CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.10)
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
An integer underflow issue in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
An integer underflow (wrap or wraparound) vulnerability in Microsoft Office allows an unauthorized attacker to execute code locally.
A Use-After-Free vulnerability in Microsoft Office allows an unauthorized attacker to execute code locally. The issue stems from improper memory management when processing specially crafted files.
A Use-After-Free vulnerability in Microsoft Office allows an unauthorized attacker to execute code locally. The issue stems from improper memory management when processing specially crafted files.
An out-of-bounds read vulnerability in Microsoft Office Word allows an unauthorized attacker to execute code locally.
A vulnerability in Microsoft Office related to access of resource using incompatible type ('type confusion') allows an unauthorized attacker to execute code locally.
A specially crafted PKCS#7 or S/MIME signed message can trigger a use-after-free during signature verification in OpenSSL. The flaw occurs when the digestAlgorithms field is an empty ASN.1 SET, causing incorrect freeing of a caller-owned BIO.
CVE-2026-45445 vulnerability concerns the AES-OCB context where the application-supplied initialization vector (IV) is ignored. This leads to key and nonce reuse, jeopardizing data confidentiality.
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
A numeric truncation error in Microsoft Office Excel allows an unauthorized attacker to execute code locally. The vulnerability can be exploited by opening a specially crafted file.
An out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.
An out-of-bounds read vulnerability in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
A race condition vulnerability in Microsoft Office Excel due to improper synchronization of shared resources allows an unauthorized attacker to execute code locally.
A type confusion vulnerability in Microsoft Office Excel allows an unauthorized attacker to execute code locally. The flaw arises from accessing a resource using an incompatible data type.
A use after free vulnerability in the Windows DWM Core Library allows an authorized attacker to locally elevate privileges.
Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
A heap-based buffer overflow in the Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
Improper authentication in Windows Cryptographic Services allows an unauthorized attacker to elevate privileges locally.

