ByteOS

CVSS Score-7.8||HIGH

EPSS-0.15% / 36.63%

||

7 Day CHG~0.00%

Published-13 May, 2025 | 16:58

Updated-15 Jul, 2025 | 01:11

Microsoft Excel Remote Code Execution Vulnerability

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Product-excel office_online_server office_long_term_servicing_channel 365_apps office Microsoft Office 2019 Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC 2021 Office Online Server Microsoft Office LTSC 2024 Microsoft Excel 2016 Microsoft Office LTSC for Mac 2024 Microsoft 365 Apps for Enterprise

CWE ID-CWE-843

Access of Resource Using Incompatible Type ('Type Confusion')

CVE-2025-29979

CVSS Score-7.8||HIGH

EPSS-0.08% / 24.11%

||

7 Day CHG~0.00%

Published-13 May, 2025 | 16:58

Updated-15 Jul, 2025 | 01:11

Microsoft Excel Remote Code Execution Vulnerability

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Product-excel office_online_server office_long_term_servicing_channel 365_apps office Microsoft Office 2019 Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC 2021 Office Online Server Microsoft Office 2016 Microsoft Office LTSC 2024 Microsoft Office LTSC for Mac 2024 Microsoft 365 Apps for Enterprise

CWE ID-CWE-122

Heap-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2025-29978

CVSS Score-7.8||HIGH

EPSS-0.08% / 24.11%

||

7 Day CHG~0.00%

Published-13 May, 2025 | 16:58

Updated-15 Jul, 2025 | 01:11

Microsoft PowerPoint Remote Code Execution Vulnerability

Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

Product-office_long_term_servicing_channel 365_apps Microsoft 365 Apps for Enterprise Microsoft Office LTSC 2024

CWE ID-CWE-416

Use After Free

CVE-2025-29977

CVSS Score-7.8||HIGH

EPSS-0.08% / 24.11%

||

7 Day CHG~0.00%

Published-13 May, 2025 | 16:58

Updated-15 Jul, 2025 | 01:11

Microsoft Excel Remote Code Execution Vulnerability

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Product-excel office_online_server office_long_term_servicing_channel 365_apps office Microsoft Office 2019 Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC 2021 Office Online Server Microsoft Office LTSC 2024 Microsoft Excel 2016 Microsoft Office LTSC for Mac 2024 Microsoft 365 Apps for Enterprise

CWE ID-CWE-416

Use After Free

CVE-2025-29816

CVSS Score-7.5||HIGH

EPSS-0.05% / 13.89%

||

7 Day CHG~0.00%

Published-08 Apr, 2025 | 17:24

Updated-09 Jul, 2025 | 16:58

Microsoft Word Security Feature Bypass Vulnerability

Improper input validation in Microsoft Office Word allows an unauthorized attacker to bypass a security feature over a network.

Product-office word office_long_term_servicing_channel 365_apps Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC for Mac 2024 Microsoft 365 Apps for Enterprise Microsoft Office LTSC 2024 Microsoft Office LTSC 2021 Microsoft Office 2016 Microsoft Office 2019 Microsoft Word 2016

CWE ID-CWE-349

Acceptance of Extraneous Untrusted Data With Trusted Data

CVE-2025-26642

CVSS Score-7.8||HIGH

EPSS-0.18% / 39.48%

||

7 Day CHG~0.00%

Published-08 Apr, 2025 | 17:23

Updated-09 Jul, 2025 | 16:56

Microsoft Office Remote Code Execution Vulnerability

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.

CWE ID-CWE-125

Out-of-bounds Read

CWE ID-CWE-190

Integer Overflow or Wraparound

CVE-2025-29822

CVSS Score-7.8||HIGH

EPSS-0.77% / 72.65%

||

7 Day CHG~0.00%

Published-08 Apr, 2025 | 17:23

Updated-08 Jul, 2025 | 17:12

Microsoft OneNote Security Feature Bypass Vulnerability

Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker to bypass a security feature locally.

Product-office onenote office_long_term_servicing_channel Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC for Mac 2024 Microsoft 365 Apps for Enterprise Microsoft Office LTSC 2024 Microsoft Office LTSC 2021 Microsoft OneNote Microsoft OneNote 2016 Microsoft Office 2019

CWE ID-CWE-184

Incomplete List of Disallowed Inputs

CVE-2025-29820

CVSS Score-7.8||HIGH

EPSS-0.14% / 34.64%

||

7 Day CHG~0.00%

Published-08 Apr, 2025 | 17:23

Updated-08 Jul, 2025 | 17:11

Microsoft Word Remote Code Execution Vulnerability

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Product-office sharepoint_enterprise_server 365_apps office_long_term_servicing_channel Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC for Mac 2024 Microsoft 365 Apps for Enterprise Microsoft Office LTSC 2024 Microsoft Office LTSC 2021 Microsoft Office 2016 Microsoft Office 2019 Microsoft SharePoint Enterprise Server 2016

CWE ID-CWE-416

Use After Free

CVE-2025-29792

CVSS Score-7.3||HIGH

EPSS-0.29% / 52.12%

||

7 Day CHG~0.00%

Published-08 Apr, 2025 | 17:23

Updated-09 Jul, 2025 | 16:58

Microsoft Office Elevation of Privilege Vulnerability

Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.

Product-office office_long_term_servicing_channel 365_apps Microsoft 365 Apps for Enterprise Microsoft Office LTSC 2024 Microsoft Office LTSC 2021 Microsoft Office 2016 Microsoft Office 2019

CWE ID-CWE-416

Use After Free

CVE-2025-29791

CVSS Score-7.8||HIGH

EPSS-1.81% / 82.09%

||

7 Day CHG~0.00%

Published-08 Apr, 2025 | 17:23

Updated-09 Jul, 2025 | 16:58

Microsoft Excel Remote Code Execution Vulnerability

Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.

Product-office office_long_term_servicing_channel 365_apps Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC for Mac 2024 Microsoft 365 Apps for Enterprise Microsoft Office LTSC 2024 Microsoft Office LTSC 2021 Microsoft Office 2016 Microsoft Office 2019

CWE ID-CWE-843

Access of Resource Using Incompatible Type ('Type Confusion')

CVE-2025-27750

CVSS Score-7.8||HIGH

EPSS-0.14% / 34.64%

||

7 Day CHG~0.00%

Published-08 Apr, 2025 | 17:23

Updated-09 Jul, 2025 | 16:57

Microsoft Excel Remote Code Execution Vulnerability

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Product-office office_long_term_servicing_channel excel 365_apps Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC for Mac 2024 Microsoft Excel 2016 Microsoft 365 Apps for Enterprise Microsoft Office LTSC 2024 Microsoft Office LTSC 2021 Microsoft Office 2019

CWE ID-CWE-416

Use After Free

CVE-2025-27752

CVSS Score-7.8||HIGH

EPSS-0.94% / 75.35%

||

7 Day CHG~0.00%

Published-08 Apr, 2025 | 17:23

Updated-09 Jul, 2025 | 16:57

Microsoft Excel Remote Code Execution Vulnerability

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Product-office office_long_term_servicing_channel 365_apps Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC for Mac 2024 Microsoft 365 Apps for Enterprise Microsoft Office LTSC 2024 Microsoft Office LTSC 2021 Microsoft Office 2016 Microsoft Office 2019

CWE ID-CWE-122

Heap-based Buffer Overflow

CVE-2025-27751

CVSS Score-7.8||HIGH

EPSS-0.51% / 65.31%

||

7 Day CHG~0.00%

Published-08 Apr, 2025 | 17:23

Updated-09 Jul, 2025 | 16:57

Microsoft Excel Remote Code Execution Vulnerability

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Product-office excel 365_apps office_online_server office_long_term_servicing_channel Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC for Mac 2024 Microsoft Excel 2016 Microsoft 365 Apps for Enterprise Office Online Server Microsoft Office LTSC 2024 Microsoft Office LTSC 2021 Microsoft Office 2019

