ByteOS

CVSS Score-8.4||HIGH

EPSS-0.06% / 17.71%

||

7 Day CHG~0.00%

Published-12 Aug, 2025 | 17:10

Updated-27 Aug, 2025 | 16:08

Microsoft Word Remote Code Execution Vulnerability

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Product-office_long_term_servicing_channel 365_apps Microsoft Office LTSC 2021 Microsoft Office LTSC for Mac 2024 Microsoft Office LTSC for Mac 2021 Microsoft 365 Apps for Enterprise Microsoft Office LTSC 2024

CWE ID-CWE-416

Use After Free

CVE-2025-53740

CVSS Score-8.4||HIGH

EPSS-0.06% / 17.71%

||

7 Day CHG~0.00%

Published-12 Aug, 2025 | 17:10

Updated-27 Aug, 2025 | 16:08

Microsoft Office Remote Code Execution Vulnerability

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Product-365_apps office_long_term_servicing_channel office Microsoft Office LTSC 2021 Microsoft Office LTSC for Mac 2024 Microsoft Office LTSC for Mac 2021 Microsoft 365 Apps for Enterprise Microsoft Office 2019 Microsoft Office LTSC 2024 Microsoft Office 2016

CWE ID-CWE-416

Use After Free

CVE-2025-53739

CVSS Score-7.8||HIGH

EPSS-0.12% / 31.09%

||

7 Day CHG~0.00%

Published-12 Aug, 2025 | 17:10

Updated-27 Aug, 2025 | 16:08

Microsoft Excel Remote Code Execution Vulnerability

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Product-excel office_long_term_servicing_channel office_online_server office 365_apps Microsoft Office LTSC 2021 Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC for Mac 2024 Microsoft 365 Apps for Enterprise Microsoft Excel 2016 Office Online Server Microsoft Office 2019 Microsoft Office LTSC 2024

CWE ID-CWE-843

Access of Resource Using Incompatible Type ('Type Confusion')

CVE-2025-53738

CVSS Score-7.8||HIGH

EPSS-0.06% / 19.33%

||

7 Day CHG~0.00%

Published-12 Aug, 2025 | 17:10

Updated-27 Aug, 2025 | 16:08

Microsoft Word Remote Code Execution Vulnerability

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Product-word office_long_term_servicing_channel 365_apps office Microsoft Word 2016 Microsoft Office LTSC 2021 Microsoft Office LTSC for Mac 2024 Microsoft Office LTSC for Mac 2021 Microsoft 365 Apps for Enterprise Microsoft Office 2019 Microsoft Office LTSC 2024

CWE ID-CWE-416

Use After Free

CVE-2025-53737

CVSS Score-7.8||HIGH

EPSS-0.06% / 19.33%

||

7 Day CHG~0.00%

Published-12 Aug, 2025 | 17:10

Updated-27 Aug, 2025 | 16:08

Microsoft Excel Remote Code Execution Vulnerability

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Product-excel office_long_term_servicing_channel office_online_server office 365_apps Microsoft Office LTSC 2021 Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC for Mac 2024 Microsoft 365 Apps for Enterprise Microsoft Excel 2016 Office Online Server Microsoft Office 2019 Microsoft Office LTSC 2024

CWE ID-CWE-122

Heap-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2025-53736

CVSS Score-6.8||MEDIUM

EPSS-0.05% / 13.38%

||

7 Day CHG~0.00%

Published-12 Aug, 2025 | 17:10

Updated-27 Aug, 2025 | 16:08

Microsoft Word Information Disclosure Vulnerability

Buffer over-read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

Product-office_long_term_servicing_channel 365_apps office word sharepoint_server sharepoint_enterprise_server Microsoft Word 2016 Microsoft Office LTSC 2021 Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC for Mac 2024 Microsoft SharePoint Enterprise Server 2016 Microsoft 365 Apps for Enterprise Microsoft Office 2019 Microsoft Office LTSC 2024 Microsoft SharePoint Server 2019

