VYPR

Word

by Microsoft

CVEs (269)

  • CVE-2006-0935Feb 28, 2006
    risk 0.01cvss epss 0.06

    Microsoft Word 2003 allows remote attackers to cause a denial of service (application crash) via a crafted file, as demonstrated by 101_filefuzz.

  • CVE-2005-1683May 20, 2005
    risk 0.01cvss epss 0.15

    Buffer overflow in winword.exe 10.2627.6714 and earlier in Microsoft Word for the Macintosh, before SP3 for Word 2002, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted mcw file.

  • CVE-2005-0558May 2, 2005
    risk 0.01cvss epss 0.15

    Buffer overflow in Microsoft Word 2000, Word 2002, and Word 2003 allows remote attackers to execute arbitrary code via a crafted document.

  • CVE-2002-0619Aug 12, 2002
    risk 0.01cvss epss 0.16

    The Mail Merge Tool in Microsoft Word 2002 for Windows, when Microsoft Access is present on a system, allows remote attackers to execute Visual Basic (VBA) scripts within a mail merge document that is saved in HTML format, aka a "Variant of MS00-071, Word Mail Merge…

  • CVE-2002-1056May 16, 2002
    risk 0.01cvss epss 0.19

    Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word as the email editor, does not block scripts that are used while editing email messages in HTML or Rich Text Format (RTF), which could allow remote attackers to execute arbitrary scripts via an email that the…

  • CVE-2000-0788Oct 20, 2000
    risk 0.01cvss epss 0.08

    The Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic (VBA) scripts in an Access database, which could allow an attacker to execute arbitrary commands.

  • CVE-2026-21511Feb 10, 2026
    risk 0.00cvss epss 0.04

    Deserialization of untrusted data in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network.

  • CVE-2026-20948Jan 13, 2026
    risk 0.00cvss epss 0.01

    Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.

  • CVE-2025-62559Dec 9, 2025
    risk 0.00cvss epss 0.01

    Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

  • CVE-2025-62558Dec 9, 2025
    risk 0.00cvss epss 0.01

    Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

  • CVE-2025-62555Dec 9, 2025
    risk 0.00cvss epss 0.00

    Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

  • CVE-2025-62562Dec 9, 2025
    risk 0.00cvss epss 0.01

    Use after free in Microsoft Office Outlook allows an unauthorized attacker to execute code locally.

  • CVE-2025-59222Oct 14, 2025
    risk 0.00cvss epss 0.00

    Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

  • CVE-2025-59221Oct 14, 2025
    risk 0.00cvss epss 0.00

    Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

  • CVE-2025-54905Sep 9, 2025
    risk 0.00cvss epss 0.01

    Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

  • CVE-2025-53738Aug 12, 2025
    risk 0.00cvss epss 0.00

    Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

  • CVE-2025-53736Aug 12, 2025
    risk 0.00cvss epss 0.00

    Buffer over-read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

  • CVE-2025-53733Aug 12, 2025
    risk 0.00cvss epss 0.00

    Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally.

  • CVE-2025-49703Jul 8, 2025
    risk 0.00cvss epss 0.01

    Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

  • CVE-2025-49700Jul 8, 2025
    risk 0.00cvss epss 0.00

    Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.