CWE ID-CWE-416

Use After Free

CVE-2025-27749

CVSS Score-7.8||HIGH

EPSS-0.94% / 75.35%

||

7 Day CHG~0.00%

Published-08 Apr, 2025 | 17:23

Updated-09 Jul, 2025 | 16:57

Microsoft Office Remote Code Execution Vulnerability

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Product-office office_long_term_servicing_channel 365_apps Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC for Mac 2024 Microsoft 365 Apps for Enterprise Microsoft Office LTSC 2024 Microsoft Office LTSC 2021 Microsoft Office 2016 Microsoft Office 2019

CWE ID-CWE-416

Use After Free

CVE-2025-27747

CVSS Score-7.8||HIGH

EPSS-0.14% / 34.64%

||

7 Day CHG~0.00%

Published-08 Apr, 2025 | 17:23

Updated-09 Jul, 2025 | 13:59

Microsoft Word Remote Code Execution Vulnerability

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Product-office sharepoint_enterprise_server office_long_term_servicing_channel word sharepoint_server 365_apps Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC for Mac 2024 Microsoft 365 Apps for Enterprise Microsoft Office LTSC 2024 Microsoft Office LTSC 2021 Microsoft Office 2019 Microsoft Word 2016 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Server 2019

CWE ID-CWE-822

Untrusted Pointer Dereference

CVE-2025-27748

CVSS Score-7.8||HIGH

EPSS-0.94% / 75.35%

||

7 Day CHG~0.00%

Published-08 Apr, 2025 | 17:23

Updated-09 Jul, 2025 | 16:56

Microsoft Office Remote Code Execution Vulnerability

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Product-office office_long_term_servicing_channel 365_apps Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC for Mac 2024 Microsoft 365 Apps for Enterprise Microsoft Office LTSC 2024 Microsoft Office LTSC 2021 Microsoft Office 2016 Microsoft Office 2019

CWE ID-CWE-416

Use After Free

CVE-2025-27746

CVSS Score-7.8||HIGH

EPSS-0.14% / 34.64%

||

7 Day CHG~0.00%

Published-08 Apr, 2025 | 17:23

Updated-09 Jul, 2025 | 13:57

Microsoft Office Remote Code Execution Vulnerability

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Product-office office_online_server 365_apps sharepoint_server office_long_term_servicing_channel Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC for Mac 2024 Microsoft 365 Apps for Enterprise SharePoint Server Subscription Edition Language Pack Office Online Server Microsoft Office LTSC 2024 Microsoft Office LTSC 2021 Microsoft Office 2016 Microsoft Office 2019

CWE ID-CWE-416

Use After Free

CVE-2025-27745

CVSS Score-7.8||HIGH

EPSS-0.94% / 75.35%

||

7 Day CHG~0.00%

Published-08 Apr, 2025 | 17:23

Updated-09 Jul, 2025 | 13:55

Microsoft Office Remote Code Execution Vulnerability

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Product-office office_long_term_servicing_channel 365_apps Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC for Mac 2024 Microsoft 365 Apps for Enterprise Microsoft Office LTSC 2024 Microsoft Office LTSC 2021 Microsoft Office 2016 Microsoft Office 2019

CWE ID-CWE-416

Use After Free

CVE-2025-26630

CVSS Score-7.8||HIGH

EPSS-0.13% / 33.35%

||

7 Day CHG~0.00%

Published-11 Mar, 2025 | 16:59

Updated-03 Jul, 2025 | 15:12

Microsoft Access Remote Code Execution Vulnerability

Use after free in Microsoft Office Access allows an unauthorized attacker to execute code locally.

