the software fails to properly handle objects in me
7.8
HIGH
CVE-2020-1581
all versions
An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) components handle objects in me
7.8
HIGH
CVE-2020-1563
all versions
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in me
7.8
HIGH
CVE-2020-1503
all versions
An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker wh
5.5
MEDIUM
CVE-2020-1502
all versions
An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker wh
5.5
MEDIUM
CVE-2020-1498
all versions
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in mem
8.8
HIGH
CVE-2020-1497
all versions
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker w
5.5
MEDIUM
CVE-2020-1496
all versions
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in mem
8.8
HIGH
CVE-2020-1495
all versions
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in mem
8.8
HIGH
CVE-2020-1494
all versions
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in mem
8.8
HIGH
CVE-2020-1493
all versions
An information disclosure vulnerability exists when attaching files to Outlook messages. This vulnerability could potentially allo
5.5
MEDIUM
CVE-2020-1483
all versions
A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory. An
5.0
MEDIUM
CVE-2020-1449
all versions
A remote code execution vulnerability exists in Microsoft Project software when the software fails to check the source markup of a
7.8
HIGH
CVE-2020-1448
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'M
8.8
HIGH
CVE-2020-1447
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'M
8.8
HIGH
CVE-2020-1446
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'M
8.8
HIGH
CVE-2020-1445
all versions
An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka 'Microso
5.5
MEDIUM
CVE-2020-1349
all versions
A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka
7.8
HIGH
CVE-2020-1342
all versions
An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized va
5.5
MEDIUM
CVE-2020-1322
all versions
An information disclosure vulnerability exists when Microsoft Project reads out of bound memory due to an uninitialized variable,
6.5
MEDIUM
CVE-2020-1321
all versions
A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory, aka
8.8
HIGH
CVE-2020-1229
all versions
A security feature bypass vulnerability exists in Microsoft Outlook when Office fails to enforce security settings configured on a
4.3
MEDIUM
CVE-2020-1226
all versions
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in mem
8.8
HIGH
CVE-2020-1225
all versions
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in mem
8.8
HIGH
CVE-2020-0901
all versions
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in mem
9.8
CRITICAL
CVE-2020-0991
all versions
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in me
7.8
HIGH
CVE-2020-0980
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'M
7.8
HIGH
CVE-2020-0961
all versions
A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in me
7.8
HIGH
CVE-2020-0906
all versions
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in mem
8.8
HIGH
CVE-2020-0760
all versions
A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Offic
8.8
HIGH
CVE-2020-0892
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'M
7.8
HIGH
CVE-2020-0855
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'M
7.8
HIGH
CVE-2020-0852
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'M
7.8
HIGH
CVE-2020-0851
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'M
7.8
HIGH
CVE-2020-0850
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'M
8.8
HIGH
CVE-2020-0696
all versions
A security feature bypass vulnerability exists in Microsoft Outlook software when it improperly handles the parsing of URI formats
6.5
MEDIUM
CVE-2019-6023
>= 10.0.0 and <= 10.8.3
Cybozu Office 10.0.0 to 10.8.3 allows remote authenticated attackers to bypass access restriction which may result in obtaining da
4.3
MEDIUM
CVE-2019-6022
>= 10.0.0 and <= 10.8.3
Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.3 allows remote authenticated attackers to alter arbitrary files
6.5
MEDIUM
CVE-2019-1464
all versions
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsof
5.5
MEDIUM
CVE-2019-1463
all versions
An information disclosure vulnerability exists in Microsoft Access software when the software fails to properly handle objects in
5.5
MEDIUM
CVE-2019-1462
all versions
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects i
7.8
HIGH
CVE-2019-1461
all versions
A denial of service vulnerability exists in Microsoft Word software when the software fails to properly handle objects in memory,
6.5
MEDIUM
CVE-2019-1400
all versions
An information disclosure vulnerability exists in Microsoft Access software when the software fails to properly handle objects in
5.5
MEDIUM
CVE-2019-1457
all versions
A security feature bypass vulnerability exists in Microsoft Office software by not enforcing macro settings on an Excel document,
7.8
HIGH
CVE-2019-1449
all versions
A security feature bypass vulnerability exists in the way that Office Click-to-Run (C2R) components handle a specially crafted fil
9.8
CRITICAL
CVE-2019-1448
all versions
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in mem
7.8
HIGH
CVE-2019-1446
all versions
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsof
5.5
MEDIUM
CVE-2019-1402
all versions
An information disclosure vulnerability exists in Microsoft Office software when the software fails to properly handle objects in
5.5
MEDIUM
CVE-2019-1331
all versions
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in mem
8.8
HIGH
CVE-2019-1297
all versions
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in mem
8.8
HIGH
CVE-2019-1264
all versions
A security feature bypass vulnerability exists when Microsoft Office improperly handles input, aka 'Microsoft Office Security Feat
7.8
HIGH
CVE-2019-1263
all versions
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsof
5.5
MEDIUM
CVE-2019-1246
all versions
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet D
7.8
HIGH
CVE-2019-1205
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An att
9.8
CRITICAL
CVE-2019-1204
all versions
An elevation of privilege vulnerability exists when Microsoft Outlook initiates processing of incoming messages without sufficient
4.3
MEDIUM
CVE-2019-1201
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An att
7.8
HIGH
CVE-2019-1200
all versions
A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory. An
7.8
HIGH
CVE-2019-1199
all versions
A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory. An
7.8
HIGH
CVE-2019-1155
all versions
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacke
7.8
HIGH
CVE-2019-1153
all versions
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory.
5.5
MEDIUM
CVE-2019-1151
all versions
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An
8.8
HIGH
CVE-2019-1149
all versions
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An
8.8
HIGH
CVE-2019-1148
all versions
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory.
5.5
MEDIUM
CVE-2019-1112
all versions
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsof
5.5
MEDIUM
CVE-2019-1111
all versions
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in mem
8.8
HIGH
CVE-2019-1110
all versions
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in mem
8.8
HIGH
CVE-2019-1109
all versions
A spoofing vulnerability exists when Microsoft Office Javascript does not check the validity of the web page making a request to O
9.1
CRITICAL
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin