Product:

Word

(Microsoft)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 218
Date Id Summary Products Score Patch Annotated
2000-10-20 CVE-2000-0788 The Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic (VBA) scripts in an Access database, which could allow an attacker to execute arbitrary commands. Access, Word N/A
2021-05-11 CVE-2021-31178 Microsoft Office Information Disclosure Vulnerability 365_apps, Excel, Office, Office_online_server, Office_web_apps_server, Word 5.5
2021-10-13 CVE-2021-40486 Microsoft Word Remote Code Execution Vulnerability Office, Office_online_server, Office_web_apps_server, Sharepoint_enterprise_server, Sharepoint_server, Word 7.8
2023-07-11 CVE-2023-33150 Microsoft Office Security Feature Bypass Vulnerability 365_apps, Office, Word 9.6
2022-03-09 CVE-2022-24511 Microsoft Office Word Tampering Vulnerability 365_apps, Office, Word 5.5
2022-04-15 CVE-2022-26903 Windows Graphics Component Remote Code Execution Vulnerability Excel, Excel_mobile, Powerpoint, Powerpoint_mobile, Windows_10, Windows_11, Windows_7, Windows_8\.1, Windows_rt_8\.1, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Word, Word_mobile 7.8
2022-11-09 CVE-2022-41060 Microsoft Word Information Disclosure Vulnerability 365_apps, Office, Office_online_server, Office_web_apps_server, Sharepoint_enterprise_server, Sharepoint_server, Word 5.5
2022-11-09 CVE-2022-41061 Microsoft Word Remote Code Execution Vulnerability 365_apps, Office, Office_online_server, Office_web_apps_server, Sharepoint_enterprise_server, Sharepoint_server, Word 7.8
2022-11-09 CVE-2022-41103 Microsoft Word Information Disclosure Vulnerability 365_apps, Office, Office_online_server, Office_web_apps_server, Sharepoint_enterprise_server, Sharepoint_server, Word 5.5
1999-11-01 CVE-1999-0354 Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the IE client through the Word 97 template, which doesn't warn the user that the template contains executable content. Also applies to Outlook when the client views a malicious email message. Internet_explorer, Word N/A