Product-office office_long_term_servicing_channel access 365_apps Microsoft Access 2016 Microsoft Office 2019 Microsoft Office LTSC 2021 Microsoft Office LTSC 2024 Microsoft Access 2016 (32-bit edition)Microsoft 365 Apps for Enterprise

CWE ID-CWE-416

Use After Free

CVE-2025-26629

CVSS Score-7.8||HIGH

EPSS-0.13% / 33.35%

||

7 Day CHG~0.00%

Published-11 Mar, 2025 | 16:59

Updated-01 Jul, 2025 | 19:47

Microsoft Office Remote Code Execution Vulnerability

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Product-365_apps office_long_term_servicing_channel Microsoft Office LTSC 2024 Microsoft 365 Apps for Enterprise

CWE ID-CWE-416

Use After Free

CVE-2025-24075

CVSS Score-7.8||HIGH

EPSS-0.13% / 33.35%

||

7 Day CHG~0.00%

Published-11 Mar, 2025 | 16:59

Updated-02 Jul, 2025 | 14:56

Microsoft Excel Remote Code Execution Vulnerability

Stack-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Product-office_online_server 365_apps office office_long_term_servicing_channel excel Microsoft Office 2019 Microsoft Office LTSC 2021 Office Online Server Microsoft Office LTSC for Mac 2024 Microsoft Excel 2016 Microsoft Office LTSC 2024 Microsoft 365 Apps for Enterprise Microsoft Office LTSC for Mac 2021

CWE ID-CWE-121

Stack-based Buffer Overflow

CVE-2025-24083

CVSS Score-7.8||HIGH

EPSS-0.14% / 34.59%

||

7 Day CHG~0.00%

Published-11 Mar, 2025 | 16:58

Updated-02 Jul, 2025 | 14:56

Microsoft Office Remote Code Execution Vulnerability

Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally.

Product-office office_long_term_servicing_channel 365_apps Microsoft Office 2019 Microsoft Office 2016 Microsoft Office LTSC 2021 Microsoft Office LTSC for Mac 2024 Microsoft Office LTSC 2024 Microsoft 365 Apps for Enterprise Microsoft Office LTSC for Mac 2021

CWE ID-CWE-822

Untrusted Pointer Dereference

CVE-2025-24082

CVSS Score-7.8||HIGH

EPSS-0.14% / 34.59%

||

7 Day CHG~0.00%

Published-11 Mar, 2025 | 16:58

Updated-02 Jul, 2025 | 14:55

Microsoft Excel Remote Code Execution Vulnerability

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Product-office_online_server 365_apps office office_long_term_servicing_channel excel Microsoft Office 2019 Microsoft Office LTSC 2021 Office Online Server Microsoft Office LTSC for Mac 2024 Microsoft Excel 2016 Microsoft Office LTSC 2024 Microsoft 365 Apps for Enterprise Microsoft Office LTSC for Mac 2021

CWE ID-CWE-416

Use After Free

CVE-2025-24081

CVSS Score-7.8||HIGH

EPSS-0.14% / 34.59%

||

7 Day CHG~0.00%

Published-11 Mar, 2025 | 16:58

Updated-02 Jul, 2025 | 14:56

Microsoft Excel Remote Code Execution Vulnerability

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Product-office_online_server 365_apps office office_long_term_servicing_channel excel Microsoft Office 2019 Microsoft Office LTSC 2021 Office Online Server Microsoft Office LTSC for Mac 2024 Microsoft Excel 2016 Microsoft Office LTSC 2024 Microsoft 365 Apps for Enterprise Microsoft Office LTSC for Mac 2021

CWE ID-CWE-416

Use After Free

CVE-2025-24080

CVSS Score-7.8||HIGH

EPSS-0.14% / 34.59%

||

7 Day CHG~0.00%

Published-11 Mar, 2025 | 16:58

Updated-02 Jul, 2025 | 14:56

Microsoft Office Remote Code Execution Vulnerability

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Product-office office_long_term_servicing_channel 365_apps Microsoft Office 2019 Microsoft Office 2016 Microsoft Office LTSC 2021 Microsoft Office LTSC 2024 Microsoft 365 Apps for Enterprise

