Office For Mac
by Microsoft
CVEs (254)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-36041 | Hig | 0.55 | 7.8 | 0.57 | Nov 14, 2023 | Microsoft Excel Remote Code Execution Vulnerability | ||
| CVE-2023-32029 | Hig | 0.55 | 7.8 | 0.54 | Jun 14, 2023 | Microsoft Excel Remote Code Execution Vulnerability | ||
| CVE-2023-33133 | Hig | 0.54 | 7.8 | 0.44 | Jun 14, 2023 | Microsoft Excel Remote Code Execution Vulnerability | ||
| CVE-2023-28311 | Hig | 0.54 | 7.8 | 0.03 | Apr 11, 2023 | Microsoft Word Remote Code Execution Vulnerability | ||
| CVE-2023-28285 | Hig | 0.54 | 7.8 | 0.03 | Apr 11, 2023 | Microsoft Office Remote Code Execution Vulnerability | ||
| CVE-2023-23399 | Hig | 0.54 | 7.8 | 0.03 | Mar 14, 2023 | Microsoft Excel Remote Code Execution Vulnerability | ||
| CVE-2016-7298 | Hig | 0.53 | 7.8 | 0.23 | Dec 20, 2016 | Microsoft Office 2007 SP3, Office 2010 SP2, Word Viewer, Office for Mac 2011, and Office 2016 for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." | ||
| CVE-2017-11825 | Hig | 0.52 | 7.8 | 0.22 | Oct 13, 2017 | Microsoft Office 2016 Click-to-Run (C2R) and Microsoft Office 2016 for Mac allow an attacker to use a specially crafted file to perform actions in the security context of the current user, due to how Microsoft Office handles files in memory, aka "Microsoft Office Remote Code… | ||
| CVE-2025-62199 | Hig | 0.51 | 7.8 | 0.01 | Nov 11, 2025 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-59234 | Hig | 0.51 | 7.8 | 0.01 | Oct 14, 2025 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-59227 | Hig | 0.51 | 7.8 | 0.00 | Oct 14, 2025 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-53732 | Hig | 0.51 | 7.8 | 0.00 | Aug 12, 2025 | Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-49702 | Hig | 0.51 | 7.8 | 0.01 | Jul 8, 2025 | Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-30388 | Hig | 0.51 | 7.8 | 0.03 | May 13, 2025 | Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-21402 | Hig | 0.51 | 7.8 | 0.01 | Jan 14, 2025 | Microsoft Office OneNote Remote Code Execution Vulnerability | ||
| CVE-2025-21361 | Hig | 0.51 | 7.8 | 0.01 | Jan 14, 2025 | Microsoft Outlook Remote Code Execution Vulnerability | ||
| CVE-2025-21338 | Hig | 0.51 | 7.8 | 0.00 | Jan 14, 2025 | GDI+ Remote Code Execution Vulnerability | ||
| CVE-2024-38250 | Hig | 0.51 | 7.8 | 0.01 | Sep 10, 2024 | Windows Graphics Component Elevation of Privilege Vulnerability | ||
| CVE-2024-26257 | Hig | 0.51 | 7.8 | 0.01 | Apr 9, 2024 | Microsoft Excel Remote Code Execution Vulnerability | ||
| CVE-2024-20677 | Hig | 0.51 | 7.8 | 0.03 | Jan 9, 2024 | A security vulnerability exists in FBX that could lead to remote code execution. To mitigate this vulnerability, the ability to insert FBX files has been disabled in Word, Excel, PowerPoint and Outlook for Windows and Mac. Versions of Office that had this feature enabled will no… |
- risk 0.55cvss 7.8epss 0.57
Microsoft Excel Remote Code Execution Vulnerability
- risk 0.55cvss 7.8epss 0.54
Microsoft Excel Remote Code Execution Vulnerability
- risk 0.54cvss 7.8epss 0.44
Microsoft Excel Remote Code Execution Vulnerability
- risk 0.54cvss 7.8epss 0.03
Microsoft Word Remote Code Execution Vulnerability
- risk 0.54cvss 7.8epss 0.03
Microsoft Office Remote Code Execution Vulnerability
- risk 0.54cvss 7.8epss 0.03
Microsoft Excel Remote Code Execution Vulnerability
- risk 0.53cvss 7.8epss 0.23
Microsoft Office 2007 SP3, Office 2010 SP2, Word Viewer, Office for Mac 2011, and Office 2016 for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
- risk 0.52cvss 7.8epss 0.22
Microsoft Office 2016 Click-to-Run (C2R) and Microsoft Office 2016 for Mac allow an attacker to use a specially crafted file to perform actions in the security context of the current user, due to how Microsoft Office handles files in memory, aka "Microsoft Office Remote Code…
- risk 0.51cvss 7.8epss 0.01
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.01
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.00
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.00
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.01
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.03
Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.01
Microsoft Office OneNote Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.01
Microsoft Outlook Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.00
GDI+ Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.01
Windows Graphics Component Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.01
Microsoft Excel Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.03
A security vulnerability exists in FBX that could lead to remote code execution. To mitigate this vulnerability, the ability to insert FBX files has been disabled in Word, Excel, PowerPoint and Outlook for Windows and Mac. Versions of Office that had this feature enabled will no…
Page 2 of 13