258 results (0.002 seconds)

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

13 May 2025 — Out-of-bounds read in Microsoft Office Outlook allows an unauthorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32705 • CWE-125: Out-of-bounds Read •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

13 May 2025 — Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29978 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

14 Jan 2025 — Microsoft Office Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21365 • CWE-426: Untrusted Search Path •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

14 Jan 2025 — Microsoft Excel Security Feature Bypass Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21364 • CWE-502: Deserialization of Untrusted Data •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

14 Jan 2025 — Microsoft Office Visio Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21356 • CWE-122: Heap-based Buffer Overflow CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

14 Jan 2025 — Microsoft Office Visio Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21345 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

08 Oct 2024 — Microsoft Office Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43616 • CWE-426: Untrusted Search Path •

CVSS: 7.8EPSS: 1%CPEs: 4EXPL: 0

08 Oct 2024 — Microsoft Office Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43576 • CWE-426: Untrusted Search Path •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

08 Oct 2024 — Microsoft Office Visio Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43505 • CWE-357: Insufficient UI Warning of Dangerous Operations •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

13 Aug 2024 — Microsoft Office Visio Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Visio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of VSDX files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object.... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38169 • CWE-122: Heap-based Buffer Overflow •