📦 Office
by Microsoft
🔍 What is Office?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
A heap-based buffer overflow vulnerability in Microsoft Graphics Component allows remote attackers to execute arbitrary code on vulnerable systems. This affects systems running Microsoft Windows with ...
A heap-based buffer overflow vulnerability in Windows GDI+ allows remote attackers to execute arbitrary code on affected systems. This vulnerability affects Windows systems with GDI+ components and ca...
This vulnerability allows attackers to bypass Microsoft Office security features, potentially enabling malicious code execution without user interaction. It affects Microsoft Office applications on Wi...
CVE-2023-23397 is a critical elevation of privilege vulnerability in Microsoft Outlook that allows attackers to steal NTLM hashes without user interaction. When exploited, it enables credential theft ...
A remote code execution vulnerability in Microsoft Word allows attackers to execute arbitrary code by tricking users into opening malicious files. This affects users of Microsoft Word who open special...
This vulnerability allows attackers to spoof identities or data in Microsoft Office Outlook by exploiting insecure deserialization of untrusted data. Organizations using affected Outlook versions are ...
A heap-based buffer overflow vulnerability in Microsoft Office Excel allows local attackers to execute arbitrary code with elevated privileges. This affects users who open malicious Excel files. The v...
This vulnerability in Microsoft Office allows an attacker to bypass local security features by manipulating untrusted inputs. It affects users running vulnerable versions of Microsoft Office applicati...
This CVE describes a use-after-free vulnerability in Microsoft Office that allows an unauthorized attacker to execute arbitrary code on a victim's system. Attackers can exploit this by tricking users ...
This vulnerability allows an attacker to execute arbitrary code on a victim's system by exploiting an untrusted pointer dereference in Microsoft Excel. Attackers can achieve this by tricking users int...
An integer underflow vulnerability in Microsoft Office Excel allows attackers to execute arbitrary code on affected systems by opening specially crafted Excel files. This affects users running vulnera...
This vulnerability allows an attacker to execute arbitrary code on a victim's system by exploiting an out-of-bounds read in Microsoft Excel. Users who open malicious Excel files are affected, potentia...
This vulnerability allows an unauthorized attacker to execute arbitrary code on a local system by exploiting an untrusted pointer dereference in Microsoft Office Word. Attackers can achieve this by tr...
This vulnerability is a use-after-free memory corruption flaw in Microsoft Office Excel that allows an attacker to execute arbitrary code on a victim's system by tricking them into opening a malicious...
This CVE describes a use-after-free vulnerability in Microsoft Office that allows an unauthorized attacker to execute arbitrary code on a victim's system. Attackers can exploit this by tricking users ...
This vulnerability allows an unauthorized attacker to execute arbitrary code on a local system by exploiting an untrusted search path in Microsoft Office. Attackers can place malicious DLLs in directo...
CVE-2025-62199 is a use-after-free vulnerability in Microsoft Office that allows an attacker to execute arbitrary code on a victim's system by tricking them into opening a malicious Office document. T...
This vulnerability allows an attacker to execute arbitrary code on a victim's system by exploiting an untrusted pointer dereference in Microsoft Excel. Attackers can achieve this by tricking users int...
A heap-based buffer overflow vulnerability in Microsoft Office Excel allows attackers to execute arbitrary code on a victim's system by tricking them into opening a malicious Excel file. This affects ...
An out-of-bounds read vulnerability in Microsoft Office Excel allows an attacker to read memory contents beyond intended boundaries, potentially exposing sensitive information. This affects users who ...
This vulnerability is a use-after-free flaw in Microsoft Office Excel that allows an unauthorized attacker to execute arbitrary code on a victim's system by tricking them into opening a malicious Exce...
This vulnerability is an out-of-bounds read flaw in Microsoft Excel that allows an attacker to read memory contents they shouldn't have access to. Attackers could exploit this by tricking users into o...
This vulnerability allows an attacker to read memory outside the intended buffer in Microsoft Excel, potentially leading to information disclosure or remote code execution. Users who open malicious Ex...
This vulnerability in Microsoft Office involves a use-after-free memory corruption issue that allows an attacker to execute arbitrary code on a victim's system. Attackers can exploit this by tricking ...
This vulnerability is a use-after-free memory corruption flaw in Microsoft Office PowerPoint that allows an unauthorized attacker to execute arbitrary code on a victim's system. Attackers can exploit ...
A heap-based buffer overflow vulnerability in Microsoft Office Excel allows attackers to execute arbitrary code on affected systems by tricking users into opening malicious Excel files. This affects a...
An out-of-bounds read vulnerability in Microsoft Office Excel allows attackers to execute arbitrary code on affected systems by tricking users into opening malicious Excel files. This affects users ru...
This vulnerability is a use-after-free memory corruption flaw in Microsoft Office Excel that allows an attacker to execute arbitrary code on a victim's system by tricking them into opening a malicious...
This vulnerability is a use-after-free memory corruption flaw in Microsoft Office Excel that allows an unauthorized attacker to execute arbitrary code on a victim's system. Attackers can exploit this ...
