VYPR

Word

by Microsoft

CVEs (269)

  • CVE-2016-7268HigDec 20, 2016
    risk 0.48cvss 7.1epss 0.23

    Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word Viewer, Word for Mac 2011, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from process memory…

  • CVE-2026-41101HigMay 12, 2026
    risk 0.46cvss 7.1epss 0.00

    Improper access control in Microsoft Office Word allows an authorized attacker to perform spoofing locally.

  • CVE-2026-26133HigMar 16, 2026
    risk 0.46cvss 7.1epss 0.00

    AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.

  • CVE-2016-7233MedNov 10, 2016
    risk 0.44cvss 6.5epss 0.22

    Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Excel for Mac 2011, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2013 SP1, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information…

  • CVE-2018-8160MedMay 9, 2018
    risk 0.43cvss 6.5epss 0.08

    An information disclosure vulnerability exists in Outlook when a message is opened, aka "Microsoft Outlook Information Disclosure Vulnerability." This affects Word, Microsoft Office.

  • CVE-2018-0950MedApr 12, 2018
    risk 0.43cvss 6.5epss 0.09

    An information disclosure vulnerability exists when Office renders Rich Text Format (RTF) email messages containing OLE objects when a message is opened or previewed, aka "Microsoft Office Information Disclosure Vulnerability." This affects Microsoft Word, Microsoft Office. This…

  • CVE-2017-0105MedMar 17, 2017
    risk 0.38cvss 5.5epss 0.30

    Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from out-of-bound memory via a…

  • CVE-2016-3234MedJun 16, 2016
    risk 0.38cvss 5.5epss 0.26

    Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1…

  • CVE-2017-0029MedMar 17, 2017
    risk 0.37cvss 5.5epss 0.16

    Microsoft Office 2010 SP2, Word 2010 SP2, Word 2013 RT SP1, and Word 2016 allow remote attackers to cause a denial of service (application hang) via a crafted Office document, aka "Microsoft Office Denial of Service Vulnerability."

  • CVE-2016-3279MedJul 13, 2016
    risk 0.37cvss 5.5epss 0.16

    Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Excel 2016, Word 2016, Word Automation Services on SharePoint Server 2010 SP2, and…

  • CVE-2026-35440MedMay 12, 2026
    risk 0.36cvss 5.5epss 0.00

    Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

  • CVE-2023-36009MedDec 12, 2023
    risk 0.36cvss 5.5epss 0.01

    Microsoft Word Information Disclosure Vulnerability

  • CVE-2022-41103MedNov 9, 2022
    risk 0.36cvss 5.5epss 0.01

    Microsoft Word Information Disclosure Vulnerability

  • CVE-2022-41060MedNov 9, 2022
    risk 0.36cvss 5.5epss 0.01

    Microsoft Word Information Disclosure Vulnerability

  • CVE-2022-29107MedMay 10, 2022
    risk 0.36cvss 5.5epss 0.03

    Microsoft Office Security Feature Bypass Vulnerability

  • CVE-2022-24511MedMar 9, 2022
    risk 0.36cvss 5.5epss 0.01

    Microsoft Office Word Tampering Vulnerability

  • CVE-2022-24462MedMar 9, 2022
    risk 0.36cvss 5.5epss 0.02

    Microsoft Word Security Feature Bypass Vulnerability

  • CVE-2018-8378MedAug 15, 2018
    risk 0.36cvss 5.5epss 0.07

    An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Office Information Disclosure Vulnerability." This affects Word, Microsoft…

  • CVE-2016-0012MedJan 13, 2016
    risk 0.29cvss 4.3epss 0.11

    Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, Word 2013 SP1, Excel 2013 RT…

  • CVE-2026-40421MedMay 12, 2026
    risk 0.28cvss 4.3epss 0.01

    Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

Page 4 of 14