Microsoft Office for Mac
by Microsoft
CVEs (207)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-60724 | Cri | 0.64 | 9.8 | 0.00 | Nov 11, 2025 | Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network. | ||
| CVE-2025-53766 | Cri | 0.64 | 9.8 | 0.03 | Aug 12, 2025 | Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network. | ||
| CVE-2022-21840 | Hig | 0.58 | 8.8 | 0.09 | Jan 11, 2022 | Microsoft Office Remote Code Execution Vulnerability | ||
| CVE-2026-26110 | Hig | 0.55 | 8.4 | 0.00 | Mar 10, 2026 | Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-62557 | Hig | 0.55 | 8.4 | 0.00 | Dec 9, 2025 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-62554 | Hig | 0.55 | 8.4 | 0.00 | Dec 9, 2025 | Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-49697 | Hig | 0.55 | 8.4 | 0.01 | Jul 8, 2025 | Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-49696 | Hig | 0.55 | 8.4 | 0.01 | Jul 8, 2025 | Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-49695 | Hig | 0.55 | 8.4 | 0.01 | Jul 8, 2025 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-47953 | Hig | 0.55 | 8.4 | 0.01 | Jun 10, 2025 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-47167 | Hig | 0.55 | 8.4 | 0.01 | Jun 10, 2025 | Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-47164 | Hig | 0.55 | 8.4 | 0.01 | Jun 10, 2025 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-47162 | Hig | 0.55 | 8.4 | 0.01 | Jun 10, 2025 | Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-30386 | Hig | 0.55 | 8.4 | 0.01 | May 13, 2025 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-62199 | Hig | 0.51 | 7.8 | 0.00 | Nov 11, 2025 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-59234 | Hig | 0.51 | 7.8 | 0.00 | Oct 14, 2025 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-59227 | Hig | 0.51 | 7.8 | 0.00 | Oct 14, 2025 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-53732 | Hig | 0.51 | 7.8 | 0.00 | Aug 12, 2025 | Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-49702 | Hig | 0.51 | 7.8 | 0.01 | Jul 8, 2025 | Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-30388 | Hig | 0.51 | 7.8 | 0.01 | May 13, 2025 | Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally. |
- risk 0.64cvss 9.8epss 0.00
Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network.
- risk 0.64cvss 9.8epss 0.03
Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network.
- risk 0.58cvss 8.8epss 0.09
Microsoft Office Remote Code Execution Vulnerability
- risk 0.55cvss 8.4epss 0.00
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.55cvss 8.4epss 0.00
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.55cvss 8.4epss 0.00
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.55cvss 8.4epss 0.01
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.55cvss 8.4epss 0.01
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.55cvss 8.4epss 0.01
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.55cvss 8.4epss 0.01
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.55cvss 8.4epss 0.01
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.55cvss 8.4epss 0.01
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.55cvss 8.4epss 0.01
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.55cvss 8.4epss 0.01
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.00
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.00
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.00
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.00
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.01
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.01
Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
Page 1 of 11