VYPR

Office

by Microsoft

CVEs (1,070)

  • CVE-2026-45485LowJun 9, 2026
    risk 0.21cvss 3.3epss 0.00

    Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

  • CVE-2026-45459LowJun 9, 2026
    risk 0.21cvss 3.3epss 0.00

    Protection mechanism failure in Microsoft Office Excel allows an unauthorized attacker to bypass a security feature locally.

  • CVE-2023-29333LowMay 9, 2023
    risk 0.21cvss 3.3epss 0.01

    Microsoft Access Denial of Service Vulnerability

  • CVE-2024-21413KEVFeb 13, 2024
    risk 0.19cvss epss 0.95

    Microsoft Outlook Remote Code Execution Vulnerability

  • CVE-2024-38189KEVAug 13, 2024
    risk 0.15cvss epss 0.08

    Microsoft Project Remote Code Execution Vulnerability

  • CVE-2026-21509KEVJan 26, 2026
    risk 0.13cvss epss 0.72

    Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a security feature locally.

  • CVE-2026-21514KEVFeb 10, 2026
    risk 0.12cvss epss 0.02

    Reliance on untrusted inputs in a security decision in Microsoft Office Word allows an unauthorized attacker to bypass a security feature locally.

  • CVE-2024-38226KEVSep 10, 2024
    risk 0.12cvss epss 0.03

    Microsoft Publisher Security Feature Bypass Vulnerability

  • CVE-2011-0105Apr 13, 2011
    risk 0.09cvss epss 0.71

    Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac obtain a certain length value from an uninitialized memory location, which allows remote attackers to trigger a buffer overflow and execute arbitrary code via a crafted Excel file,…

  • CVE-2010-0822Jun 8, 2010
    risk 0.09cvss epss 0.70

    Stack-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with a crafted OBJ (0x5D) record, aka "Excel Object Stack…

  • CVE-2024-38200Aug 8, 2024
    risk 0.08cvss epss 0.20

    Microsoft Office Spoofing Vulnerability

  • CVE-2009-1136Jul 15, 2009
    risk 0.08cvss epss 0.62

    The Microsoft Office Web Components Spreadsheet ActiveX control (aka OWC10 or OWC11), as distributed in Office XP SP3 and Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet…

  • CVE-2005-2127Aug 19, 2005
    risk 0.08cvss epss 0.64

    Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet…

  • CVE-2003-0347Oct 20, 2003
    risk 0.08cvss epss 0.52

    Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications (VBA) SDK 5.0 through 6.3 allows remote attackers to execute arbitrary code via a document with a long ID parameter.

  • CVE-2011-0104Apr 13, 2011
    risk 0.07cvss epss 0.53

    Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HLink record in an Excel file, aka "Excel Buffer…

  • CVE-2009-1534Aug 12, 2009
    risk 0.07cvss epss 0.52

    Buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2000 Web Components SP3, Office XP Web Components SP3, BizTalk Server 2002, and Visual Studio .NET 2003 SP1 allows remote attackers to execute arbitrary code via crafted property…

  • CVE-2008-3013Sep 11, 2008
    risk 0.07cvss epss 0.52

    gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital…

  • CVE-2007-5348Sep 11, 2008
    risk 0.07cvss epss 0.53

    Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8,…

  • CVE-2008-1898Apr 21, 2008
    risk 0.07cvss epss 0.52

    A certain ActiveX control in WkImgSrv.dll 7.03.0616.0, as distributed in Microsoft Works 7 and Microsoft Office 2003 and 2007, allows remote attackers to execute arbitrary code or cause a denial of service (browser crash) via an invalid WksPictureInterface property value, which…

  • CVE-2008-0111Mar 11, 2008
    risk 0.07cvss epss 0.51

    Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2007, Viewer 2003, Compatibility Pack, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted data validation records, aka "Excel Data Validation Record Vulnerability."

Page 28 of 54