CWE ID-CWE-126

Buffer Over-read

CVE-2025-53735

CVSS Score-7.8||HIGH

EPSS-0.06% / 19.33%

||

7 Day CHG~0.00%

Published-12 Aug, 2025 | 17:10

Updated-27 Aug, 2025 | 16:08

Microsoft Excel Remote Code Execution Vulnerability

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Product-excel office_long_term_servicing_channel office_online_server office 365_apps Microsoft Office LTSC 2021 Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC for Mac 2024 Microsoft 365 Apps for Enterprise Microsoft Excel 2016 Office Online Server Microsoft Office 2019 Microsoft Office LTSC 2024

CWE ID-CWE-416

Use After Free

CVE-2025-53734

CVSS Score-7.8||HIGH

EPSS-0.06% / 19.33%

||

7 Day CHG~0.00%

Published-12 Aug, 2025 | 17:10

Updated-27 Aug, 2025 | 16:08

Microsoft Office Visio Remote Code Execution Vulnerability

Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.

Product-365_apps office_long_term_servicing_channel office Microsoft Office 2019 Microsoft Office LTSC 2021 Microsoft 365 Apps for Enterprise Microsoft Office LTSC 2024

CWE ID-CWE-416

Use After Free

CVE-2025-53733

CVSS Score-8.4||HIGH

EPSS-0.14% / 35.10%

||

7 Day CHG~0.00%

Published-12 Aug, 2025 | 17:10

Updated-27 Aug, 2025 | 16:08

Microsoft Word Remote Code Execution Vulnerability

Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Product-office_long_term_servicing_channel 365_apps office word sharepoint_server sharepoint_enterprise_server Microsoft Word 2016 Microsoft Office LTSC 2021 Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC for Mac 2024 Microsoft SharePoint Enterprise Server 2016 Microsoft 365 Apps for Enterprise Microsoft Office 2019 Microsoft Office LTSC 2024 Microsoft SharePoint Server 2019

CWE ID-CWE-681

Incorrect Conversion between Numeric Types

CVE-2025-53731

CVSS Score-8.4||HIGH

EPSS-0.06% / 17.71%

||

7 Day CHG~0.00%

Published-12 Aug, 2025 | 17:10

Updated-27 Aug, 2025 | 16:08

Microsoft Office Remote Code Execution Vulnerability

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Product-365_apps office_long_term_servicing_channel office Microsoft Office LTSC 2021 Microsoft Office LTSC for Mac 2024 Microsoft Office LTSC for Mac 2021 Microsoft 365 Apps for Enterprise Microsoft Office 2019 Microsoft Office LTSC 2024 Microsoft Office 2016

CWE ID-CWE-416

Use After Free

CVE-2025-53761

CVSS Score-7.8||HIGH

EPSS-0.06% / 19.33%

||

7 Day CHG~0.00%

Published-12 Aug, 2025 | 17:09

Updated-27 Aug, 2025 | 16:07

Microsoft PowerPoint Remote Code Execution Vulnerability

Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

Product-365_apps office_long_term_servicing_channel powerpoint office Microsoft Office LTSC 2021 Microsoft 365 Apps for Enterprise Microsoft PowerPoint 2016 Microsoft Office 2019 Microsoft Office LTSC 2024

CWE ID-CWE-416

Use After Free

CVE-2025-53759

CVSS Score-7.8||HIGH

EPSS-0.12% / 31.09%

||

7 Day CHG~0.00%

Published-12 Aug, 2025 | 17:09

Updated-27 Aug, 2025 | 16:07

Microsoft Excel Remote Code Execution Vulnerability

Use of uninitialized resource in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Product-365_apps office_long_term_servicing_channel office_online_server office Microsoft Office LTSC 2021 Microsoft Office LTSC for Mac 2024 Microsoft Office LTSC for Mac 2021 Microsoft 365 Apps for Enterprise Office Online Server Microsoft Office 2019 Microsoft Office LTSC 2024

CWE ID-CWE-908

Use of Uninitialized Resource

CVE-2025-53741

CVSS Score-7.8||HIGH

EPSS-0.06% / 19.33%

||

7 Day CHG~0.00%

Published-12 Aug, 2025 | 17:09

Updated-27 Aug, 2025 | 16:07

Microsoft Excel Remote Code Execution Vulnerability

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Product-excel office_long_term_servicing_channel office_online_server office 365_apps Microsoft Office LTSC 2021 Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC for Mac 2024 Microsoft 365 Apps for Enterprise Microsoft Excel 2016 Office Online Server Microsoft Office 2019 Microsoft Office LTSC 2024

