273 results (0.004 seconds)

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

10 Jun 2025 — Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47169 • CWE-122: Heap-based Buffer Overflow •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

10 Jun 2025 — Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47168 • CWE-416: Use After Free •

CVSS: 7.6EPSS: 0%CPEs: 4EXPL: 0

08 Apr 2025 — Improper input validation in Microsoft Office Word allows an unauthorized attacker to bypass a security feature over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29816 • CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

08 Apr 2025 — Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27747 • CWE-822: Untrusted Pointer Dereference •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

11 Mar 2025 — Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24079 • CWE-416: Use After Free •

CVSS: 7.0EPSS: 0%CPEs: 3EXPL: 0

11 Mar 2025 — Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24078 • CWE-416: Use After Free •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

10 Dec 2024 — Microsoft Office Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49065 • CWE-125: Out-of-bounds Read •

CVSS: 7.6EPSS: 3%CPEs: 3EXPL: 0

12 Nov 2024 — Microsoft Word Security Feature Bypass Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49033 • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0

13 Feb 2024 — Microsoft Office Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Microsoft Office • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20673 • CWE-693: Protection Mechanism Failure •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

13 Feb 2024 — Microsoft Word Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Microsoft Word This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can r... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21379 • CWE-190: Integer Overflow or Wraparound •