Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (307 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-2747 1 Microsoft 2 Office, Word 2025-04-11 N/A
Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle an uninitialized pointer during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka "Word Uninitialized Pointer Vulnerability."
CVE-2013-1335 1 Microsoft 2 Word, Word Viewer 2025-04-11 N/A
Microsoft Word 2003 SP3 and Word Viewer allow remote attackers to execute arbitrary code via crafted shape data in a Word document, aka "Word Shape Corruption Vulnerability."
CVE-2010-3214 1 Microsoft 7 Office, Office Compatibility Pack, Office Web Apps and 4 more 2025-04-11 N/A
Stack-based buffer overflow in Microsoft Word 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; Word Viewer; Office Web Apps; and Word Web App allows remote attackers to execute arbitrary code via a crafted Word document, aka "Word Stack Overflow Vulnerability."
CVE-2012-0287 2 Microsoft, Wordpress 2 Internet Explorer, Wordpress 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in wp-comments-post.php in WordPress 3.3.x before 3.3.1, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via the query string in a POST operation that is not properly handled by the "Duplicate comment detected" feature.
CVE-2010-3218 1 Microsoft 1 Word 2025-04-11 N/A
Heap-based buffer overflow in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via malformed records in a Word document, aka "Word Heap Overflow Vulnerability."
CVE-2010-1902 1 Microsoft 5 Office, Office Compatibility Pack, Office Word Viewer and 2 more 2025-04-11 N/A
Buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code via unspecified properties in the data in a crafted RTF document, aka "Word RTF Parsing Buffer Overflow Vulnerability."
CVE-2013-3857 1 Microsoft 5 Office Compatibility Pack, Office Web Apps, Sharepoint Server and 2 more 2025-04-11 N/A
Microsoft Word Automation Services in SharePoint Server 2010 SP1 and SP2, Word Web App 2010 SP1 and SP2 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1 and SP2, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability."
CVE-2010-3221 1 Microsoft 3 Office, Word, Word Viewer 2025-04-11 N/A
Microsoft Word 2002 SP3 and 2003 SP3, Office 2004 for Mac, and Word Viewer do not properly handle a malformed record during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka "Word Parsing Vulnerability."
CVE-2010-3220 1 Microsoft 2 Office, Word 2025-04-11 N/A
Unspecified vulnerability in Microsoft Word 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Word document that triggers memory corruption, aka "Word Parsing Vulnerability."
CVE-2010-3219 1 Microsoft 1 Word 2025-04-11 N/A
Array index vulnerability in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via a crafted Word document that triggers memory corruption, aka "Word Index Parsing Vulnerability."
CVE-2010-3217 1 Microsoft 1 Word 2025-04-11 N/A
Double free vulnerability in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via a Word document with crafted List Format Override (LFO) records, aka "Word Pointer Vulnerability."
CVE-2010-3215 1 Microsoft 2 Office, Word 2025-04-11 N/A
Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle unspecified return values during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka "Word Return Value Vulnerability."
CVE-2010-3200 1 Microsoft 1 Word 2025-04-11 N/A
MSO.dll in Microsoft Word 2003 SP3 11.8326.11.8324 allows remote attackers to cause a denial of service (NULL pointer dereference and multiple-instance application crash) via a crafted buffer in a Word document, as demonstrated by word_crash_11.8326.8324_poc.doc.
CVE-2023-21716 1 Microsoft 8 Office, Office Long Term Servicing Channel, Office Online Server and 5 more 2025-02-28 9.8 Critical
Microsoft Word Remote Code Execution Vulnerability
CVE-2022-26903 1 Microsoft 27 Excel, Excel Mobile, Powerpoint and 24 more 2025-01-02 7.8 High
Windows Graphics Component Remote Code Execution Vulnerability
CVE-2022-21842 1 Microsoft 3 Sharepoint Enterprise Server, Sharepoint Server, Word 2025-01-02 7.8 High
Microsoft Word Remote Code Execution Vulnerability
CVE-2021-40486 1 Microsoft 6 Office, Office Online Server, Office Web Apps Server and 3 more 2024-11-21 7.8 High
Microsoft Word Remote Code Execution Vulnerability
CVE-2021-34452 1 Microsoft 3 365 Apps, Office, Word 2024-11-21 7.8 High
Microsoft Word Remote Code Execution Vulnerability
CVE-2021-31180 1 Microsoft 3 365 Apps, Office, Word 2024-11-21 7.8 High
Microsoft Office Graphics Remote Code Execution Vulnerability
CVE-2021-31178 1 Microsoft 6 365 Apps, Excel, Office and 3 more 2024-11-21 5.5 Medium
Microsoft Office Information Disclosure Vulnerability