CVE-2026-32189 high 7.8
7.8
microsoft 2mo ago
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-32188 high 7.1
7.1
microsoft 2mo ago
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
CVE-2026-32184 high 7.8
7.8
microsoft 2mo ago
Deserialization of untrusted data in Microsoft High Performance Compute Pack (HPC) allows an authorized attacker to elevate privileges locally.
CVE-2026-32171 high 8.8
8.8
microsoft 2mo ago
Insufficiently protected credentials in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.
CVE-2026-32168 high 7.8
7.8
microsoft 2mo ago
Improper input validation in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
CVE-2026-32157 high 8.8
8.8
FIX windows microsoft 2mo ago
Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-26149 critical 9.0
9.0
microsoft 2mo ago
Improper neutralization of escape, meta, or control sequences in Microsoft Power Apps allows an authorized attacker to perform spoofing over a network.
CVE-2026-26143 high 7.8
7.8
microsoft 2mo ago
Improper input validation in Microsoft PowerShell allows an unauthorized attacker to bypass a security feature locally.
CVE-2026-23666 high 7.5
7.5
windows microsoft 2mo ago
Improper input validation in .NET Framework allows an unauthorized attacker to deny service over a network.
CVE-2026-23657 high 7.8
7.8
microsoft 2mo ago
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-26134 high 7.8
7.8
microsoft 3mo ago
Integer overflow or wraparound in Microsoft Office allows an authorized attacker to elevate privileges locally.
CVE-2026-26110 high 7.8
7.8
microsoft 3mo ago
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-24285 high 7.0
7.0
FIX windows microsoft 3mo ago
Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.
CVE-2025-62557 high 7.8
7.8
microsoft 6mo ago
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-62554 high 7.8
7.8
microsoft 6mo ago
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-62199 high 7.8
7.8
microsoft 7mo ago
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-60724 critical 9.8
9.8
FIX windows microsoft 7mo ago
Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network.
CVE-2025-59234 high 7.8
7.8
microsoft 8mo ago
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-59227 high 7.8
7.8
microsoft 8mo ago
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-53766 critical 9.8
9.8
FIX windows microsoft 10mo ago
Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network.
CVE-2025-53732 high 7.8
7.8
microsoft 10mo ago
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-49702 high 7.8
7.8
microsoft 11mo ago
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-49697 high 8.4
8.4
microsoft 11mo ago
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-49696 high 8.4
8.4
microsoft 11mo ago
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-49695 high 8.4
8.4
microsoft 11mo ago
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-47953 high 8.4
8.4
microsoft 1y ago
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-47167 high 8.4
8.4
microsoft 1y ago
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-47164 high 8.4
8.4
microsoft 1y ago
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-47162 high 8.4
8.4
microsoft 1y ago
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-30388 high 7.8
7.8
FIX windows microsoft 1y ago
Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
CVE-2025-30386 high 7.8
7.8
microsoft 1y ago
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-26687 high 7.5
7.5
FIX windows microsoft 1y ago
Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-21402 high 7.8
7.8
microsoft 1y ago
Microsoft Office OneNote Remote Code Execution Vulnerability
CVE-2025-21361 high 7.8
7.8
microsoft 1y ago