This vulnerability allows an attacker to execute arbitrary code on a victim's system by exploiting an out-of-bounds read in Microsoft Excel. Attackers can achieve this by tricking users into opening a...
A type confusion vulnerability in Microsoft Office Excel allows attackers to execute arbitrary code on a victim's system by tricking them into opening a malicious Excel file. This affects all users ru...
A heap-based buffer overflow vulnerability in Microsoft Office Excel allows attackers to execute arbitrary code on affected systems by tricking users into opening malicious Excel files. This affects a...
A type conversion vulnerability in Microsoft Office Word allows attackers to execute arbitrary code on vulnerable systems by tricking users into opening malicious documents. This affects all users run...
This vulnerability is a use-after-free memory corruption flaw in Microsoft Office Excel that allows an attacker to execute arbitrary code on a victim's system by tricking them into opening a malicious...
A heap-based buffer overflow vulnerability in Microsoft Office Excel allows attackers to execute arbitrary code on vulnerable systems by tricking users into opening malicious Excel files. This affects...
A use-after-free vulnerability in Microsoft Office allows attackers to execute arbitrary code on a victim's system by tricking them into opening a malicious document. This affects all users running vu...
A use-after-free vulnerability in Microsoft Office Excel allows attackers to execute arbitrary code on a victim's system by tricking them into opening a malicious Excel file. This affects all users ru...
A type confusion vulnerability in Microsoft Office allows attackers to execute arbitrary code on vulnerable systems by tricking users into opening malicious documents. This affects users running unpat...
This vulnerability is a use-after-free flaw in Microsoft Office Word that allows an attacker to execute arbitrary code on a victim's system by tricking them into opening a malicious document. It affec...
A use-after-free vulnerability in Microsoft Office Word allows attackers to execute arbitrary code on affected systems by tricking users into opening malicious documents. This affects users running vu...
This vulnerability allows an attacker to read memory outside the intended buffer in Microsoft Office applications, potentially leading to local code execution. Users who open malicious Office document...
A use-after-free vulnerability in Microsoft Office Word allows attackers to execute arbitrary code on a victim's system by tricking them into opening a malicious document. This affects users running v...
A use-after-free vulnerability in Microsoft Office allows attackers to execute arbitrary code on affected systems by tricking users into opening malicious documents. This affects all users running vul...
A heap-based buffer overflow vulnerability in Microsoft Office allows attackers to execute arbitrary code on affected systems by tricking users into opening malicious documents. This affects all users...
A buffer over-read vulnerability in Microsoft Office Excel allows attackers to read beyond allocated memory boundaries, potentially leading to information disclosure or remote code execution. This aff...
This vulnerability allows an unauthorized attacker to read memory outside the intended buffer in Microsoft Excel, potentially exposing sensitive information. It affects users who open malicious Excel ...
This vulnerability in Microsoft Office Excel allows an attacker to exploit improper input validation to access sensitive information from the local system. Users who open malicious Excel files are aff...
This vulnerability in Microsoft Office Excel allows an unauthorized local attacker to access sensitive information from Excel files. It affects users running vulnerable versions of Excel who open mali...
CVE-2025-53799 is an information disclosure vulnerability in Windows Imaging Component where uninitialized memory resources can be accessed by a local attacker. This allows reading of potentially sens...
This vulnerability allows an attacker to read memory outside the intended buffer in Microsoft Excel, potentially exposing sensitive information from the application's memory. It affects users who open...
Microsoft Outlook contains a remote code execution vulnerability that allows attackers to execute arbitrary code on a victim's system by sending a specially crafted email. This affects users running v...
This vulnerability in Microsoft Office allows attackers to execute arbitrary code on a victim's system by tricking them into opening a specially crafted document. It affects users of Microsoft Office ...
This Microsoft Office spoofing vulnerability allows attackers to craft malicious documents that appear legitimate to users. It affects users who open untrusted Office documents, potentially leading to...
This is a memory information disclosure vulnerability in Microsoft Excel where specially crafted documents can leak memory contents. Attackers could use leaked information to compromise systems or dat...
This CVE describes an information disclosure vulnerability in Microsoft Office where uninitialized memory could be read when opening specially crafted files. Attackers could exploit this to view out-o...
This CVE describes an information disclosure vulnerability in Microsoft Outlook where files attached as links to emails could be accessed by unauthorized users. Attackers could share email attachments...
This is an information disclosure vulnerability in Microsoft Word where specially crafted documents can leak memory contents when opened. Attackers could potentially use leaked information to further ...
This is a remote code execution vulnerability in Microsoft Outlook where specially crafted files can trigger memory handling errors, allowing attackers to run arbitrary code as the current user. Users...
This CVE-2019-1153 is an information disclosure vulnerability in Microsoft Windows Graphics Component that allows an attacker to read memory contents they shouldn't access. It affects Windows systems ...
CVE-2019-1148 is an information disclosure vulnerability in Microsoft Windows Graphics Component that allows authenticated attackers to read memory contents they shouldn't access. This affects Windows...