CWE ID-CWE-122

Heap-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2025-53730

CVSS Score-7.8||HIGH

EPSS-0.06% / 19.33%

||

7 Day CHG~0.00%

Published-12 Aug, 2025 | 17:09

Updated-27 Aug, 2025 | 16:07

Microsoft Office Visio Remote Code Execution Vulnerability

Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.

Product-365_apps office_long_term_servicing_channel office Microsoft Office 2019 Microsoft Office LTSC 2021 Microsoft 365 Apps for Enterprise Microsoft Office LTSC 2024

CWE ID-CWE-416

Use After Free

CVE-2025-49705

CVSS Score-7.8||HIGH

EPSS-0.07% / 21.34%

||

7 Day CHG~0.00%

Published-08 Jul, 2025 | 16:58

Updated-23 Aug, 2025 | 00:40

Microsoft PowerPoint Remote Code Execution Vulnerability

Heap-based buffer overflow in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

Product-powerpoint office office_long_term_servicing_channel 365_apps Microsoft Office LTSC 2024 Microsoft 365 Apps for Enterprise Microsoft Office LTSC for Mac 2021 Microsoft Office 2019 Microsoft Office LTSC 2021 Microsoft Office LTSC for Mac 2024 Microsoft PowerPoint 2016

CWE ID-CWE-122

Heap-based Buffer Overflow

CVE-2025-49703

CVSS Score-7.8||HIGH

EPSS-0.07% / 21.34%

||

7 Day CHG~0.00%

Published-08 Jul, 2025 | 16:58

Updated-23 Aug, 2025 | 00:40

Microsoft Word Remote Code Execution Vulnerability

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Product-office_long_term_servicing_channel sharepoint_server word 365_apps office Microsoft SharePoint Server 2019 Microsoft SharePoint Enterprise Server 2016 Microsoft Office LTSC 2024 Microsoft 365 Apps for Enterprise Microsoft Office LTSC for Mac 2021 Microsoft Office 2019 Microsoft Word 2016 Microsoft Office LTSC 2021 Microsoft Office LTSC for Mac 2024

CWE ID-CWE-416

Use After Free

CVE-2025-49702

CVSS Score-7.8||HIGH

EPSS-0.13% / 33.13%

||

7 Day CHG~0.00%

Published-08 Jul, 2025 | 16:58

Updated-23 Aug, 2025 | 00:40

Microsoft Office Remote Code Execution Vulnerability

Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.

Product-office office_long_term_servicing_channel 365_apps Microsoft Office LTSC 2024 Microsoft 365 Apps for Enterprise Microsoft Office LTSC for Mac 2021 Microsoft Office for Android Microsoft Office 2019 Microsoft Office LTSC 2021 Microsoft Office 2016 Microsoft Office LTSC for Mac 2024

CWE ID-CWE-843

Access of Resource Using Incompatible Type ('Type Confusion')

CVE-2025-49700

CVSS Score-7.8||HIGH

EPSS-0.07% / 21.34%

||

7 Day CHG~0.00%

Published-08 Jul, 2025 | 16:58

Updated-23 Aug, 2025 | 00:40

Microsoft Word Remote Code Execution Vulnerability

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Product-365_apps office_long_term_servicing_channel office word Microsoft Office LTSC 2024 Microsoft 365 Apps for Enterprise Microsoft Office 2019 Microsoft Word 2016 Microsoft Office LTSC 2021

CWE ID-CWE-416

Use After Free

CVE-2025-49699

CVSS Score-7||HIGH

EPSS-0.06% / 19.60%

||

7 Day CHG~0.00%

Published-08 Jul, 2025 | 16:58

Updated-23 Aug, 2025 | 00:40

Microsoft Office Remote Code Execution Vulnerability

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Product-office_long_term_servicing_channel word powerpoint 365_apps office outlook Microsoft Office LTSC 2024 Microsoft Outlook 2016 Microsoft 365 Apps for Enterprise Microsoft Office LTSC for Mac 2021 Microsoft Office 2019 Microsoft Word 2016 Microsoft Office LTSC 2021 Microsoft Office LTSC for Mac 2024 Microsoft PowerPoint 2016