Microsoft Outlook Remote Code Execution Vulnerability
CVE-2025-21338 high 7.8
7.8
FIX windows microsoft 1y ago
GDI+ Remote Code Execution Vulnerability
CVE-2024-38250 high 7.8
7.8
FIX windows microsoft 2y ago
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-30104 high 7.8
7.8
microsoft 2y ago
Microsoft Office Remote Code Execution Vulnerability
CVE-2024-30103 high 8.8
8.8
microsoft 2y ago
Microsoft Outlook Remote Code Execution Vulnerability
CVE-2024-30101 high 7.5
7.5
microsoft 2y ago
Microsoft Office Remote Code Execution Vulnerability
CVE-2024-26257 high 7.8
7.8
microsoft 2y ago
Microsoft Excel Remote Code Execution Vulnerability
CVE-2024-20673 high 7.8
7.8
microsoft 2y ago
Microsoft Office Remote Code Execution Vulnerability
CVE-2023-44487 high 7.5
10.0
KEV EXP FIX rocky rhel debian siemens ietf nghttp2 3y ago
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2023-36565 high 7.0
7.0
microsoft 3y ago
Microsoft Office Graphics Elevation of Privilege Vulnerability
CVE-2023-33161 high 7.8
7.8
microsoft 3y ago
Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-33158 high 7.8
7.8
microsoft 3y ago
Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-33153 high 8.8
8.8
microsoft 3y ago
Microsoft Outlook Remote Code Execution Vulnerability
CVE-2023-33152 high 7.8
7.8
microsoft 3y ago
Microsoft ActiveX Remote Code Execution Vulnerability
CVE-2023-33150 critical 9.6
9.6
microsoft 3y ago
Microsoft Office Security Feature Bypass Vulnerability
CVE-2023-33149 high 7.8
7.8
microsoft 3y ago
Microsoft Office Graphics Remote Code Execution Vulnerability
CVE-2023-33148 high 7.8
8.8
EXP microsoft 3y ago
Microsoft Office Elevation of Privilege Vulnerability
CVE-2023-29335 high 7.5
7.5
windows microsoft 3y ago
Microsoft Word Security Feature Bypass Vulnerability
CVE-2023-29333 low 3.3
3.3
microsoft 3y ago
Microsoft Access Denial of Service Vulnerability
CVE-2023-23398 high 7.1
7.1
microsoft 3y ago
Microsoft Excel Spoofing Vulnerability
CVE-2022-44696 high 7.8
7.8
microsoft 4y ago
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2022-44695 high 7.8
7.8
microsoft 4y ago
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2022-44694 high 7.8
7.8
microsoft 4y ago
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2022-44702 high 7.8
7.8
windows microsoft 4y ago
Windows Terminal Remote Code Execution Vulnerability
CVE-2022-41107 high 7.8
7.8
microsoft 4y ago
Microsoft Office Graphics Remote Code Execution Vulnerability
CVE-2022-41106 high 8.8
8.8
microsoft 4y ago
Microsoft Excel Remote Code Execution Vulnerability
CVE-2022-41063 high 7.8
7.8
microsoft 4y ago
Microsoft Excel Remote Code Execution Vulnerability
CVE-2022-41061 high 7.8
7.8
microsoft 4y ago
Microsoft Word Remote Code Execution Vulnerability
CVE-2022-38013 high 7.5
7.5
rhel rocky fedora microsoft 4y ago
RHSA-2022:6539: .NET 6.0 security and bugfix update (Moderate)
CVE-2022-29109 high 7.8
7.8
microsoft 4y ago
Microsoft Excel Remote Code Execution Vulnerability
CVE-2022-29145 high 7.5
7.5
rhel sles rocky microsoft 4y ago
RHSA-2022:2202: .NET Core 3.1 security, bug fix, and enhancement update (Important)
CVE-2022-29117 high 7.5
7.5
rhel sles rocky microsoft 4y ago
RHSA-2022:2202: .NET Core 3.1 security, bug fix, and enhancement update (Important)
CVE-2022-26901 high 7.8
7.8
microsoft 4y ago
Microsoft Excel Remote Code Execution Vulnerability
CVE-2022-24473 high 7.8
7.8
microsoft 4y ago
Microsoft Excel Remote Code Execution Vulnerability
CVE-2022-24510 high 7.8
7.8
microsoft 4y ago
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2022-24509 high 7.8
7.8
microsoft 4y ago
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2022-24461 high 7.8
7.8
microsoft 4y ago
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2022-24501 high 7.8
