CVE-2020-0901 — CVSS 9.8 (critical): A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka…
CVE-2020-1447 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft…
CVE-2026-40420 — CVSS 8.8 (high): Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.
CVE-2020-1240 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka…
CVE-2026-35436 — CVSS 8.8 (high): Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.
CVE-2020-1494 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An…
CVE-2020-1225 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka…
CVE-2020-1321 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory, aka…
CVE-2020-1495 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An…
CVE-2020-1583 — CVSS 8.8 (high): An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who…
CVE-2020-1498 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An…
CVE-2020-1226 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka…
CVE-2020-1496 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An…
CVE-2021-28455 — CVSS 8.8 (high): Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability
CVE-2020-1446 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft…
CVE-2025-62554 — CVSS 8.4 (high): Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-45461 — CVSS 8.4 (high): Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-45472 — CVSS 8.4 (high): Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-59236 — CVSS 8.4 (high): Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-45458 — CVSS 8.4 (high): Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-54910 — CVSS 8.4 (high): Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-53784 — CVSS 8.4 (high): Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-40364 — CVSS 8.4 (high): Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code…
CVE-2026-40363 — CVSS 8.4 (high): Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-26110 — CVSS 8.4 (high): Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-53733 — CVSS 8.4 (high): Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-33115 — CVSS 8.4 (high): Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-47167 — CVSS 8.4 (high): Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-20944 — CVSS 8.4 (high): Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-40367 — CVSS 8.4 (high): Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code…
CVE-2026-40366 — CVSS 8.4 (high): Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code…
CVE-2026-45474 — CVSS 8.4 (high): Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-26113 — CVSS 8.4 (high): Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-49696 — CVSS 8.4 (high): Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-45456 — CVSS 8.4 (high): Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2020-1193 — CVSS 7.8 (high): <p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory…
CVE-2020-1218 — CVSS 7.8 (high): <p>A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker…
CVE-2020-1332 — CVSS 7.8 (high): <p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory…
CVE-2020-1335 — CVSS 7.8 (high): <p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory…
CVE-2020-1338 — CVSS 7.8 (high): <p>A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker…
CVE-2020-1349 — CVSS 7.8 (high): A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka…
CVE-2020-1449 — CVSS 7.8 (high): A remote code execution vulnerability exists in Microsoft Project software when the software fails to check the source markup of a file…
CVE-2020-1458 — CVSS 7.8 (high): A remote code execution vulnerability exists when Microsoft Office improperly validates input before loading dynamic link library (DLL)…
CVE-2020-1563 — CVSS 7.8 (high): A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An…
CVE-2020-1581 — CVSS 7.8 (high): An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) components handle objects in memory. An…
CVE-2020-1582 — CVSS 7.8 (high): A remote code execution vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory. An…
CVE-2020-1594 — CVSS 7.8 (high): <p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory…
CVE-2020-16928 — CVSS 7.8 (high): <p>An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. An…
CVE-2020-16929 — CVSS 7.8 (high): <p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory…
CVE-2020-16930 — CVSS 7.8 (high): <p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory…
CVE-2020-16931 — CVSS 7.8 (high): <p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory…
CVE-2020-16932 — CVSS 7.8 (high): <p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory…
CVE-2020-16954 — CVSS 7.8 (high): <p>A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory…
CVE-2020-16955 — CVSS 7.8 (high): <p>An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. An…
CVE-2020-16957 — CVSS 7.8 (high): <p>A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory…