Office Word
by Microsoft
CVEs (56)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-54905 | 0.00 | — | 0.01 | Sep 9, 2025 | Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | |||
| CVE-2025-53784 | 0.00 | — | 0.00 | Aug 12, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-53738 | 0.00 | — | 0.00 | Aug 12, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-53736 | 0.00 | — | 0.00 | Aug 12, 2025 | Buffer over-read in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | |||
| CVE-2025-53733 | 0.00 | — | 0.00 | Aug 12, 2025 | Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-49703 | 0.00 | — | 0.01 | Jul 8, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-49700 | 0.00 | — | 0.00 | Jul 8, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-49698 | 0.00 | — | 0.01 | Jul 8, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-47170 | 0.00 | — | 0.01 | Jun 10, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-47169 | 0.00 | — | 0.01 | Jun 10, 2025 | Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-47168 | 0.00 | — | 0.01 | Jun 10, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-29816 | 0.00 | — | 0.00 | Apr 8, 2025 | Improper input validation in Microsoft Office Word allows an unauthorized attacker to bypass a security feature over a network. | |||
| CVE-2025-29820 | 0.00 | — | 0.01 | Apr 8, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-27747 | 0.00 | — | 0.01 | Apr 8, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-24079 | 0.00 | — | 0.01 | Mar 11, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-24077 | 0.00 | — | 0.01 | Mar 11, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
- CVE-2025-54905Sep 9, 2025risk 0.00cvss —epss 0.01
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
- CVE-2025-53784Aug 12, 2025risk 0.00cvss —epss 0.00
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-53738Aug 12, 2025risk 0.00cvss —epss 0.00
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-53736Aug 12, 2025risk 0.00cvss —epss 0.00
Buffer over-read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
- CVE-2025-53733Aug 12, 2025risk 0.00cvss —epss 0.00
Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-49703Jul 8, 2025risk 0.00cvss —epss 0.01
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-49700Jul 8, 2025risk 0.00cvss —epss 0.00
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-49698Jul 8, 2025risk 0.00cvss —epss 0.01
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-47170Jun 10, 2025risk 0.00cvss —epss 0.01
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-47169Jun 10, 2025risk 0.00cvss —epss 0.01
Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-47168Jun 10, 2025risk 0.00cvss —epss 0.01
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-29816Apr 8, 2025risk 0.00cvss —epss 0.00
Improper input validation in Microsoft Office Word allows an unauthorized attacker to bypass a security feature over a network.
- CVE-2025-29820Apr 8, 2025risk 0.00cvss —epss 0.01
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-27747Apr 8, 2025risk 0.00cvss —epss 0.01
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-24079Mar 11, 2025risk 0.00cvss —epss 0.01
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-24077Mar 11, 2025risk 0.00cvss —epss 0.01
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Page 3 of 3