Word
by Microsoft
CVEs (269)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2006-0935 | 0.01 | — | 0.06 | Feb 28, 2006 | Microsoft Word 2003 allows remote attackers to cause a denial of service (application crash) via a crafted file, as demonstrated by 101_filefuzz. | |||
| CVE-2005-1683 | 0.01 | — | 0.15 | May 20, 2005 | Buffer overflow in winword.exe 10.2627.6714 and earlier in Microsoft Word for the Macintosh, before SP3 for Word 2002, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted mcw file. | |||
| CVE-2005-0558 | 0.01 | — | 0.15 | May 2, 2005 | Buffer overflow in Microsoft Word 2000, Word 2002, and Word 2003 allows remote attackers to execute arbitrary code via a crafted document. | |||
| CVE-2002-0619 | 0.01 | — | 0.16 | Aug 12, 2002 | The Mail Merge Tool in Microsoft Word 2002 for Windows, when Microsoft Access is present on a system, allows remote attackers to execute Visual Basic (VBA) scripts within a mail merge document that is saved in HTML format, aka a "Variant of MS00-071, Word Mail Merge… | |||
| CVE-2002-1056 | 0.01 | — | 0.19 | May 16, 2002 | Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word as the email editor, does not block scripts that are used while editing email messages in HTML or Rich Text Format (RTF), which could allow remote attackers to execute arbitrary scripts via an email that the… | |||
| CVE-2000-0788 | 0.01 | — | 0.08 | Oct 20, 2000 | The Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic (VBA) scripts in an Access database, which could allow an attacker to execute arbitrary commands. | |||
| CVE-2026-21511 | 0.00 | — | 0.04 | Feb 10, 2026 | Deserialization of untrusted data in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network. | |||
| CVE-2026-20948 | 0.00 | — | 0.01 | Jan 13, 2026 | Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-62559 | 0.00 | — | 0.01 | Dec 9, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-62558 | 0.00 | — | 0.01 | Dec 9, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-62555 | 0.00 | — | 0.00 | Dec 9, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-62562 | 0.00 | — | 0.01 | Dec 9, 2025 | Use after free in Microsoft Office Outlook allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-59222 | 0.00 | — | 0.00 | Oct 14, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-59221 | 0.00 | — | 0.00 | Oct 14, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-54905 | 0.00 | — | 0.01 | Sep 9, 2025 | Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | |||
| CVE-2025-53738 | 0.00 | — | 0.00 | Aug 12, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-53736 | 0.00 | — | 0.00 | Aug 12, 2025 | Buffer over-read in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | |||
| CVE-2025-53733 | 0.00 | — | 0.00 | Aug 12, 2025 | Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-49703 | 0.00 | — | 0.01 | Jul 8, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-49700 | 0.00 | — | 0.00 | Jul 8, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
- CVE-2006-0935Feb 28, 2006risk 0.01cvss —epss 0.06
Microsoft Word 2003 allows remote attackers to cause a denial of service (application crash) via a crafted file, as demonstrated by 101_filefuzz.
- CVE-2005-1683May 20, 2005risk 0.01cvss —epss 0.15
Buffer overflow in winword.exe 10.2627.6714 and earlier in Microsoft Word for the Macintosh, before SP3 for Word 2002, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted mcw file.
- CVE-2005-0558May 2, 2005risk 0.01cvss —epss 0.15
Buffer overflow in Microsoft Word 2000, Word 2002, and Word 2003 allows remote attackers to execute arbitrary code via a crafted document.
- CVE-2002-0619Aug 12, 2002risk 0.01cvss —epss 0.16
The Mail Merge Tool in Microsoft Word 2002 for Windows, when Microsoft Access is present on a system, allows remote attackers to execute Visual Basic (VBA) scripts within a mail merge document that is saved in HTML format, aka a "Variant of MS00-071, Word Mail Merge…
- CVE-2002-1056May 16, 2002risk 0.01cvss —epss 0.19
Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word as the email editor, does not block scripts that are used while editing email messages in HTML or Rich Text Format (RTF), which could allow remote attackers to execute arbitrary scripts via an email that the…
- CVE-2000-0788Oct 20, 2000risk 0.01cvss —epss 0.08
The Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic (VBA) scripts in an Access database, which could allow an attacker to execute arbitrary commands.
- CVE-2026-21511Feb 10, 2026risk 0.00cvss —epss 0.04
Deserialization of untrusted data in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network.
- CVE-2026-20948Jan 13, 2026risk 0.00cvss —epss 0.01
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-62559Dec 9, 2025risk 0.00cvss —epss 0.01
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-62558Dec 9, 2025risk 0.00cvss —epss 0.01
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-62555Dec 9, 2025risk 0.00cvss —epss 0.00
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-62562Dec 9, 2025risk 0.00cvss —epss 0.01
Use after free in Microsoft Office Outlook allows an unauthorized attacker to execute code locally.
- CVE-2025-59222Oct 14, 2025risk 0.00cvss —epss 0.00
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-59221Oct 14, 2025risk 0.00cvss —epss 0.00
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-54905Sep 9, 2025risk 0.00cvss —epss 0.01
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
- CVE-2025-53738Aug 12, 2025risk 0.00cvss —epss 0.00
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-53736Aug 12, 2025risk 0.00cvss —epss 0.00
Buffer over-read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
- CVE-2025-53733Aug 12, 2025risk 0.00cvss —epss 0.00
Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-49703Jul 8, 2025risk 0.00cvss —epss 0.01
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-49700Jul 8, 2025risk 0.00cvss —epss 0.00
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Page 12 of 14