CWE ID-CWE-416

Use After Free

CVE-2025-24079

CVSS Score-7.8||HIGH

EPSS-0.14% / 34.59%

||

7 Day CHG~0.00%

Published-11 Mar, 2025 | 16:58

Updated-02 Jul, 2025 | 14:29

Microsoft Word Remote Code Execution Vulnerability

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Product-office office_long_term_servicing_channel 365_apps word Microsoft 365 Apps for Enterprise Microsoft Office 2019 Microsoft Office LTSC 2021 Microsoft Office LTSC for Mac 2024 Microsoft Office LTSC 2024 Microsoft Word 2016 Microsoft Office LTSC for Mac 2021

CWE ID-CWE-416

Use After Free

CVE-2025-24078

CVSS Score-7||HIGH

EPSS-0.13% / 33.67%

||

7 Day CHG~0.00%

Published-11 Mar, 2025 | 16:58

Updated-02 Jul, 2025 | 14:31

Microsoft Word Remote Code Execution Vulnerability

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Product-office office_long_term_servicing_channel 365_apps word Microsoft 365 Apps for Enterprise Microsoft Office 2019 Microsoft Office LTSC 2021 Microsoft Office LTSC for Mac 2024 Microsoft Office LTSC 2024 Microsoft Word 2016 Microsoft Office LTSC for Mac 2021

CWE ID-CWE-416

Use After Free

CVE-2025-24077

CVSS Score-7.8||HIGH

EPSS-0.13% / 33.35%

||

7 Day CHG~0.00%

Published-11 Mar, 2025 | 16:58

Updated-02 Jul, 2025 | 14:31

Microsoft Word Remote Code Execution Vulnerability

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Product-office_long_term_servicing_channel 365_apps Microsoft Office LTSC 2024 Microsoft 365 Apps for Enterprise Microsoft Office LTSC for Mac 2024 Microsoft Office LTSC for Mac 2021

CWE ID-CWE-416

Use After Free

CVE-2025-24057

CVSS Score-7.8||HIGH

EPSS-0.32% / 54.04%

||

7 Day CHG~0.00%

Published-11 Mar, 2025 | 16:58

Updated-02 Jul, 2025 | 15:53

Microsoft Office Remote Code Execution Vulnerability

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

Product-office office_long_term_servicing_channel 365_apps Microsoft Office 2019 Microsoft Office 2016 Microsoft Office LTSC 2021 Microsoft Office LTSC for Mac 2024 Microsoft Office LTSC 2024 Microsoft 365 Apps for Enterprise Microsoft Office LTSC for Mac 2021

CWE ID-CWE-122

Heap-based Buffer Overflow

CVE-2025-21397

CVSS Score-7.8||HIGH

EPSS-0.13% / 33.41%

||

7 Day CHG~0.00%

Published-11 Feb, 2025 | 17:58

Updated-01 Jul, 2025 | 16:49

Microsoft Office Remote Code Execution Vulnerability

Product-365_apps office_long_term_servicing_channel Microsoft 365 Apps for Enterprise Microsoft Office LTSC 2024 Microsoft Office LTSC 2021

CWE ID-CWE-416

Use After Free

CVE-2025-21394

CVSS Score-7.8||HIGH

EPSS-0.13% / 33.41%

||

7 Day CHG~0.00%

Published-11 Feb, 2025 | 17:58

Updated-01 Jul, 2025 | 16:51

Microsoft Excel Remote Code Execution Vulnerability

Product-365_apps office office_long_term_servicing_channel excel office_online_server Microsoft Office LTSC for Mac 2024 Microsoft Office 2019 Microsoft 365 Apps for Enterprise Microsoft Office LTSC 2024 Office Online Server Microsoft Office LTSC 2021 Microsoft Office LTSC for Mac 2021 Microsoft Excel 2016

CWE ID-CWE-416

Use After Free

CVE-2025-21392

CVSS Score-7.8||HIGH

EPSS-0.15% / 36.19%

||

7 Day CHG~0.00%

Published-11 Feb, 2025 | 17:58

Updated-01 Jul, 2025 | 16:50

Microsoft Office Remote Code Execution Vulnerability

Product-365_apps office office_long_term_servicing_channel Microsoft Office LTSC for Mac 2024 Microsoft 365 Apps for Enterprise Microsoft Office 2016 Microsoft Office LTSC 2024 Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC 2021 Microsoft Office 2019

