Search Results (1330 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0573 1 Microsoft 5 Frontpage, Office, Publisher and 2 more 2026-04-16 N/A
Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malicious document or website.
CVE-2004-0200 1 Microsoft 24 .net Framework, Digital Image Pro, Digital Image Suite and 21 more 2026-04-16 N/A
Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
CVE-2002-0152 1 Microsoft 6 Entourage, Excel, Ie and 3 more 2026-04-16 N/A
Buffer overflow in various Microsoft applications for Macintosh allows remote attackers to cause a denial of service (crash) or execute arbitrary code by invoking the file:// directive with a large number of / characters, which affects Internet Explorer 5.1, Outlook Express 5.0 through 5.0.2, Entourage v. X and 2001, PowerPoint v. X, 2001, and 98, and Excel v. X and 2001 for Macintosh.
CVE-2000-0088 1 Microsoft 4 Office, Office Converter Pack, Powerpoint and 1 more 2026-04-16 N/A
Buffer overflow in the conversion utilities for Japanese, Korean and Chinese Word 5 documents allows an attacker to execute commands, aka the "Malformed Conversion Data" vulnerability.
CVE-2003-0347 1 Microsoft 4 Office, Project, Visio and 1 more 2026-04-16 N/A
Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications (VBA) SDK 5.0 through 6.3 allows remote attackers to execute arbitrary code via a document with a long ID parameter.
CVE-2002-0021 1 Microsoft 1 Office 2026-04-16 N/A
Network Product Identification (PID) Checker in Microsoft Office v. X for Mac allows remote attackers to cause a denial of service (crash) via a malformed product announcement.
CVE-2000-0419 1 Microsoft 10 Access, Excel, Frontpage and 7 more 2026-04-16 N/A
The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability.
CVE-2002-1716 1 Microsoft 1 Office 2026-04-16 N/A
The Host() function in the Microsoft spreadsheet component on Microsoft Office XP allows remote attackers to create arbitrary files using the SaveAs capability.
CVE-2002-0862 2 Apple, Microsoft 10 Macos, Internet Explorer, Office and 7 more 2026-04-16 N/A
The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook Express for Mac, do not properly verify the Basic Constraints of intermediate CA-signed X.509 certificates, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack for SSL sessions, as originally reported for Internet Explorer and IIS.
CVE-2002-0860 1 Microsoft 2 Office Web Components, Project 2026-04-16 N/A
The LoadText method in the spreadsheet component in Microsoft Office Web Components (OWC) 2000 and 2002 allows remote attackers to read arbitrary files through Internet Explorer via a URL that redirects to the target file.
CVE-2005-0820 1 Microsoft 1 Office Infopath 2026-04-16 N/A
Microsoft Office InfoPath 2003 SP1 includes sensitive information in the Manifest.xsf file in a custom .xsn form, which allows attackers to obtain printer and network information, obtain the database name, username, and password, or obtain the internal web server name.
CVE-2026-21259 1 Microsoft 9 365 Apps, Excel, Excel 2016 and 6 more 2026-04-15 7.8 High
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate privileges locally.
CVE-2026-21258 1 Microsoft 11 365 Apps, Excel, Excel 2016 and 8 more 2026-04-15 5.5 Medium
Improper input validation in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
CVE-2026-21260 1 Microsoft 11 365 Apps, Office, Office 2019 and 8 more 2026-04-15 7.5 High
Exposure of sensitive information to an unauthorized actor in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-21514 1 Microsoft 6 365 Apps, Office 2021, Office 2024 and 3 more 2026-04-15 7.8 High
Reliance on untrusted inputs in a security decision in Microsoft Office Word allows an unauthorized attacker to bypass a security feature locally.
CVE-2026-21511 1 Microsoft 13 365 Apps, Office, Office 2019 and 10 more 2026-04-15 7.5 High
Deserialization of untrusted data in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-21261 1 Microsoft 11 365 Apps, Excel, Excel 2016 and 8 more 2026-04-15 5.5 Medium
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
CVE-2026-20846 1 Microsoft 31 Office, Windows 10 1607, Windows 10 1809 and 28 more 2026-04-15 7.5 High
Buffer over-read in Windows GDI+ allows an unauthorized attacker to deny service over a network.
CVE-2026-26109 1 Microsoft 13 365 Apps, Excel, Excel 2016 and 10 more 2026-04-14 8.4 High
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-26108 1 Microsoft 11 365 Apps, Excel, Excel 2016 and 8 more 2026-04-14 7.8 High
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.