Microsoft vulnerabilities

Showing 51 - 100 of 1.4K CVEs

  1. CVE-2025-62559 Published Dec 9, 2025

    Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

  2. CVE-2025-62558 Published Dec 9, 2025

    Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

  3. CVE-2025-62557 Published Dec 9, 2025

    Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

  4. CVE-2025-62556 Published Dec 9, 2025

    Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  5. CVE-2025-62555 Published Dec 9, 2025

    Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

  6. CVE-2025-62554 Published Dec 9, 2025

    Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.

  7. CVE-2025-62553 Published Dec 9, 2025

    Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  8. CVE-2025-62552 Published Dec 9, 2025

    Relative path traversal in Microsoft Office Access allows an unauthorized attacker to execute code locally.

  9. CVE-2025-62223 Published Dec 5, 2025

    User interface (ui) misrepresentation of critical information in Microsoft Edge for iOS allows an unauthorized attacker to perform spoofing over a network.

  10. CVE-2025-62204 Published Nov 11, 2025

    Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

  11. CVE-2025-62203 Published Nov 11, 2025

    Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  12. CVE-2025-62202 Published Nov 11, 2025

    Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

  13. CVE-2025-62201 Published Nov 11, 2025

    Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  14. CVE-2025-62200 Published Nov 11, 2025

    Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  15. CVE-2025-62199 Published Nov 11, 2025

    Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

  16. CVE-2025-60727 Published Nov 11, 2025

    Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  17. CVE-2025-60726 Published Nov 11, 2025

    Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

  18. CVE-2025-60724 Published Nov 11, 2025

    Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network.

  19. CVE-2025-59240 Published Nov 11, 2025

    Exposure of sensitive information to an unauthorized actor in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

  20. CVE-2025-60711 Published Oct 31, 2025

    Protection mechanism failure in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

  21. CVE-2025-59249 Published Oct 14, 2025

    Weak authentication in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network.

  22. CVE-2025-59248 Published Oct 14, 2025

    Improper input validation in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.

  23. CVE-2025-59238 Published Oct 14, 2025

    Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

  24. CVE-2025-59237 Published Oct 14, 2025

    Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

  25. CVE-2025-59235 Published Oct 14, 2025

    Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

  26. CVE-2025-59234 Published Oct 14, 2025

    Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

  27. CVE-2025-59236 Published Oct 14, 2025

    Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  28. CVE-2025-59233 Published Oct 14, 2025

    Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  29. CVE-2025-59232 Published Oct 14, 2025

    Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

  30. CVE-2025-59231 Published Oct 14, 2025

    Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  31. CVE-2025-59228 Published Oct 14, 2025

    Improper input validation in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

  32. CVE-2025-59225 Published Oct 14, 2025

    Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  33. CVE-2025-59227 Published Oct 14, 2025

    Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

  34. CVE-2025-59224 Published Oct 14, 2025

    Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  35. CVE-2025-59223 Published Oct 14, 2025

    Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  36. CVE-2025-59222 Published Oct 14, 2025

    Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

  37. CVE-2025-59221 Published Oct 14, 2025

    Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

  38. CVE-2025-53782 Published Oct 14, 2025

    Incorrect implementation of authentication algorithm in Microsoft Exchange Server allows an unauthorized attacker to elevate privileges locally.

  39. CVE-2025-55248 Published Oct 14, 2025

    Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network.

  40. CVE-2025-59251 Published Sep 24, 2025

    Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

  41. CVE-2025-54910 Published Sep 9, 2025

    Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

  42. CVE-2025-54908 Published Sep 9, 2025

    Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

  43. CVE-2025-54907 Published Sep 9, 2025

    Heap-based buffer overflow in Microsoft Office Visio allows an unauthorized attacker to execute code locally.

  44. CVE-2025-54906 Published Sep 9, 2025

    Free of memory not on the heap in Microsoft Office allows an unauthorized attacker to execute code locally.

  45. CVE-2025-54905 Published Sep 9, 2025

    Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

  46. CVE-2025-54904 Published Sep 9, 2025

    Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  47. CVE-2025-54903 Published Sep 9, 2025

    Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  48. CVE-2025-54902 Published Sep 9, 2025

    Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  49. CVE-2025-54901 Published Sep 9, 2025

    Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

  50. CVE-2025-54900 Published Sep 9, 2025

    Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.