Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Office
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 933 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-07-08 | CVE-2025-49697 | Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | 365_apps, Office, Office_long_term_servicing_channel, Office_online_server | 8.4 | ||
| 2025-07-08 | CVE-2025-49698 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | 365_apps, Office, Office_long_term_servicing_channel, Word | 7.8 | ||
| 2025-07-08 | CVE-2025-49699 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | 365_apps, Office, Office_long_term_servicing_channel, Outlook, Powerpoint, Word | 7.0 | ||
| 2025-07-08 | CVE-2025-49700 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | 365_apps, Office, Office_long_term_servicing_channel, Word | N/A | ||
| 2025-07-08 | CVE-2025-49711 | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | 365_apps, Excel, Office, Office_long_term_servicing_channel, Office_online_server | 7.8 | ||
| 2025-04-08 | CVE-2025-26642 | Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally. | 365_apps, Access, Excel, Office, Office_long_term_servicing_channel, Office_online_server, Sharepoint_server | N/A | ||
| 2025-04-08 | CVE-2025-26642 | Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally. | 365_apps, Access, Excel, Office, Office_long_term_servicing_channel, Office_online_server, Sharepoint_server | N/A | ||
| 2025-04-08 | CVE-2025-26687 | Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network. | Office, Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025 | N/A | ||
| 2025-04-08 | CVE-2025-26687 | Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network. | Office, Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025 | N/A | ||
| 2025-04-08 | CVE-2025-27744 | Improper access control in Microsoft Office allows an authorized attacker to elevate privileges locally. | Office | 7.8 |