Search
Search Results (515 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-41107 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2026-05-19 | 7.8 High |
| Microsoft Office Graphics Remote Code Execution Vulnerability | ||||
| CVE-2023-33161 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2026-05-19 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2022-21841 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2026-05-19 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2023-36897 | 1 Microsoft | 8 365 Apps, Office, Office Long Term Servicing Channel and 5 more | 2026-05-19 | 8.1 High |
| Visual Studio Tools for Office Runtime Spoofing Vulnerability | ||||
| CVE-2021-42295 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2026-05-19 | 5.5 Medium |
| Visual Basic for Applications Information Disclosure Vulnerability | ||||
| CVE-2022-41105 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2026-05-19 | 5.5 Medium |
| Microsoft Excel Information Disclosure Vulnerability | ||||
| CVE-2022-24509 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2026-05-19 | 7.8 High |
| Microsoft Office Visio Remote Code Execution Vulnerability | ||||
| CVE-2022-26901 | 1 Microsoft | 7 365 Apps, Excel, Excel Rt and 4 more | 2026-05-19 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2022-44695 | 1 Microsoft | 8 365 Apps, Office, Office 2019 and 5 more | 2026-05-19 | 7.8 High |
| Microsoft Office Visio Remote Code Execution Vulnerability | ||||
| CVE-2022-44696 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2026-05-19 | 7.8 High |
| Microsoft Office Visio Remote Code Execution Vulnerability | ||||
| CVE-2021-42293 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2026-05-19 | 6.5 Medium |
| Microsoft Jet Red Database Engine and Access Connectivity Engine Elevation of Privilege Vulnerability | ||||
| CVE-2023-33153 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2026-05-19 | 6.8 Medium |
| Microsoft Outlook Remote Code Execution Vulnerability | ||||
| CVE-2026-35440 | 1 Microsoft | 8 365 Apps, Office, Office 2019 and 5 more | 2026-05-19 | 5.5 Medium |
| Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-40359 | 1 Microsoft | 11 365 Apps, Excel, Excel 2016 and 8 more | 2026-05-19 | 7.8 High |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-40360 | 1 Microsoft | 11 365 Apps, Excel, Excel 2016 and 8 more | 2026-05-19 | 7.8 High |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-40364 | 1 Microsoft | 10 365 Apps, Office, Office 2019 and 7 more | 2026-05-19 | 8.4 High |
| Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-40419 | 1 Microsoft | 6 365 Apps, Office, Office 2019 and 3 more | 2026-05-19 | 7.8 High |
| Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-41100 | 1 Microsoft | 3 365 Copilot, 365 Copilot Android, 365 Copilot Android | 2026-05-16 | 4.4 Medium |
| Improper access control in M365 Copilot allows an authorized attacker to perform spoofing locally. | ||||
| CVE-2026-41614 | 1 Microsoft | 2 365 Copilot, 365 Copilot For Desktop | 2026-05-14 | 6.2 Medium |
| Improper access control in M365 Copilot for Desktop allows an unauthorized attacker to perform spoofing locally. | ||||
| CVE-2026-33822 | 1 Microsoft | 4 365 Apps, Office Long Term Servicing Channel, Office Macos 2021 and 1 more | 2026-04-29 | 6.1 Medium |
| Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | ||||