CWE ID-CWE-416

Use After Free

CVE-2025-21390

CVSS Score-7.8||HIGH

EPSS-0.13% / 33.41%

||

7 Day CHG~0.00%

Published-11 Feb, 2025 | 17:58

Updated-01 Jul, 2025 | 16:56

Microsoft Excel Remote Code Execution Vulnerability

Product-365_apps office office_long_term_servicing_channel excel office_online_server Microsoft Office LTSC for Mac 2024 Microsoft Office 2019 Microsoft 365 Apps for Enterprise Microsoft Office LTSC 2024 Office Online Server Microsoft Office LTSC 2021 Microsoft Office LTSC for Mac 2021 Microsoft Excel 2016

CWE ID-CWE-122

Heap-based Buffer Overflow

CVE-2025-21387

CVSS Score-7.8||HIGH

EPSS-0.17% / 38.35%

||

7 Day CHG~0.00%

Published-11 Feb, 2025 | 17:58

Updated-01 Jul, 2025 | 16:57

Microsoft Excel Remote Code Execution Vulnerability

Product-365_apps office office_long_term_servicing_channel excel office_online_server Microsoft Office LTSC for Mac 2024 Microsoft Office 2019 Microsoft 365 Apps for Enterprise Microsoft Office LTSC 2024 Office Online Server Microsoft Office LTSC 2021 Microsoft Office LTSC for Mac 2021 Microsoft Excel 2016

CWE ID-CWE-416

Use After Free

CVE-2025-21386

CVSS Score-7.8||HIGH

EPSS-0.13% / 33.41%

||

7 Day CHG~0.00%

Published-11 Feb, 2025 | 17:58

Updated-01 Jul, 2025 | 16:58

Microsoft Excel Remote Code Execution Vulnerability

Product-365_apps office office_long_term_servicing_channel excel office_online_server Microsoft Office LTSC for Mac 2024 Microsoft Office 2019 Microsoft 365 Apps for Enterprise Microsoft Office LTSC 2024 Office Online Server Microsoft Office LTSC 2021 Microsoft Office LTSC for Mac 2021 Microsoft Excel 2016

CWE ID-CWE-416

Use After Free

CVE-2025-21381

CVSS Score-7.8||HIGH

EPSS-0.32% / 54.12%

||

7 Day CHG~0.00%

Published-11 Feb, 2025 | 17:58

Updated-01 Jul, 2025 | 16:59

Microsoft Excel Remote Code Execution Vulnerability

Product-365_apps office office_long_term_servicing_channel excel office_online_server Microsoft Office LTSC for Mac 2024 Microsoft Office 2019 Microsoft 365 Apps for Enterprise Microsoft Office LTSC 2024 Office Online Server Microsoft Office LTSC 2021 Microsoft Office LTSC for Mac 2021 Microsoft Excel 2016

CWE ID-CWE-822

Untrusted Pointer Dereference

CVE-2025-21383

CVSS Score-7.8||HIGH

EPSS-0.10% / 28.90%

||

7 Day CHG~0.00%

Published-11 Feb, 2025 | 17:58

Updated-01 Jul, 2025 | 16:59

Microsoft Excel Information Disclosure Vulnerability

Product-365_apps office office_long_term_servicing_channel excel Microsoft Office LTSC for Mac 2024 Microsoft 365 Apps for Enterprise Microsoft Office LTSC 2024 Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC 2021 Microsoft Office 2019 Microsoft Excel 2016