CWE ID-CWE-416

Use After Free

CVE-2025-49698

CVSS Score-7.8||HIGH

EPSS-0.07% / 21.34%

||

7 Day CHG~0.00%

Published-08 Jul, 2025 | 16:58

Updated-23 Aug, 2025 | 00:40

Microsoft Word Remote Code Execution Vulnerability

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Product-365_apps office_long_term_servicing_channel office word Microsoft Office LTSC 2024 Microsoft 365 Apps for Enterprise Microsoft Office LTSC for Mac 2021 Microsoft Office 2019 Microsoft Word 2016 Microsoft Office LTSC 2021 Microsoft Office LTSC for Mac 2024

CWE ID-CWE-416

Use After Free

CVE-2025-49697

CVSS Score-8.4||HIGH

EPSS-0.06% / 19.80%

||

7 Day CHG~0.00%

Published-08 Jul, 2025 | 16:58

Updated-23 Aug, 2025 | 00:40

Microsoft Office Remote Code Execution Vulnerability

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

Product-365_apps office_online_server office office_long_term_servicing_channel Office Online Server Microsoft Office LTSC 2024 Microsoft 365 Apps for Enterprise Microsoft Office LTSC for Mac 2021 Microsoft Office for Android Microsoft Office 2019 Microsoft Office LTSC 2021 Microsoft Office 2016 Microsoft Office LTSC for Mac 2024

CWE ID-CWE-122

Heap-based Buffer Overflow

CVE-2025-49696

CVSS Score-8.4||HIGH

EPSS-0.08% / 24.83%

||

7 Day CHG~0.00%

Published-08 Jul, 2025 | 16:58

Updated-23 Aug, 2025 | 00:40

Microsoft Office Remote Code Execution Vulnerability

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.

Product-365_apps office office_long_term_servicing_channel Microsoft Office LTSC 2024 Microsoft 365 Apps for Enterprise Microsoft Office LTSC for Mac 2021 Microsoft Office for Android Microsoft Office 2019 Microsoft Office LTSC 2021 Microsoft Office 2016 Microsoft Office LTSC for Mac 2024

CWE ID-CWE-122

Heap-based Buffer Overflow

CWE ID-CWE-125

Out-of-bounds Read

CVE-2025-49695

CVSS Score-8.4||HIGH

EPSS-0.08% / 24.83%

||

7 Day CHG~0.00%

Published-08 Jul, 2025 | 16:58

Updated-23 Aug, 2025 | 00:40

Microsoft Office Remote Code Execution Vulnerability

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Product-365_apps office office_long_term_servicing_channel Microsoft Office LTSC 2024 Microsoft 365 Apps for Enterprise Microsoft Office LTSC for Mac 2021 Microsoft Office for Android Microsoft Office 2019 Microsoft Office LTSC 2021 Microsoft Office 2016 Microsoft Office LTSC for Mac 2024

CWE ID-CWE-416

Use After Free

CVE-2025-49711

CVSS Score-7.8||HIGH

EPSS-0.07% / 21.34%

||

7 Day CHG~0.00%

Published-08 Jul, 2025 | 16:57

Updated-23 Aug, 2025 | 00:39

Microsoft Excel Remote Code Execution Vulnerability

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Product-office_long_term_servicing_channel office_online_server 365_apps office excel Microsoft Excel 2016 Office Online Server Microsoft Office LTSC 2024 Microsoft 365 Apps for Enterprise Microsoft Office LTSC for Mac 2021 Microsoft Office 2019 Microsoft Office LTSC 2021 Microsoft Office LTSC for Mac 2024

