Microsoft: >> Office Long Term Servicing Channel Security Vulnerabilities
Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker to bypass a security feature locally.
CVSS Score
7.8
EPSS Score
0.008
Published
2025-04-08
Improper input validation in Microsoft Office Word allows an unauthorized attacker to bypass a security feature over a network.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-04-08
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-04-08
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.018
Published
2025-04-08
Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.
CVSS Score
7.3
EPSS Score
0.003
Published
2025-04-08
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-04-08
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.009
Published
2025-04-08
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.009
Published
2025-04-08
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-04-08
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.005
Published
2025-04-08