CWE ID-CWE-125

Out-of-bounds Read

CVE-2025-21186

CVSS Score-7.8||HIGH

EPSS-0.30% / 52.45%

||

7 Day CHG~0.00%

Published-14 Jan, 2025 | 18:04

Updated-01 Jul, 2025 | 16:51

Microsoft Access Remote Code Execution Vulnerability

Product-office 365_apps access office_long_term_servicing_channel Microsoft Office LTSC 2021 Microsoft Access 2016 (32-bit edition)Microsoft Office LTSC 2024 Microsoft Access 2016 Microsoft 365 Apps for Enterprise Microsoft Office 2019

CWE ID-CWE-122

Heap-based Buffer Overflow

CVE-2025-21395

CVSS Score-7.8||HIGH

EPSS-0.39% / 59.45%

||

7 Day CHG~0.00%

Published-14 Jan, 2025 | 18:04

Updated-01 Jul, 2025 | 17:01

Microsoft Access Remote Code Execution Vulnerability

Product-office 365_apps access office_long_term_servicing_channel Microsoft Office LTSC 2021 Microsoft Access 2016 (32-bit edition)Microsoft Office LTSC 2024 Microsoft Access 2016 Microsoft 365 Apps for Enterprise Microsoft Office 2019

CWE ID-CWE-122

Heap-based Buffer Overflow

CVE-2025-21366

CVSS Score-7.8||HIGH

EPSS-0.39% / 59.45%

||

7 Day CHG~0.00%

Published-14 Jan, 2025 | 18:04

Updated-01 Jul, 2025 | 17:16

Microsoft Access Remote Code Execution Vulnerability

Product-office 365_apps access office_long_term_servicing_channel Microsoft Office LTSC 2021 Microsoft Access 2016 (32-bit edition)Microsoft Office LTSC 2024 Microsoft Access 2016 Microsoft 365 Apps for Enterprise Microsoft Office 2019

CWE ID-CWE-416

Use After Free

CVE-2025-21365

CVSS Score-7.8||HIGH

EPSS-0.34% / 56.26%

||

7 Day CHG~0.00%

Published-14 Jan, 2025 | 18:04

Updated-01 Jul, 2025 | 17:17

Microsoft Office Remote Code Execution Vulnerability

Product-365_apps office_long_term_servicing_channel Microsoft 365 Apps for Enterprise Microsoft Office LTSC 2024

CWE ID-CWE-426

Untrusted Search Path

CVE-2025-21364

CVSS Score-7.8||HIGH

EPSS-0.55% / 66.79%

||

7 Day CHG~0.00%

Published-14 Jan, 2025 | 18:04

Updated-01 Jul, 2025 | 17:18

Microsoft Excel Security Feature Bypass Vulnerability

Product-365_apps office_long_term_servicing_channel Microsoft 365 Apps for Enterprise Microsoft Office LTSC 2024

CWE ID-CWE-502

Deserialization of Untrusted Data

CVE-2025-21363

CVSS Score-7.8||HIGH

EPSS-0.30% / 52.90%

||

7 Day CHG~0.00%

Published-14 Jan, 2025 | 18:04

Updated-01 Jul, 2025 | 16:53

Microsoft Word Remote Code Execution Vulnerability

Product-365_apps office_long_term_servicing_channel Microsoft Office LTSC 2024 Microsoft 365 Apps for Enterprise Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC for Mac 2024

CWE ID-CWE-822

Untrusted Pointer Dereference

CVE-2025-21362

CVSS Score-8.4||HIGH

EPSS-0.41% / 60.80%

||

7 Day CHG~0.00%

Published-14 Jan, 2025 | 18:04

Updated-01 Jul, 2025 | 16:53

Microsoft Excel Remote Code Execution Vulnerability

Product-365_apps office office_long_term_servicing_channel excel office_online_server Microsoft Office LTSC 2021 Microsoft Office LTSC for Mac 2024 Microsoft Excel 2016 Office Online Server Microsoft Office LTSC 2024 Microsoft Office LTSC for Mac 2021 Microsoft 365 Apps for Enterprise Microsoft Office 2019