CWE ID-CWE-416

Use After Free

CVE-2025-48812

CVSS Score-5.5||MEDIUM

EPSS-0.05% / 15.25%

||

7 Day CHG~0.00%

Published-08 Jul, 2025 | 16:57

Updated-23 Aug, 2025 | 00:39

Microsoft Excel Information Disclosure Vulnerability

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

Product-office_long_term_servicing_channel office_online_server 365_apps office excel Microsoft Excel 2016 Office Online Server Microsoft Office LTSC 2024 Microsoft 365 Apps for Enterprise Microsoft Office LTSC for Mac 2021 Microsoft Office 2019 Microsoft Office LTSC 2021 Microsoft Office LTSC for Mac 2024

CWE ID-CWE-125

Out-of-bounds Read

CVE-2025-47994

CVSS Score-7.8||HIGH

EPSS-0.15% / 36.27%

||

7 Day CHG~0.00%

Published-08 Jul, 2025 | 16:57

Updated-23 Aug, 2025 | 00:39

Microsoft Office Elevation of Privilege Vulnerability

Deserialization of untrusted data in Microsoft Office allows an unauthorized attacker to elevate privileges locally.

Product-365_apps office sharepoint_enterprise_server office_long_term_servicing_channel Microsoft Office LTSC 2024 Microsoft 365 Apps for Enterprise Microsoft Office 2019 Microsoft Office LTSC 2021 Microsoft Office 2016

CWE ID-CWE-502

Deserialization of Untrusted Data

CVE-2025-47176

CVSS Score-7.8||HIGH

EPSS-0.10% / 28.28%

||

7 Day CHG~0.00%

Published-10 Jun, 2025 | 17:02

Updated-11 Jul, 2025 | 16:36

Microsoft Outlook Remote Code Execution Vulnerability

'.../...//' in Microsoft Office Outlook allows an authorized attacker to execute code locally.

Product-365_apps office_long_term_servicing_channel Microsoft 365 Apps for Enterprise Microsoft Office LTSC 2024

CWE ID-CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CVE-2025-47175

CVSS Score-7.8||HIGH

EPSS-0.58% / 67.98%

||

7 Day CHG~0.00%

Published-10 Jun, 2025 | 17:02

Updated-11 Jul, 2025 | 16:36

Microsoft PowerPoint Remote Code Execution Vulnerability

Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

Product-office powerpoint office_long_term_servicing_channel 365_apps Microsoft Office 2019 Microsoft Office LTSC 2024 Microsoft Office LTSC for Mac 2024 Microsoft Office LTSC 2021 Microsoft 365 Apps for Enterprise Microsoft PowerPoint 2016 Microsoft Office LTSC for Mac 2021

CWE ID-CWE-416

Use After Free

CVE-2025-47174

CVSS Score-7.8||HIGH

EPSS-0.08% / 24.05%

||

7 Day CHG~0.00%

Published-10 Jun, 2025 | 17:02

Updated-11 Jul, 2025 | 16:36

Microsoft Excel Remote Code Execution Vulnerability

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Product-office_long_term_servicing_channel 365_apps Microsoft 365 Apps for Enterprise Microsoft Office LTSC 2021 Microsoft Office LTSC 2024

CWE ID-CWE-122

Heap-based Buffer Overflow

CVE-2025-47173

CVSS Score-7.8||HIGH

EPSS-0.07% / 21.28%

||

7 Day CHG~0.00%

Published-10 Jun, 2025 | 17:02

Updated-11 Jul, 2025 | 16:36

Microsoft Office Remote Code Execution Vulnerability

Improper input validation in Microsoft Office allows an unauthorized attacker to execute code locally.

Product-office office_long_term_servicing_channel 365_apps Microsoft Office LTSC for Mac 2021 Microsoft Office 2019 Microsoft Office LTSC 2024 Microsoft Office LTSC for Mac 2024 Microsoft Office LTSC 2021 Microsoft 365 Apps for Enterprise Microsoft Office 2016

CWE ID-CWE-641

Improper Restriction of Names for Files and Other Resources

CVE-2025-47171

CVSS Score-6.7||MEDIUM

EPSS-1.91% / 82.49%

||

7 Day CHG~0.00%

Published-10 Jun, 2025 | 17:02

Updated-11 Jul, 2025 | 16:36

Microsoft Outlook Remote Code Execution Vulnerability

Improper input validation in Microsoft Office Outlook allows an authorized attacker to execute code locally.

