Microsoft vulnerabilities

Showing 101 - 150 of 2.2K CVEs

  1. CVE-2025-59237 Published Oct 14, 2025

    Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

  2. CVE-2025-59235 Published Oct 14, 2025

    Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

  3. CVE-2025-59234 Published Oct 14, 2025

    Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

  4. CVE-2025-59236 Published Oct 14, 2025

    Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  5. CVE-2025-59233 Published Oct 14, 2025

    Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  6. CVE-2025-59232 Published Oct 14, 2025

    Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

  7. CVE-2025-59231 Published Oct 14, 2025

    Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  8. CVE-2025-59228 Published Oct 14, 2025

    Improper input validation in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

  9. CVE-2025-59225 Published Oct 14, 2025

    Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  10. CVE-2025-59227 Published Oct 14, 2025

    Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

  11. CVE-2025-59224 Published Oct 14, 2025

    Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  12. CVE-2025-59223 Published Oct 14, 2025

    Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  13. CVE-2025-59222 Published Oct 14, 2025

    Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

  14. CVE-2025-59221 Published Oct 14, 2025

    Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

  15. CVE-2025-53782 Published Oct 14, 2025

    Incorrect implementation of authentication algorithm in Microsoft Exchange Server allows an unauthorized attacker to elevate privileges locally.

  16. CVE-2025-55248 Published Oct 14, 2025

    Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network.

  17. CVE-2025-59251 Published Sep 24, 2025

    Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

  18. CVE-2025-54910 Published Sep 9, 2025

    Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

  19. CVE-2025-54908 Published Sep 9, 2025

    Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

  20. CVE-2025-54907 Published Sep 9, 2025

    Heap-based buffer overflow in Microsoft Office Visio allows an unauthorized attacker to execute code locally.

  21. CVE-2025-54906 Published Sep 9, 2025

    Free of memory not on the heap in Microsoft Office allows an unauthorized attacker to execute code locally.

  22. CVE-2025-54905 Published Sep 9, 2025

    Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

  23. CVE-2025-54904 Published Sep 9, 2025

    Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  24. CVE-2025-54903 Published Sep 9, 2025

    Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  25. CVE-2025-54902 Published Sep 9, 2025

    Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  26. CVE-2025-54901 Published Sep 9, 2025

    Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

  27. CVE-2025-54900 Published Sep 9, 2025

    Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  28. CVE-2025-54899 Published Sep 9, 2025

    Free of memory not on the heap in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  29. CVE-2025-54898 Published Sep 9, 2025

    Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  30. CVE-2025-54897 Published Sep 9, 2025

    Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

  31. CVE-2025-54896 Published Sep 9, 2025

    Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  32. CVE-2025-53799 Published Sep 9, 2025

    Use of uninitialized resource in Windows Imaging Component allows an unauthorized attacker to disclose information locally.

  33. CVE-2025-53791 Published Sep 5, 2025

    Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.

  34. CVE-2025-53761 Published Aug 12, 2025

    Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

  35. CVE-2025-53759 Published Aug 12, 2025

    Use of uninitialized resource in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  36. CVE-2025-53741 Published Aug 12, 2025

    Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  37. CVE-2025-53740 Published Aug 12, 2025

    Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

  38. CVE-2025-53739 Published Aug 12, 2025

    Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  39. CVE-2025-53738 Published Aug 12, 2025

    Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

  40. CVE-2025-53760 Published Aug 12, 2025

    Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network.

  41. CVE-2025-53734 Published Aug 12, 2025

    Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.

  42. CVE-2025-53733 Published Aug 12, 2025

    Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally.

  43. CVE-2025-53737 Published Aug 12, 2025

    Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  44. CVE-2025-53732 Published Aug 12, 2025

    Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

  45. CVE-2025-53735 Published Aug 12, 2025

    Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  46. CVE-2025-53736 Published Aug 12, 2025

    Buffer over-read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

  47. CVE-2025-53730 Published Aug 12, 2025

    Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.

  48. CVE-2025-53731 Published Aug 12, 2025

    Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

  49. CVE-2025-50154 Published Aug 12, 2025

    Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.

  50. CVE-2025-49712 Published Aug 12, 2025

    Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.