Filtered by vendor Microsoft
Subscriptions
Total
23185 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-47122 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2026-02-26 | 7.8 High |
| Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-47165 | 1 Microsoft | 11 365 Apps, Excel, Excel 2016 and 8 more | 2026-02-26 | 7.8 High |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-47131 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2026-02-26 | 7.8 High |
| Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-47166 | 1 Microsoft | 4 Sharepoint Enterprise Server, Sharepoint Server, Sharepoint Server 2016 and 1 more | 2026-02-26 | 8.8 High |
| Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | ||||
| CVE-2025-47128 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2026-02-26 | 7.8 High |
| Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-47168 | 1 Microsoft | 14 365 Apps, Office, Office 2019 and 11 more | 2026-02-26 | 7.8 High |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-47126 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2026-02-26 | 7.8 High |
| Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-47169 | 1 Microsoft | 14 365 Apps, Office, Office 2019 and 11 more | 2026-02-26 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-47099 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2026-02-26 | 7.8 High |
| InCopy versions 20.3, 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-47170 | 1 Microsoft | 4 365 Apps, Office 2024, Office Long Term Servicing Channel and 1 more | 2026-02-26 | 7.8 High |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-47171 | 1 Microsoft | 9 365 Apps, Office, Office 2019 and 6 more | 2026-02-26 | 6.7 Medium |
| Improper input validation in Microsoft Office Outlook allows an authorized attacker to execute code locally. | ||||
| CVE-2025-47097 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2026-02-26 | 7.8 High |
| InCopy versions 20.3, 19.5.3 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-47172 | 1 Microsoft | 4 Sharepoint Enterprise Server, Sharepoint Server, Sharepoint Server 2016 and 1 more | 2026-02-26 | 8.8 High |
| Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | ||||
| CVE-2025-47098 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2026-02-26 | 7.8 High |
| InCopy versions 20.3, 19.5.3 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-47173 | 1 Microsoft | 9 365 Apps, Office, Office 2016 and 6 more | 2026-02-26 | 7.8 High |
| Improper input validation in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-47175 | 1 Microsoft | 11 365 Apps, Office, Office 2016 and 8 more | 2026-02-26 | 7.8 High |
| Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-47176 | 1 Microsoft | 5 365 Apps, Office, Office 2024 and 2 more | 2026-02-26 | 7.8 High |
| '.../...//' in Microsoft Office Outlook allows an authorized attacker to execute code locally. | ||||
| CVE-2025-47968 | 1 Microsoft | 1 Autoupdate | 2026-02-26 | 7.8 High |
| Improper input validation in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-30327 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2026-02-26 | 7.8 High |
| InCopy versions 20.2, 19.5.3 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-52521 | 2 Microsoft, Trendmicro | 3 Windows, Maximum Security 2022, Maximum Security 2023 | 2026-02-26 | 7.8 High |
| Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own. | ||||