Product-office office_long_term_servicing_channel 365_apps outlook Microsoft Office 2019 Microsoft Office LTSC 2024 Microsoft Office LTSC 2021 Microsoft 365 Apps for Enterprise Microsoft Outlook 2016

CWE ID-CWE-20

Improper Input Validation

CVE-2025-47170

CVSS Score-7.8||HIGH

EPSS-0.08% / 24.05%

||

7 Day CHG~0.00%

Published-10 Jun, 2025 | 17:02

Updated-11 Jul, 2025 | 16:36

Microsoft Word Remote Code Execution Vulnerability

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Product-office_long_term_servicing_channel 365_apps Microsoft Office LTSC for Mac 2024 Microsoft 365 Apps for Enterprise Microsoft Office LTSC 2024

CWE ID-CWE-416

Use After Free

CVE-2025-47169

CVSS Score-7.8||HIGH

EPSS-0.08% / 24.05%

||

7 Day CHG~0.00%

Published-10 Jun, 2025 | 17:02

Updated-11 Jul, 2025 | 16:36

Microsoft Word Remote Code Execution Vulnerability

Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Product-office sharepoint_enterprise_server office_long_term_servicing_channel word sharepoint_server 365_apps Microsoft Office 2019 Microsoft Office LTSC 2024 Microsoft Word 2016 Microsoft Office LTSC for Mac 2024 Microsoft Office LTSC 2021 Microsoft 365 Apps for Enterprise Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Server 2019 Microsoft Office LTSC for Mac 2021

CWE ID-CWE-122

Heap-based Buffer Overflow

CVE-2025-47168

CVSS Score-7.8||HIGH

EPSS-0.08% / 24.05%

||

7 Day CHG~0.00%

Published-10 Jun, 2025 | 17:02

Updated-11 Jul, 2025 | 16:36

Microsoft Word Remote Code Execution Vulnerability

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Product-office sharepoint_enterprise_server office_long_term_servicing_channel word sharepoint_server 365_apps Microsoft Office 2019 Microsoft Office LTSC 2024 Microsoft Word 2016 Microsoft Office LTSC for Mac 2024 Microsoft Office LTSC 2021 Microsoft 365 Apps for Enterprise Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Server 2019 Microsoft Office LTSC for Mac 2021

CWE ID-CWE-416

Use After Free

CVE-2025-47167

CVSS Score-8.4||HIGH

EPSS-0.17% / 38.67%

||

7 Day CHG~0.00%

Published-10 Jun, 2025 | 17:02

Updated-11 Jul, 2025 | 16:36

Microsoft Office Remote Code Execution Vulnerability

Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.

Product-office office_long_term_servicing_channel 365_apps Microsoft Office 2019 Microsoft Office LTSC 2024 Microsoft Office 2016 Microsoft Office LTSC for Mac 2024 Microsoft Office LTSC 2021 Microsoft 365 Apps for Enterprise Microsoft Office LTSC for Mac 2021 Microsoft Office for Android

CWE ID-CWE-843

Access of Resource Using Incompatible Type ('Type Confusion')

CVE-2025-47165

CVSS Score-7.8||HIGH

EPSS-0.41% / 60.47%

||

7 Day CHG~0.00%

Published-10 Jun, 2025 | 17:02

Updated-11 Jul, 2025 | 16:36

Microsoft Excel Remote Code Execution Vulnerability

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Product-office excel 365_apps office_online_server office_long_term_servicing_channel Microsoft Office 2019 Microsoft Office LTSC 2024 Microsoft Office LTSC for Mac 2024 Office Online Server Microsoft Office LTSC 2021 Microsoft 365 Apps for Enterprise Microsoft Excel 2016 Microsoft Office LTSC for Mac 2021

