Filtered by vendor Microsoft
Subscriptions
Filtered by product 365
Subscriptions
Total
61 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-59223 | 1 Microsoft | 10 365, 365 Apps, Excel and 7 more | 2025-11-04 | 7.8 High |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-59222 | 1 Microsoft | 10 365, 365 Apps, Office and 7 more | 2025-11-04 | 7.8 High |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-59221 | 1 Microsoft | 10 365, 365 Apps, Office and 7 more | 2025-11-04 | 7 High |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-59243 | 1 Microsoft | 5 365, 365 Apps, Excel and 2 more | 2025-11-04 | 7.8 High |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-59235 | 1 Microsoft | 14 365, 365 Apps, Access and 11 more | 2025-11-04 | 7.1 High |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2025-59234 | 1 Microsoft | 6 365, 365 Apps, Office and 3 more | 2025-11-04 | 7.8 High |
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-59233 | 1 Microsoft | 10 365, 365 Apps, Excel and 7 more | 2025-11-04 | 7.8 High |
| Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-59231 | 1 Microsoft | 10 365, 365 Apps, Excel and 7 more | 2025-11-04 | 7.8 High |
| Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-54901 | 1 Microsoft | 10 365, 365 Apps, Excel and 7 more | 2025-10-01 | 5.5 Medium |
| Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2025-54902 | 1 Microsoft | 13 365, 365 Apps, Excel and 10 more | 2025-10-01 | 7.8 High |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-55238 | 1 Microsoft | 2 365, Dynamics 365 | 2025-09-25 | 7.5 High |
| Dynamics 365 FastTrack Implementation Assets Information Disclosure Vulnerability | ||||
| CVE-2025-54900 | 1 Microsoft | 10 365, 365 Apps, Excel and 7 more | 2025-09-25 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-54907 | 1 Microsoft | 8 365, 365 Apps, Office and 5 more | 2025-09-25 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office Visio allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-54904 | 1 Microsoft | 13 365, 365 Apps, Excel and 10 more | 2025-09-25 | 7.8 High |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-54903 | 1 Microsoft | 13 365, 365 Apps, Excel and 10 more | 2025-09-25 | 7.8 High |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-54899 | 1 Microsoft | 12 365, 365 Apps, Excel and 9 more | 2025-09-25 | 7.8 High |
| Free of memory not on the heap in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-54898 | 1 Microsoft | 12 365, 365 Apps, Excel and 9 more | 2025-09-25 | 7.8 High |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-54896 | 1 Microsoft | 12 365, 365 Apps, Excel and 9 more | 2025-09-25 | 7.8 High |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-4234 | 3 Microsoft, Palo Alto, Paloaltonetworks | 5 365, Networks, Cortex Xdr and 2 more | 2025-09-15 | N/A |
| A problem with the Palo Alto Networks Cortex XDR Microsoft 365 Defender Pack can result in exposure of user credentials in application logs. Normally, these application logs are only viewable by local users and are included when generating logs for troubleshooting purposes. This means that these credentials are exposed to recipients of the application logs. | ||||
| CVE-2025-49756 | 1 Microsoft | 3 365, 365 Apps, Office 365 | 2025-08-23 | 3.3 Low |
| Use of a broken or risky cryptographic algorithm in Office Developer Platform allows an authorized attacker to bypass a security feature locally. | ||||