Office For Mac
by Microsoft
CVEs (254)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-37962 | Hig | 0.51 | 7.8 | 0.01 | Sep 13, 2022 | Microsoft PowerPoint Remote Code Execution Vulnerability | ||
| CVE-2022-26901 | Hig | 0.51 | 7.8 | 0.03 | Apr 15, 2022 | Microsoft Excel Remote Code Execution Vulnerability | ||
| CVE-2022-24473 | Hig | 0.51 | 7.8 | 0.02 | Apr 15, 2022 | Microsoft Excel Remote Code Execution Vulnerability | ||
| CVE-2022-22003 | Hig | 0.51 | 7.8 | 0.02 | Feb 9, 2022 | Microsoft Office Graphics Remote Code Execution Vulnerability | ||
| CVE-2022-21841 | Hig | 0.51 | 7.8 | 0.03 | Jan 11, 2022 | Microsoft Excel Remote Code Execution Vulnerability | ||
| CVE-2025-26687 | Hig | 0.49 | 7.5 | 0.01 | Apr 8, 2025 | Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network. | ||
| CVE-2022-44713 | Hig | 0.49 | 7.5 | 0.01 | Dec 13, 2022 | Microsoft Outlook for Mac Spoofing Vulnerability | ||
| CVE-2023-36762 | Hig | 0.48 | 7.3 | 0.01 | Sep 12, 2023 | Microsoft Word Remote Code Execution Vulnerability | ||
| CVE-2016-7276 | Hig | 0.48 | 7.1 | 0.25 | Dec 20, 2016 | Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office for Mac 2011, and Office 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka "Microsoft Office… | ||
| CVE-2023-36565 | Hig | 0.46 | 7.0 | 0.00 | Oct 10, 2023 | Microsoft Office Graphics Elevation of Privilege Vulnerability | ||
| CVE-2016-7257 | Med | 0.44 | 6.5 | 0.23 | Dec 20, 2016 | The GDI component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Office for Mac 2011, and Office 2016 for Mac allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "GDI Information Disclosure… | ||
| CVE-2018-0819 | Med | 0.43 | 6.5 | 0.06 | Jan 10, 2018 | Microsoft Office 2016 for Mac allows an attacker to send a specially crafted email attachment to a user in an attempt to launch a social engineering attack, such as phishing, due to how Outlook for Mac displays encoded email addresses, aka "Spoofing Vulnerability in Microsoft… | ||
| CVE-2022-26934 | Med | 0.42 | 6.5 | 0.03 | May 10, 2022 | Windows Graphics Component Information Disclosure Vulnerability | ||
| CVE-2023-36009 | Med | 0.36 | 5.5 | 0.01 | Dec 12, 2023 | Microsoft Word Information Disclosure Vulnerability | ||
| CVE-2023-33162 | Med | 0.36 | 5.5 | 0.01 | Jul 11, 2023 | Microsoft Excel Information Disclosure Vulnerability | ||
| CVE-2022-24511 | Med | 0.36 | 5.5 | 0.01 | Mar 9, 2022 | Microsoft Office Word Tampering Vulnerability | ||
| CVE-2022-22716 | Med | 0.36 | 5.5 | 0.05 | Feb 9, 2022 | Microsoft Excel Information Disclosure Vulnerability | ||
| CVE-2023-35619 | Med | 0.35 | 5.3 | 0.01 | Dec 12, 2023 | Microsoft Outlook for Mac Spoofing Vulnerability | ||
| CVE-2023-36767 | Med | 0.28 | 4.3 | 0.03 | Sep 12, 2023 | Microsoft Office Security Feature Bypass Vulnerability | ||
| CVE-2022-41043 | Low | 0.22 | 3.3 | 0.01 | Oct 11, 2022 | Microsoft Office Information Disclosure Vulnerability |
- risk 0.51cvss 7.8epss 0.01
Microsoft PowerPoint Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.03
Microsoft Excel Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.02
Microsoft Excel Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.02
Microsoft Office Graphics Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.03
Microsoft Excel Remote Code Execution Vulnerability
- risk 0.49cvss 7.5epss 0.01
Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network.
- risk 0.49cvss 7.5epss 0.01
Microsoft Outlook for Mac Spoofing Vulnerability
- risk 0.48cvss 7.3epss 0.01
Microsoft Word Remote Code Execution Vulnerability
- risk 0.48cvss 7.1epss 0.25
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office for Mac 2011, and Office 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka "Microsoft Office…
- risk 0.46cvss 7.0epss 0.00
Microsoft Office Graphics Elevation of Privilege Vulnerability
- risk 0.44cvss 6.5epss 0.23
The GDI component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Office for Mac 2011, and Office 2016 for Mac allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "GDI Information Disclosure…
- risk 0.43cvss 6.5epss 0.06
Microsoft Office 2016 for Mac allows an attacker to send a specially crafted email attachment to a user in an attempt to launch a social engineering attack, such as phishing, due to how Outlook for Mac displays encoded email addresses, aka "Spoofing Vulnerability in Microsoft…
- risk 0.42cvss 6.5epss 0.03
Windows Graphics Component Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
Microsoft Word Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
Microsoft Excel Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
Microsoft Office Word Tampering Vulnerability
- risk 0.36cvss 5.5epss 0.05
Microsoft Excel Information Disclosure Vulnerability
- risk 0.35cvss 5.3epss 0.01
Microsoft Outlook for Mac Spoofing Vulnerability
- risk 0.28cvss 4.3epss 0.03
Microsoft Office Security Feature Bypass Vulnerability
- risk 0.22cvss 3.3epss 0.01
Microsoft Office Information Disclosure Vulnerability
Page 4 of 13