CWE ID-CWE-416

Use After Free

CVE-2025-47164

CVSS Score-8.4||HIGH

EPSS-0.07% / 20.77%

||

7 Day CHG~0.00%

Published-10 Jun, 2025 | 17:02

Updated-11 Jul, 2025 | 16:36

Microsoft Office Remote Code Execution Vulnerability

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Product-office office_long_term_servicing_channel 365_apps Microsoft Office 2019 Microsoft Office LTSC 2024 Microsoft Office 2016 Microsoft Office LTSC for Mac 2024 Microsoft Office LTSC 2021 Microsoft 365 Apps for Enterprise Microsoft Office LTSC for Mac 2021 Microsoft Office for Android

CWE ID-CWE-416

Use After Free

CVE-2025-47953

CVSS Score-8.4||HIGH

EPSS-0.07% / 21.79%

||

7 Day CHG~0.00%

Published-10 Jun, 2025 | 17:02

Updated-11 Jul, 2025 | 16:36

Microsoft Office Remote Code Execution Vulnerability

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Product-office office_long_term_servicing_channel 365_apps Microsoft Office 2019 Microsoft Office LTSC 2024 Microsoft Office 2016 Microsoft Office LTSC for Mac 2024 Microsoft Office LTSC 2021 Microsoft 365 Apps for Enterprise Microsoft Office LTSC for Mac 2021 Microsoft Office for Android

CWE ID-CWE-641

Improper Restriction of Names for Files and Other Resources

CVE-2025-47162

CVSS Score-8.4||HIGH

EPSS-0.07% / 20.77%

||

7 Day CHG~0.00%

Published-10 Jun, 2025 | 17:02

Updated-11 Jul, 2025 | 16:36

Microsoft Office Remote Code Execution Vulnerability

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

Product-office office_long_term_servicing_channel 365_apps Microsoft Office 2019 Microsoft Office LTSC 2024 Microsoft Office 2016 Microsoft Office LTSC for Mac 2024 Microsoft Office LTSC 2021 Microsoft 365 Apps for Enterprise Microsoft Office LTSC for Mac 2021 Microsoft Office for Android

CWE ID-CWE-122

Heap-based Buffer Overflow

CVE-2025-47957

CVSS Score-8.4||HIGH

EPSS-0.45% / 62.68%

||

7 Day CHG~0.00%

Published-10 Jun, 2025 | 17:02

Updated-11 Jul, 2025 | 16:36

Microsoft Word Remote Code Execution Vulnerability

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Product-office_long_term_servicing_channel 365_apps Microsoft 365 Apps for Enterprise Microsoft Office LTSC 2021 Microsoft Office LTSC 2024

CWE ID-CWE-416

Use After Free

CVE-2025-32705

CVSS Score-7.8||HIGH

EPSS-0.08% / 24.05%

||

7 Day CHG~0.00%

Published-13 May, 2025 | 16:59

Updated-15 Jul, 2025 | 01:11

Microsoft Outlook Remote Code Execution Vulnerability

Out-of-bounds read in Microsoft Office Outlook allows an unauthorized attacker to execute code locally.

Product-office_long_term_servicing_channel 365_apps Microsoft 365 Apps for Enterprise Microsoft Office LTSC 2021 Microsoft Office LTSC 2024

CWE ID-CWE-125

Out-of-bounds Read

CVE-2025-32704

CVSS Score-8.4||HIGH

EPSS-0.07% / 20.57%

||

7 Day CHG~0.00%

Published-13 May, 2025 | 16:59

Updated-15 Jul, 2025 | 01:11

Microsoft Excel Remote Code Execution Vulnerability

Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Product-excel office office_long_term_servicing_channel 365_apps Microsoft Office 2019 Microsoft Office LTSC 2021 Microsoft Office LTSC 2024 Microsoft Excel 2016 Microsoft 365 Apps for Enterprise

CWE ID-CWE-126

Buffer Over-read

CWE ID-CWE-125

Out-of-bounds Read

CVE-2025-30388

CVSS Score-7.8||HIGH

EPSS-0.08% / 23.87%

||

7 Day CHG~0.00%

Published-13 May, 2025 | 16:59

Updated-15 Jul, 2025 | 01:11

Windows Graphics Component Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.

