Word
by Microsoft
CVEs (269)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-49699 | 0.00 | — | 0.00 | Jul 8, 2025 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-49698 | 0.00 | — | 0.01 | Jul 8, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-32717 | 0.00 | — | 0.01 | Jun 10, 2025 | Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-47169 | 0.00 | — | 0.01 | Jun 10, 2025 | Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-47168 | 0.00 | — | 0.01 | Jun 10, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-29816 | 0.00 | — | 0.00 | Apr 8, 2025 | Improper input validation in Microsoft Office Word allows an unauthorized attacker to bypass a security feature over a network. | |||
| CVE-2025-27747 | 0.00 | — | 0.01 | Apr 8, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-24079 | 0.00 | — | 0.01 | Mar 11, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-24078 | 0.00 | — | 0.01 | Mar 11, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-21363 | 0.00 | — | 0.01 | Jan 14, 2025 | Microsoft Word Remote Code Execution Vulnerability | |||
| CVE-2024-41165 | 0.00 | — | 0.01 | Dec 18, 2024 | A library injection vulnerability exists in Microsoft Word 16.83 for macOS. A specially crafted library can leverage Word's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and… | |||
| CVE-2024-49065 | 0.00 | — | 0.01 | Dec 10, 2024 | Microsoft Office Remote Code Execution Vulnerability | |||
| CVE-2024-49033 | 0.00 | — | 0.02 | Nov 12, 2024 | Microsoft Word Security Feature Bypass Vulnerability | |||
| CVE-2024-21379 | 0.00 | — | 0.02 | Feb 13, 2024 | Microsoft Word Remote Code Execution Vulnerability | |||
| CVE-2023-36762 | 0.00 | — | 0.01 | Sep 12, 2023 | Microsoft Word Remote Code Execution Vulnerability | |||
| CVE-2022-26903 | 0.00 | — | 0.02 | Apr 15, 2022 | Windows Graphics Component Remote Code Execution Vulnerability | |||
| CVE-2022-21842 | 0.00 | — | 0.02 | Jan 11, 2022 | Microsoft Word Remote Code Execution Vulnerability | |||
| CVE-2021-40486 | 0.00 | — | 0.06 | Oct 13, 2021 | Microsoft Word Remote Code Execution Vulnerability | |||
| CVE-2021-34452 | 0.00 | — | 0.02 | Jul 16, 2021 | Microsoft Word Remote Code Execution Vulnerability | |||
| CVE-2021-1715 | 0.00 | — | 0.04 | Jan 12, 2021 | Microsoft Word Remote Code Execution Vulnerability |
- CVE-2025-49699Jul 8, 2025risk 0.00cvss —epss 0.00
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- CVE-2025-49698Jul 8, 2025risk 0.00cvss —epss 0.01
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-32717Jun 10, 2025risk 0.00cvss —epss 0.01
Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-47169Jun 10, 2025risk 0.00cvss —epss 0.01
Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-47168Jun 10, 2025risk 0.00cvss —epss 0.01
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-29816Apr 8, 2025risk 0.00cvss —epss 0.00
Improper input validation in Microsoft Office Word allows an unauthorized attacker to bypass a security feature over a network.
- CVE-2025-27747Apr 8, 2025risk 0.00cvss —epss 0.01
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-24079Mar 11, 2025risk 0.00cvss —epss 0.01
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-24078Mar 11, 2025risk 0.00cvss —epss 0.01
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-21363Jan 14, 2025risk 0.00cvss —epss 0.01
Microsoft Word Remote Code Execution Vulnerability
- CVE-2024-41165Dec 18, 2024risk 0.00cvss —epss 0.01
A library injection vulnerability exists in Microsoft Word 16.83 for macOS. A specially crafted library can leverage Word's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and…
- CVE-2024-49065Dec 10, 2024risk 0.00cvss —epss 0.01
Microsoft Office Remote Code Execution Vulnerability
- CVE-2024-49033Nov 12, 2024risk 0.00cvss —epss 0.02
Microsoft Word Security Feature Bypass Vulnerability
- CVE-2024-21379Feb 13, 2024risk 0.00cvss —epss 0.02
Microsoft Word Remote Code Execution Vulnerability
- CVE-2023-36762Sep 12, 2023risk 0.00cvss —epss 0.01
Microsoft Word Remote Code Execution Vulnerability
- CVE-2022-26903Apr 15, 2022risk 0.00cvss —epss 0.02
Windows Graphics Component Remote Code Execution Vulnerability
- CVE-2022-21842Jan 11, 2022risk 0.00cvss —epss 0.02
Microsoft Word Remote Code Execution Vulnerability
- CVE-2021-40486Oct 13, 2021risk 0.00cvss —epss 0.06
Microsoft Word Remote Code Execution Vulnerability
- CVE-2021-34452Jul 16, 2021risk 0.00cvss —epss 0.02
Microsoft Word Remote Code Execution Vulnerability
- CVE-2021-1715Jan 12, 2021risk 0.00cvss —epss 0.04
Microsoft Word Remote Code Execution Vulnerability
Page 13 of 14