Microsoft: >> Office >> 16.0.16026.20172 Security Vulnerabilities
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVSS Score
8.4
EPSS Score
0.002
Published
2025-06-10
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVSS Score
8.4
EPSS Score
0.001
Published
2025-05-13
Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-05-13
Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-04-08
GDI+ Remote Code Execution Vulnerability
CVSS Score
7.8
EPSS Score
0.003
Published
2025-01-14
Microsoft Office Graphics Elevation of Privilege Vulnerability
CVSS Score
7.0
EPSS Score
0.001
Published
2023-10-10
Office for Android Spoofing Vulnerability
CVSS Score
5.5
EPSS Score
0.002
Published
2023-03-14
Buffer overflow in the Microsoft Office MSODataSourceControl ActiveX object allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to the DeleteRecordSourceIfUnused method.
CVSS Score
7.8
EPSS Score
0.466
Published
2007-06-19
The CERN Image Map Dispatcher (htimage.exe) in Microsoft FrontPage allows remote attackers to determine the existence, and possibly partial contents, of arbitrary files under the web root via a relative pathname in the PATH_INFO.
CVSS Score
6.4
EPSS Score
0.169
Published
2007-06-07
The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute arbitrary code via a malformed OLE object in an RTF file, which triggers memory corruption.
CVSS Score
9.3
EPSS Score
0.686
Published
2007-02-13
Page 1