Filtered by vendor Microsoft
Subscriptions
Filtered by product 365
Subscriptions
Total
29 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-53733 | 1 Microsoft | 14 365, 365 Apps, Office and 11 more | 2025-09-17 | 8.4 High |
| Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-53731 | 1 Microsoft | 10 365, 365 Apps, Office and 7 more | 2025-09-17 | 8.4 High |
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-53761 | 1 Microsoft | 10 365, 365 Apps, Office and 7 more | 2025-09-17 | 7.8 High |
| Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-53759 | 1 Microsoft | 11 365, 365 Apps, Excel and 8 more | 2025-09-17 | 7.8 High |
| Use of uninitialized resource in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-53741 | 1 Microsoft | 13 365, 365 Apps, Excel and 10 more | 2025-09-17 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-53730 | 1 Microsoft | 8 365, 365 Apps, Office and 5 more | 2025-09-17 | 7.8 High |
| Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-4234 | 3 Microsoft, Palo Alto, Paloaltonetworks | 5 365, Networks, Cortex Xdr and 2 more | 2025-09-15 | N/A |
| A problem with the Palo Alto Networks Cortex XDR Microsoft 365 Defender Pack can result in exposure of user credentials in application logs. Normally, these application logs are only viewable by local users and are included when generating logs for troubleshooting purposes. This means that these credentials are exposed to recipients of the application logs. | ||||
| CVE-2025-49756 | 1 Microsoft | 3 365, 365 Apps, Office 365 | 2025-08-23 | 3.3 Low |
| Use of a broken or risky cryptographic algorithm in Office Developer Platform allows an authorized attacker to bypass a security feature locally. | ||||
| CVE-2023-24910 | 1 Microsoft | 15 365, Office, Office Long Term Servicing Channel and 12 more | 2025-01-01 | 7.8 High |
| Windows Graphics Component Elevation of Privilege Vulnerability | ||||