VDB

GCVE-110-NCSC-2025-12

GCVE-110-NCSC-2025-12
Advisory PublishedCVSS 7.8/10
Vulnetix · Advisory published January 14, 2025
Microsoft heeft kwetsbaarheden verholpen in diverse Office producten.

Weaknesses (CWE)

CWE-122Heap-based Buffer OverflowCWE-190Integer Overflow or WraparoundCWE-20Improper Input ValidationCWE-416Use After FreeCWE-693Protection Mechanism FailureCWE-285Improper AuthorizationCWE-822Untrusted Pointer DereferenceCWE-843Access of Resource Using Incompatible Type ('Type Confusion')CWE-908Use of Uninitialized ResourceCWE-269Improper Privilege ManagementCWE-641Improper Restriction of Names for Files and Other ResourcesCWE-502Deserialization of Untrusted DataCWE-426Untrusted Search PathCWE-918Server-Side Request Forgery (SSRF)CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Risk Scores

CVSS 3.1
7.8/10
High · CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Affected Products

VendorProductVersionsPlatforms
microsoftmicrosoft_office_for_universal
microsoftmicrosoft_365_apps_for_enterprise
microsoftmicrosoft_office_ltsc_for_mac_2024
microsoftmicrosoft_office_2019
microsoftmicrosoft_office_ltsc_2021
microsoftmicrosoft_access_2016__32-bit_edition_
microsoftmicrosoft_outlook_2016
microsoftmicrosoft_access_2016
microsoftmicrosoft_sharepoint_enterprise_server_2016
microsoftmicrosoft_office_for_ios
microsoftoffice_online_server
microsoftmicrosoft_onenote
microsoftmicrosoft_excel_2016
microsoftmicrosoft_office_ltsc_2024
microsoftmicrosoft_purview
microsoftoffice_purview
microsoftmicrosoft_office_for_mac
microsoftmicrosoft_office_2016
microsoftmicrosoft_outlook_for_mac
microsoftmicrosoft_autoupdate_for_mac
microsoftmicrosoft_office_for_android
microsoftmicrosoft_office_ltsc_for_mac_2021
microsoftmicrosoft_sharepoint_server_subscription_edition
microsoftmicrosoft_sharepoint_server_2019

References

advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory

Browse GCVE Records

72,664 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›