VYPR

Powerpoint

by Microsoft

CVEs (90)

  • CVE-2009-0556HigKEVApr 3, 2009
    risk 0.75cvss 8.8epss 0.68

    Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3, and PowerPoint in Microsoft Office 2004 for Mac, allows remote attackers to execute arbitrary code via a PowerPoint file with an OutlineTextRefAtom containing an an invalid index value that triggers memory corruption,…

  • CVE-2007-0671HigKEVFeb 3, 2007
    risk 0.73cvss 8.8epss 0.42

    Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks.

  • CVE-2015-2424HigKEVJul 14, 2015
    risk 0.72cvss 8.8epss 0.39

    Microsoft PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, Word 2010 SP2, PowerPoint 2013 SP1, Word 2013 SP1, and PowerPoint 2013 RT SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka…

  • CVE-2010-2572HigKEVNov 10, 2010
    risk 0.68cvss 7.8epss 0.63

    Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint 95 document, aka "PowerPoint Parsing Buffer Overflow Vulnerability."

  • CVE-2018-8376HigAug 15, 2018
    risk 0.59cvss 8.8epss 0.18

    A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft PowerPoint.

  • CVE-2018-8176HigMay 23, 2018
    risk 0.59cvss 8.8epss 0.22

    A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly validate XML content, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft Office.

  • CVE-2017-8743HigSep 13, 2017
    risk 0.52cvss 7.8epss 0.21

    A remote code execution vulnerability exists in Microsoft PowerPoint 2016, Microsoft SharePoint Enterprise Server 2016, and Office Online Server when they fail to properly handle objects in memory, aka "PowerPoint Remote Code Execution Vulnerability". This CVE ID is unique from…

  • CVE-2017-8742HigSep 13, 2017
    risk 0.52cvss 7.8epss 0.21

    A remote code execution vulnerability exists in Microsoft PowerPoint 2007 Service Pack 3, Microsoft PowerPoint 2010 Service Pack 2, Microsoft PowerPoint 2013 Service Pack 1, Microsoft PowerPoint 2013 RT Service Pack 1, Microsoft PowerPoint 2016, Microsoft PowerPoint Viewer 2007,…

  • CVE-2017-8513HigJun 15, 2017
    risk 0.52cvss 7.8epss 0.17

    A remote code execution vulnerability exists in Microsoft PowerPoint when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability".

  • CVE-2016-7230HigNov 10, 2016
    risk 0.52cvss 7.8epss 0.18

    Microsoft PowerPoint 2010 SP2, PowerPoint Viewer, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

  • CVE-2016-3360HigSep 14, 2016
    risk 0.52cvss 7.8epss 0.17

    Microsoft PowerPoint 2007 SP3, PowerPoint 2010 SP2, PowerPoint 2013 SP1, PowerPoint 2013 RT SP1, PowerPoint 2016 for Mac, Office Compatibility Pack SP3, PowerPoint Viewer, SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote…

  • CVE-2026-32200HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

  • CVE-2024-20673HigFeb 13, 2024
    risk 0.51cvss 7.8epss 0.01

    Microsoft Office Remote Code Execution Vulnerability

  • CVE-2026-41102HigMay 12, 2026
    risk 0.46cvss 7.1epss 0.00

    Improper access control in Microsoft Office PowerPoint allows an authorized attacker to perform spoofing locally.

  • CVE-2026-26133HigMar 16, 2026
    risk 0.46cvss 7.1epss 0.00

    AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.

  • CVE-2016-3279MedJul 13, 2016
    risk 0.37cvss 5.5epss 0.16

    Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Excel 2016, Word 2016, Word Automation Services on SharePoint Server 2010 SP2, and…

  • CVE-2016-0012MedJan 13, 2016
    risk 0.29cvss 4.3epss 0.11

    Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, Word 2013 SP1, Excel 2013 RT…

  • CVE-2010-0033Feb 10, 2010
    risk 0.07cvss epss 0.51

    Stack-based buffer overflow in Microsoft Office PowerPoint 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint Viewer TextBytesAtom Record Stack Overflow Vulnerability."

  • CVE-2004-0200Sep 28, 2004
    risk 0.07cvss epss 0.49

    Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length…

  • CVE-2015-0097Mar 11, 2015
    risk 0.06cvss epss 0.41

    Microsoft Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Excel 2010 SP2, PowerPoint 2010 SP2, and Word 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Word Local Zone Remote Code Execution Vulnerability."

Page 1 of 5