CWE ID-CWE-122

Heap-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2025-30393

CVSS Score-7.8||HIGH

EPSS-0.08% / 24.05%

||

7 Day CHG~0.00%

Published-13 May, 2025 | 16:58

Updated-15 Jul, 2025 | 01:11

Microsoft Excel Remote Code Execution Vulnerability

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Product-office_long_term_servicing_channel 365_apps Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC 2021 Microsoft Office LTSC 2024 Microsoft Office LTSC for Mac 2024 Microsoft 365 Apps for Enterprise

CWE ID-CWE-416

Use After Free

CVE-2025-30386

CVSS Score-8.4||HIGH

EPSS-0.06% / 19.68%

||

7 Day CHG~0.00%

Published-13 May, 2025 | 16:58

Updated-15 Jul, 2025 | 01:11

Microsoft Office Remote Code Execution Vulnerability

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Product-office office_long_term_servicing_channel 365_apps Microsoft Office 2019 Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC 2021 Microsoft Office 2016 Microsoft Office LTSC 2024 Microsoft Office for Android Microsoft Office LTSC for Mac 2024 Microsoft 365 Apps for Enterprise

CWE ID-CWE-416

Use After Free

CVE-2025-30383

CVSS Score-7.8||HIGH

EPSS-0.15% / 36.62%

||

7 Day CHG~0.00%

Published-13 May, 2025 | 16:58

Updated-15 Jul, 2025 | 01:11

Microsoft Excel Remote Code Execution Vulnerability

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Product-excel office_online_server office_long_term_servicing_channel 365_apps office Microsoft Office 2019 Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC 2021 Office Online Server Microsoft Office LTSC 2024 Microsoft Excel 2016 Microsoft Office LTSC for Mac 2024 Microsoft 365 Apps for Enterprise

CWE ID-CWE-843

Access of Resource Using Incompatible Type ('Type Confusion')

CVE-2025-30381

CVSS Score-7.8||HIGH

EPSS-0.08% / 24.05%

||

7 Day CHG~0.00%

Published-13 May, 2025 | 16:58

Updated-15 Jul, 2025 | 01:11

Microsoft Excel Remote Code Execution Vulnerability

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Product-excel office_online_server office_long_term_servicing_channel 365_apps office Microsoft Office 2019 Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC 2021 Office Online Server Microsoft Office LTSC 2024 Microsoft Excel 2016 Microsoft Office LTSC for Mac 2024 Microsoft 365 Apps for Enterprise

CWE ID-CWE-125

Out-of-bounds Read

CWE ID-CWE-822

Untrusted Pointer Dereference

CVE-2025-30379

CVSS Score-7.8||HIGH

EPSS-0.08% / 24.05%

||

7 Day CHG~0.00%

Published-13 May, 2025 | 16:58

Updated-15 Jul, 2025 | 01:11

Microsoft Excel Remote Code Execution Vulnerability

Release of invalid pointer or reference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Product-excel office_online_server office_long_term_servicing_channel 365_apps office Microsoft Office 2019 Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC 2021 Office Online Server Microsoft Office LTSC 2024 Microsoft Excel 2016 Microsoft Office LTSC for Mac 2024 Microsoft 365 Apps for Enterprise

CWE ID-CWE-763

Release of Invalid Pointer or Reference

CVE-2025-30377

CVSS Score-8.4||HIGH

EPSS-0.07% / 20.57%

||

7 Day CHG~0.00%

Published-13 May, 2025 | 16:58

Updated-15 Jul, 2025 | 01:11

Microsoft Office Remote Code Execution Vulnerability

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Product-excel office_online_server office_long_term_servicing_channel 365_apps office Microsoft Office 2019 Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC 2021 Microsoft Office 2016 Microsoft Office LTSC 2024 Microsoft Office for Android Microsoft Office LTSC for Mac 2024 Microsoft 365 Apps for Enterprise

CWE ID-CWE-416

Use After Free

CVE-2025-30376

CVSS Score-7.8||HIGH

EPSS-0.08% / 24.05%

||

7 Day CHG~0.00%

Published-13 May, 2025 | 16:58

Updated-15 Jul, 2025 | 01:11

Microsoft Excel Remote Code Execution Vulnerability

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.