CVE-2026-46722

The OOXML parsing of the file indexer does not disable external entity resolution. A crafted xlsx or pptx document placed in an indexed directory can cause local files to be read or outbound HTTP requests to be performed, with the retrieved content being written to the search index...

PT-2026-41862

The OOXML parsing of the file indexer does not disable external entity resolution. A crafted xlsx or pptx document placed in an indexed directory can cause local files to be read or outbound HTTP requests to be performed, with the retrieved content being written to the search index...

EUVD-2026-12525

A vulnerability was determined in taoofagi easegen-admin up to 8f87936ac774065b92fb20aab55b274a6ea76433. This issue affects the function downloadFile of the file - yudao-module-digitalcourse/yudao-module-digitalcourse-biz/src/main/java/cn/iocoder/yudao/module/digitalcourse/util/PPTUtil.java of th...

EUVD-2017-11934

Malware in sbrugna...

PT-2024-6658 · Microsoft · Office Powerpoint

Name of the Vulnerable Software and Affected Versions: Microsoft PowerPoint affected versions not specified Description: The issue is related to a use-after-free vulnerability in Microsoft PowerPoint, specifically in the parsing of PPTX files. This vulnerability can be exploited to allow an...

PT-2024-12555 · Document Foundation · Libreoffice

Name of the Vulnerable Software and Affected Versions: The Document Foundation Libreoffice version 7.4.7 Description: An issue in The Document Foundation Libreoffice allows a remote attacker to cause a denial of service via a crafted .ppt file. Recommendations: For version 7.4.7, consider avoidin...

Attackers Target Intuit Users by Threatening to Cancel Tax Accounts

Just in time for tax season, Intuit is warning customers of a phishing campaign that threatens to close user accounts if they don’t click on a malicious link. The attacks on the accounting-software specialist that many people use for filing U.S. income tax forms comes as phishers overall are...

CVE-2021-38104

IPPP72.FLT in Corel Presentations 2020 20.0.0.200 is affected by an Out-of-bounds Read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to access unauthorized system memory in the context of the current user. Exploitation of this issue...

Office8570

This is a Microsoft PowerPoint presentation file .ppt that contains a malicious payload. The file is encoded with a password, and the presentation itself contains a malicious VBA Visual Basic for Applications macro that can be used to deliver a payload. The presentation contains a slide layout th...

CVE-2019-0801

A remote code execution vulnerability exists when Microsoft Office fails to properly handle certain files.To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted URL file that points to an Excel or PowerPoint file that was also downloaded.The update...

Denial of Service Vulnerability in WPS Office 2016 Presentation

WPS office is an office software suite independently developed by Kingsoft Corporation. A denial of service vulnerability exists in WPS presentation wpp.exe in WPS when parsing a specific ppt file, which can be exploited by an attacker to cause a denial of service attack...

Null pointer reference vulnerability in WPS Office 2016 presentation kso module (CNVD-2018-04915)

WPS office is an office software suite independently developed by Kingsoft Corporation. WPS presentation wpp.exe in WPS has a null pointer reference vulnerability in the kso module when parsing a specific ppt file, which can be exploited by an attacker to cause a denial of service attack or code...

CVE-2017-17967

pptreader.dll in Kingsoft WPS Office 10.1.0.6930 allows remote attackers to cause a denial of service via a crafted PPT file, aka CNVD-2017-35482...

Denial of Service Vulnerability in WPS Presentation (CNVD-2017-33992)

WPS office is an office software suite independently developed by Kingsoft Corporation. The WPS presentation wpp.exe in WPS has an out-of-bounds read error to memory when parsing a specific ppt file, which can be exploited by attackers to cause a denial of service...

WPS Presentation suffers from a null pointer reference vulnerability (CNVD-2017-33983)

WPS office is an office software suite independently developed by Kingsoft Corporation. The WPS presentation wpp.exe in WPS has a null pointer reference vulnerability in the kso module when parsing a specific ppt file, which can be exploited by an attacker to cause a denial of service or code...

Memory Corruption Vulnerability in WPS Presentation

WPS Office is an office software suite developed independently by Kingsoft Corporation. A memory corruption vulnerability exists in WPS presentation wpp.exe in WPS when parsing a specific ppt file, which can be exploited by an attacker to cause a denial of service or execute arbitrary code...

Exploit for CVE-2017-8570

Based on the provided context, here is a summary of the analysis: Classification: Exploit toolkit for CVE-2017-8570, a Microsoft Office PPSX RCE vulnerability. Primary Functionality: The toolkit generates a malicious PPSX file and delivers a payload either local or remote to the victim. Key...

MarkLogic MarkLogic Antenna House DMC HTMLFilter Heap Buffer Overflow Vulnerability

MarkLogic MarkLogic is a database software from MarkLogic Corporation, USA. The software is characterized by hierarchical storage, dual-temporal and scalability.Antenna House DMC HTMLFilter is one of the HTML generic generator libraries developed by Antenna House, Inc. in the United States. A hea...

CVE-2017-2791

JustSystems Ichitaro 2016 Trial contains a vulnerability that exists when trying to open a specially crafted PowerPoint file. Due to the application incorrectly handling the error case for a function's result, the application will use this result in a pointer calculation for reading file data int...

Design/Logic Flaw

JustSystems Ichitaro 2016 Trial contains a vulnerability that exists when trying to open a specially crafted PowerPoint file. Due to the application incorrectly handling the error case for a function's result, the application will use this result in a pointer calculation for reading file data int...