CWE ID-CWE-416

Use After Free

CVE-2025-21357

CVSS Score-6.7||MEDIUM

EPSS-0.12% / 31.55%

||

7 Day CHG~0.00%

Published-14 Jan, 2025 | 18:04

Updated-01 Jul, 2025 | 16:52

Microsoft Outlook Remote Code Execution Vulnerability

Product-365_apps office outlook office_long_term_servicing_channel Microsoft Office LTSC 2021 Microsoft Outlook 2016 Microsoft Office LTSC 2024 Microsoft 365 Apps for Enterprise Microsoft Office 2019

CWE ID-CWE-908

Use of Uninitialized Resource

CVE-2025-21356

CVSS Score-7.8||HIGH

EPSS-0.26% / 48.63%

||

7 Day CHG~0.00%

Published-14 Jan, 2025 | 18:04

Updated-01 Jul, 2025 | 16:52

Microsoft Office Visio Remote Code Execution Vulnerability

Product-365_apps office office_long_term_servicing_channel Microsoft Office LTSC 2021 Microsoft 365 Apps for Enterprise Microsoft Office 2019 Microsoft Office LTSC 2024

CWE ID-CWE-122

Heap-based Buffer Overflow

CWE ID-CWE-843

Access of Resource Using Incompatible Type ('Type Confusion')

CVE-2025-21354

CVSS Score-8.4||HIGH

EPSS-0.32% / 54.01%

||

7 Day CHG~0.00%

Published-14 Jan, 2025 | 18:04

Updated-25 Aug, 2025 | 02:11

Microsoft Excel Remote Code Execution Vulnerability

Product-office office_long_term_servicing_channel office_online_server 365_apps Microsoft Office LTSC 2021 Microsoft Office LTSC for Mac 2024 Office Online Server Microsoft Office LTSC 2024 Microsoft Office LTSC for Mac 2021 Microsoft 365 Apps for Enterprise Microsoft Office 2019

CWE ID-CWE-822

Untrusted Pointer Dereference

CVE-2025-21346

CVSS Score-7.1||HIGH

EPSS-0.24% / 46.21%

||

7 Day CHG~0.00%

Published-14 Jan, 2025 | 18:04

Updated-01 Jul, 2025 | 16:52

Microsoft Office Security Feature Bypass Vulnerability

Product-365_apps office office_long_term_servicing_channel Microsoft Office LTSC 2021 Microsoft Office 2016 Microsoft Office LTSC 2024 Microsoft 365 Apps for Enterprise Microsoft Office 2019

CWE ID-CWE-693

Protection Mechanism Failure

CVE-2025-21345

CVSS Score-7.8||HIGH

EPSS-0.30% / 52.97%

||

7 Day CHG~0.00%

Published-14 Jan, 2025 | 18:04

Updated-01 Jul, 2025 | 16:51

Microsoft Office Visio Remote Code Execution Vulnerability

Product-365_apps office office_long_term_servicing_channel Microsoft Office LTSC 2021 Microsoft 365 Apps for Enterprise Microsoft Office 2019 Microsoft Office LTSC 2024

CWE ID-CWE-416

Use After Free

CVE-2024-49065

CVSS Score-5.5||MEDIUM

EPSS-0.26% / 49.62%

||

7 Day CHG+0.07%

Published-10 Dec, 2024 | 17:49

Updated-13 May, 2025 | 15:25

Microsoft Office Remote Code Execution Vulnerability

Product-office_long_term_servicing_channel office word sharepoint_server 365_apps Microsoft Word 2016 Microsoft 365 Apps for Enterprise Microsoft Office LTSC 2021 Microsoft SharePoint Enterprise Server 2016 Microsoft Office 2019 Microsoft Office LTSC for Mac 2024 Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC 2024 Microsoft SharePoint Server 2019

CWE ID-CWE-125

Out-of-bounds Read

CVE-2024-49142

CVSS Score-7.8||HIGH

EPSS-0.23% / 45.72%

||

7 Day CHG+0.06%

Published-10 Dec, 2024 | 17:49

Updated-13 May, 2025 | 15:25

Microsoft Access Remote Code Execution Vulnerability