CVE-2026-46722

The OOXML parsing of the file indexer does not disable external entity resolution. A crafted xlsx or pptx document placed in an indexed directory can cause local files to be read or outbound HTTP requests to be performed, with the retrieved content being written to the search index...

PT-2026-41862

The OOXML parsing of the file indexer does not disable external entity resolution. A crafted xlsx or pptx document placed in an indexed directory can cause local files to be read or outbound HTTP requests to be performed, with the retrieved content being written to the search index...

EUVD-2026-12525

A vulnerability was determined in taoofagi easegen-admin up to 8f87936ac774065b92fb20aab55b274a6ea76433. This issue affects the function downloadFile of the file - yudao-module-digitalcourse/yudao-module-digitalcourse-biz/src/main/java/cn/iocoder/yudao/module/digitalcourse/util/PPTUtil.java of th...

EUVD-2017-11934

Malware in sbrugna...

PT-2024-6658 · Microsoft · Office Powerpoint

Name of the Vulnerable Software and Affected Versions: Microsoft PowerPoint affected versions not specified Description: The issue is related to a use-after-free vulnerability in Microsoft PowerPoint, specifically in the parsing of PPTX files. This vulnerability can be exploited to allow an...

PT-2024-12555 · Document Foundation · Libreoffice

Name of the Vulnerable Software and Affected Versions: The Document Foundation Libreoffice version 7.4.7 Description: An issue in The Document Foundation Libreoffice allows a remote attacker to cause a denial of service via a crafted .ppt file. Recommendations: For version 7.4.7, consider avoidin...

The vulnerability of the PPT-file processor in Hancom Office software allows a hacker to execute arbitrary code.

The vulnerability of the PPT-file processor in Hancom Office software is related to buffer overflow in the stack. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created PPT-file...

The vulnerability of the UAX200.dll library in the Corel Presentations presentation preparation and viewing software allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the UAX200.dll library in Corel Presentations’ presentation preparation and viewing software is related to reading data beyond the buffer boundaries. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information through a specially...

The vulnerability of the IPPP82.FLT module of the Corel Presentations presentation preparation and viewing software allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the IPPP82.FLT module in the Corel Presentations preparation and presentation software relates to reading data beyond the buffer boundaries. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information using a specially crafted PPT fi...

The vulnerability of the IBJPG2.FLT library in the Corel Presentations preparation and presentation software allows a hacker to execute arbitrary code.

The vulnerability of the IBJPG2.FLT library in the Corel Presentations preparation and presentation software relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code in the context of the current user,...

The availability of the IPPP72.FLT module of the Corel Presentations preparation and presentation software, which is related to reading data beyond the buffer in memory, allows unauthorized access by intruders to protected memory information.

The vulnerability of the IPPP72.FLT module in the Corel Presentations preparation and presentation software relates to reading data outside the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected...

Attackers Target Intuit Users by Threatening to Cancel Tax Accounts

Just in time for tax season, Intuit is warning customers of a phishing campaign that threatens to close user accounts if they don’t click on a malicious link. The attacks on the accounting-software specialist that many people use for filing U.S. income tax forms comes as phishers overall are...

CVE-2021-38104

IPPP72.FLT in Corel Presentations 2020 20.0.0.200 is affected by an Out-of-bounds Read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to access unauthorized system memory in the context of the current user. Exploitation of this issue...

Office8570

This is a Microsoft PowerPoint presentation file .ppt that contains a malicious payload. The file is encoded with a password, and the presentation itself contains a malicious VBA Visual Basic for Applications macro that can be used to deliver a payload. The presentation contains a slide layout th...

CVE-2019-0801

A remote code execution vulnerability exists when Microsoft Office fails to properly handle certain files.To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted URL file that points to an Excel or PowerPoint file that was also downloaded.The update...

Denial of Service Vulnerability in WPS Office 2016 Presentation

WPS office is an office software suite independently developed by Kingsoft Corporation. A denial of service vulnerability exists in WPS presentation wpp.exe in WPS when parsing a specific ppt file, which can be exploited by an attacker to cause a denial of service attack...

Null pointer reference vulnerability in WPS Office 2016 presentation kso module (CNVD-2018-04915)

WPS office is an office software suite independently developed by Kingsoft Corporation. WPS presentation wpp.exe in WPS has a null pointer reference vulnerability in the kso module when parsing a specific ppt file, which can be exploited by an attacker to cause a denial of service attack or code...

CVE-2017-17967

pptreader.dll in Kingsoft WPS Office 10.1.0.6930 allows remote attackers to cause a denial of service via a crafted PPT file, aka CNVD-2017-35482...

Denial of Service Vulnerability in WPS Presentation (CNVD-2017-33992)

WPS office is an office software suite independently developed by Kingsoft Corporation. The WPS presentation wpp.exe in WPS has an out-of-bounds read error to memory when parsing a specific ppt file, which can be exploited by attackers to cause a denial of service...

WPS Presentation suffers from a null pointer reference vulnerability (CNVD-2017-33983)

WPS office is an office software suite independently developed by Kingsoft Corporation. The WPS presentation wpp.exe in WPS has a null pointer reference vulnerability in the kso module when parsing a specific ppt file, which can be exploited by an attacker to cause a denial of service or code...