Filtered by vendor Microsoft
Subscriptions
Filtered by product Office
Subscriptions
Total
1036 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0616 | 1 Microsoft | 2 Excel, Office | 2026-04-16 | N/A |
| The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code by attaching an inline macro to an object within an Excel workbook, aka the "Excel Inline Macros Vulnerability." | ||||
| CVE-2002-0615 | 1 Microsoft | 2 Excel, Office | 2026-04-16 | N/A |
| The Windows Media Active Playlist in Microsoft Windows Media Player 7.1 stores information in a well known location on the local file system, allowing attackers to execute HTML scripts in the Local Computer zone, aka "Media Playback Script Invocation". | ||||
| CVE-2004-0200 | 1 Microsoft | 24 .net Framework, Digital Image Pro, Digital Image Suite and 21 more | 2026-04-16 | N/A |
| Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation. | ||||
| CVE-2006-2389 | 1 Microsoft | 1 Office | 2026-04-16 | N/A |
| Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via an Office file with a malformed property that triggers memory corruption related to record lengths, aka "Microsoft Office Property Vulnerability," a different vulnerability than CVE-2006-1316. | ||||
| CVE-2026-21259 | 1 Microsoft | 9 365 Apps, Excel, Excel 2016 and 6 more | 2026-04-15 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate privileges locally. | ||||
| CVE-2026-21258 | 1 Microsoft | 11 365 Apps, Excel, Excel 2016 and 8 more | 2026-04-15 | 5.5 Medium |
| Improper input validation in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-21260 | 1 Microsoft | 11 365 Apps, Office, Office 2019 and 8 more | 2026-04-15 | 7.5 High |
| Exposure of sensitive information to an unauthorized actor in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2026-21511 | 1 Microsoft | 13 365 Apps, Office, Office 2019 and 10 more | 2026-04-15 | 7.5 High |
| Deserialization of untrusted data in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2026-21261 | 1 Microsoft | 11 365 Apps, Excel, Excel 2016 and 8 more | 2026-04-15 | 5.5 Medium |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-20846 | 1 Microsoft | 31 Office, Windows 10 1607, Windows 10 1809 and 28 more | 2026-04-15 | 7.5 High |
| Buffer over-read in Windows GDI+ allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-26110 | 1 Microsoft | 9 365 Apps, Office, Office 2016 and 6 more | 2026-04-14 | 8.4 High |
| Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-26109 | 1 Microsoft | 13 365 Apps, Excel, Excel 2016 and 10 more | 2026-04-14 | 8.4 High |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-26108 | 1 Microsoft | 11 365 Apps, Excel, Excel 2016 and 8 more | 2026-04-14 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-26107 | 1 Microsoft | 11 365 Apps, Excel, Excel 2016 and 8 more | 2026-04-14 | 7.8 High |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-26134 | 1 Microsoft | 1 Office | 2026-04-14 | 7.8 High |
| Integer overflow or wraparound in Microsoft Office allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-26113 | 1 Microsoft | 14 365 Apps, Microsoft 365 Apps For Enterprise, Office and 11 more | 2026-04-14 | 8.4 High |
| Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-26112 | 1 Microsoft | 11 365 Apps, Excel, Excel 2016 and 8 more | 2026-04-14 | 7.8 High |
| Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-25180 | 1 Microsoft | 32 Office, Office For Android, Windows 10 1607 and 29 more | 2026-04-14 | 5.5 Medium |
| Out-of-bounds read in Microsoft Graphics Component allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-24285 | 1 Microsoft | 30 Office, Office For Android, Windows 10 1607 and 27 more | 2026-04-14 | 7 High |
| Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-21345 | 1 Microsoft | 6 365 Apps, Office, Office 2019 and 3 more | 2026-02-26 | 7.8 High |
| Microsoft Office Visio Remote Code Execution Vulnerability | ||||