Office For Mac
by Microsoft
CVEs (254)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-21716 | Cri | 0.70 | 9.8 | 0.82 | Feb 14, 2023 | Microsoft Word Remote Code Execution Vulnerability | ||
| CVE-2013-1331 | Hig | 0.69 | 7.8 | 0.82 | KEV | Jun 12, 2013 | Buffer overflow in Microsoft Office 2003 SP3 and Office 2011 for Mac allows remote attackers to execute arbitrary code via crafted PNG data in an Office document, leading to improper memory allocation, aka "Office Buffer Overflow Vulnerability." | |
| CVE-2009-0563 | Hig | 0.68 | 7.8 | 0.63 | KEV | Jun 10, 2009 | Stack-based buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; Microsoft Office Word Viewer 2003 SP3; Microsoft Office Word Viewer; and Microsoft Office Compatibility… | |
| CVE-2025-60724 | Cri | 0.64 | 9.8 | 0.06 | Nov 11, 2025 | Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network. | ||
| CVE-2025-53766 | Cri | 0.64 | 9.8 | 0.07 | Aug 12, 2025 | Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network. | ||
| CVE-2023-21823 | Hig | 0.63 | 7.8 | 0.06 | KEV | Feb 14, 2023 | Windows Graphics Component Remote Code Execution Vulnerability | |
| CVE-2023-29330 | Hig | 0.57 | 8.8 | 0.02 | Aug 8, 2023 | Microsoft Teams Remote Code Execution Vulnerability | ||
| CVE-2023-29328 | Hig | 0.57 | 8.8 | 0.02 | Aug 8, 2023 | Microsoft Teams Remote Code Execution Vulnerability | ||
| CVE-2022-21840 | Hig | 0.57 | 8.8 | 0.03 | Jan 11, 2022 | Microsoft Office Remote Code Execution Vulnerability | ||
| CVE-2026-26110 | Hig | 0.55 | 8.4 | 0.00 | Mar 10, 2026 | Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-62557 | Hig | 0.55 | 8.4 | 0.00 | Dec 9, 2025 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-62554 | Hig | 0.55 | 8.4 | 0.00 | Dec 9, 2025 | Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-49697 | Hig | 0.55 | 8.4 | 0.00 | Jul 8, 2025 | Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-49696 | Hig | 0.55 | 8.4 | 0.01 | Jul 8, 2025 | Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-49695 | Hig | 0.55 | 8.4 | 0.01 | Jul 8, 2025 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-47953 | Hig | 0.55 | 8.4 | 0.00 | Jun 10, 2025 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-47167 | Hig | 0.55 | 8.4 | 0.01 | Jun 10, 2025 | Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-47164 | Hig | 0.55 | 8.4 | 0.01 | Jun 10, 2025 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-47162 | Hig | 0.55 | 8.4 | 0.01 | Jun 10, 2025 | Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-30386 | Hig | 0.55 | 8.4 | 0.01 | May 13, 2025 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. |
- risk 0.70cvss 9.8epss 0.82
Microsoft Word Remote Code Execution Vulnerability
- risk 0.69cvss 7.8epss 0.82
Buffer overflow in Microsoft Office 2003 SP3 and Office 2011 for Mac allows remote attackers to execute arbitrary code via crafted PNG data in an Office document, leading to improper memory allocation, aka "Office Buffer Overflow Vulnerability."
- risk 0.68cvss 7.8epss 0.63
Stack-based buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; Microsoft Office Word Viewer 2003 SP3; Microsoft Office Word Viewer; and Microsoft Office Compatibility…
- risk 0.64cvss 9.8epss 0.06
Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network.
- risk 0.64cvss 9.8epss 0.07
Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network.
- risk 0.63cvss 7.8epss 0.06
Windows Graphics Component Remote Code Execution Vulnerability
- risk 0.57cvss 8.8epss 0.02
Microsoft Teams Remote Code Execution Vulnerability
- risk 0.57cvss 8.8epss 0.02
Microsoft Teams Remote Code Execution Vulnerability
- risk 0.57cvss 8.8epss 0.03
Microsoft Office Remote Code Execution Vulnerability
- risk 0.55cvss 8.4epss 0.00
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.55cvss 8.4epss 0.00
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.55cvss 8.4epss 0.00
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.55cvss 8.4epss 0.00
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.55cvss 8.4epss 0.01
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.55cvss 8.4epss 0.01
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.55cvss 8.4epss 0.00
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.55cvss 8.4epss 0.01
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.55cvss 8.4epss 0.01
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.55cvss 8.4epss 0.01
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.55cvss 8.4epss 0.01
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Page 1 of 13