7.8
microsoft 4y ago
VP9 Video Extensions Remote Code Execution Vulnerability
CVE-2022-24464 high 7.5
7.5
rocky fedora rhel microsoft 4y ago
RHSA-2022:0830: .NET 5.0 security and bugfix update (Important)
CVE-2022-24457 high 7.8
7.8
microsoft 4y ago
HEIF Image Extensions Remote Code Execution Vulnerability
CVE-2022-24451 high 7.8
7.8
microsoft 4y ago
VP9 Video Extensions Remote Code Execution Vulnerability
CVE-2022-23282 high 7.8
7.8
microsoft 4y ago
Paint 3D Remote Code Execution Vulnerability
CVE-2022-22709 high 7.8
7.8
microsoft 4y ago
VP9 Video Extensions Remote Code Execution Vulnerability
CVE-2022-21841 high 7.8
7.8
microsoft 4y ago
Microsoft Excel Remote Code Execution Vulnerability
CVE-2022-21840 high 8.8
8.8
microsoft 4y ago
Microsoft Office Remote Code Execution Vulnerability
CVE-2021-43875 high 7.8
7.8
microsoft 5y ago
Microsoft Office Graphics Remote Code Execution Vulnerability
CVE-2021-43256 high 7.8
7.8
microsoft 5y ago
Microsoft Excel Remote Code Execution Vulnerability
CVE-2021-42296 high 7.8
7.8
microsoft 5y ago
Microsoft Word Remote Code Execution Vulnerability
CVE-2020-17091 high 7.8
7.8
microsoft 6y ago
Microsoft Teams Remote Code Execution Vulnerability
CVE-2020-17003 high 7.8
7.8
microsoft 6y ago
<p>A remote code execution vulnerability exists when the Base3D rendering engine improperly handles memory.</p>
<p>An attacker who successfully exploited the vulnerability would gain execution on a v…
CVE-2020-16918 high 7.8
7.8
microsoft 6y ago
<p>A remote code execution vulnerability exists when the Base3D rendering engine improperly handles memory.</p>
<p>An attacker who successfully exploited the vulnerability would gain execution on a v…
CVE-2017-11936 high 8.8
8.8
microsoft 9y ago
Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability due to the way web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability".
CVE-2017-11935 high 7.8
7.8
microsoft 9y ago
Microsoft Office 2016 Click-to-Run (C2R) allows a remote code execution vulnerability due to the way files are handled in memory, aka "Microsoft Excel Remote Code Execution Vulnerability".
CVE-2017-11932 high 8.1
8.1
microsoft 9y ago
Microsoft Exchange Server 2016 CU5 and Microsoft Exchange Server 2016 CU5 allow a spoofing vulnerability due to the way Outlook Web Access (OWA) validates web requests, aka "Microsoft Exchange Spoofi…
CVE-2017-11930 high 7.5
7.5
windows microsoft 9y ago
ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows …
CVE-2017-11918 high 7.5
8.5
EXP windows microsoft 9y ago
ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engine …
CVE-2017-11916 high 7.5
7.5
microsoft 9y ago
ChakraCore RCE Vulnerability
CVE-2017-11914 high 7.5
8.5
EXP windows microsoft 9y ago
ChakraCore vulnerable to privilege escalation due to exposure from scriptFunction
CVE-2017-11913 high 7.5
7.5
windows microsoft 9y ago
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2…
CVE-2017-11912 high 7.5
7.5
windows microsoft 9y ago
ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in W…
CVE-2017-11911 high 7.5
8.5
EXP windows microsoft 9y ago
ChakraCore RCE Vulnerability
CVE-2017-11910 high 7.5
7.5
windows microsoft 9y ago
ChakraCore vulnerable to remote code execution due to insufficient InlineCache check
CVE-2017-11909 high 7.5
8.5
EXP windows microsoft 9y ago
ChakraCore vulnerable to remote code execution
CVE-2017-11908 high 7.5
7.5
windows microsoft 9y ago
ChakraCore RCE Vulnerability
CVE-2017-11907 high 7.5
8.5
EXP windows microsoft 9y ago
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2…
CVE-2017-11905 high 7.5
7.5
windows microsoft 9y ago
ChakraCore RCE Vulnerability
CVE-2017-11903 high 7.5
8.5
EXP windows microsoft 9y ago
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2…
