22 matches found
CVE-2018-8628
CVE-2018-8628 is a remote code execution vulnerability affecting Microsoft PowerPoint and related Office components (Office, SharePoint, PowerPoint Viewer, etc.) caused by improper handling of objects in memory. The Nessus/OpenVAS entries confirm the vulnerability across PowerPoint and Office pro...
CVE-2024-20673
CVE-2024-20673 is a Microsoft Office remote code execution vulnerability tracked across multiple office-product advisories. Public docs show high-severity risk (CVSS v3.1: 7.8), with exploitation described as a remote code execution requiring local access and user interaction in some vectors. Con...
CVE-2020-0760
CVE-2020-0760 is a remote code execution vulnerability affecting Microsoft Office products (Word/Excel/PowerPoint/Visio) via improper loading of arbitrary type libraries. The root cause is how Office loads type libraries, which could allow an attacker to execute arbitrary code in the context of t...
CVE-2020-17124
CVE-2020-17124 is an Microsoft PowerPoint remote code execution vulnerability. Connected sources confirm it affects PowerPoint/Office, with December 2020 security updates released to address it. Severity is high (CVSSv3.1 base 7.8 / 9.3 from CVSS v2). No exploitation details are provided in the d...
CVE-2024-38171
CVE-2024-38171 is Microsoft PowerPoint Remote Code Execution vulnerability. The CVE entry indicates a PowerPoint RCE with a CVSSv3.1 base score of 7.8 (HIGH) and local attack vector requiring user interaction. Connected sources corroborate Windows/Office updates addressing CVE-2024-38171: a Augus...
CVE-2019-1462
CVE-2019-1462 is a remote code execution vulnerability affecting Microsoft PowerPoint/Office where memory objects are mishandled. The Red Hat advisory reiterates the same remote code execution issue, and various Nessus/OpenVAS entries tie the vulnerability to PowerPoint versions across Windows/ma...
CVE-2017-8742
Two CVEs (CVE-2017-8742 and CVE-2017-8743) describe remote code execution in Microsoft PowerPoint family and associated server/web apps due to improper handling of objects in memory. CVE-2017-8742 affects PowerPoint up to 2016, PowerPoint Viewer 2007, SharePoint Server 2013 SP1, SharePoint Enterp...
CVE-2025-47175
Microsoft PowerPoint CVE-2025-47175 is a Use-After-Free in PowerPoint that can lead to local code execution when a user opens a crafted PPTX file. Exploit details in connected sources indicate a local attacker must persuade a victim to open the file (PoC guidance exists for PowerPoint 2019 / Offi...
CVE-2017-8743
CVE-2017-8743 affects Microsoft PowerPoint 2016, Microsoft SharePoint Enterprise Server 2016, and Office Online Server. The vulnerability arises from improper handling of objects in memory, enabling remote code execution. The CVSS details in the initial record indicate a HIGH impact with local/re...
CVE-2015-2503
CVE-2015-2503 is an Office Elevation of Privilege vulnerability that can be triggered via a crafted web site loaded in Internet Explorer to bypass sandbox protections and gain privileges. The initial CVE entry lists Microsoft Office 2007–2016 products (Word, Excel, PowerPoint, Access, InfoPath, V...
CVE-2021-27056
CVE-2021-27056 is a Microsoft PowerPoint remote code execution vulnerability. Public sources describe a RCE flaw in PowerPoint components that could allow an attacker to bypass authentication and execute arbitrary commands. The issue is associated with multiple Office/PowerPoint versions (includi...
CVE-2016-0012
CVE-2016-0012 affects Microsoft Office suite (2007–2016 and related components) and is described as a security feature/ASLR bypass vulnerability. Connected OpenVAS entries explicitly reference remote bypass vectors in Office components (PowerPoint, Visio, Word, Excel, VB runtime) and note exploit...
CVE-2018-8501
CVE-2018-8501 is a remote code execution flaw in Microsoft PowerPoint/Office caused by improper handling of objects in Protected View. The vulnerability allows a remote attacker to run arbitrary code in the context of the current user, with the potential for system compromise if the user has admi...
CVE-2025-49705
CVE-2025-49705 is a Microsoft PowerPoint remote code execution vulnerability described as a heap-based buffer overflow in PowerPoint that allows an attacker to execute code locally. Connected sources confirm this vulnerability affects PowerPoint components and is addressed by Microsoft security u...
CVE-2025-49699
CVE-2025-49699 is a Microsoft Office remote-code-execution vulnerability caused by a use-after-free in Office components, enabling a local attacker to execute arbitrary code. Affected products include various Office apps; the underlying issue is use-after-free leading to code execution. Mitigatio...
CVE-2026-32200
The CVE-2026-32200 entry involves a use-after-free vulnerability in Microsoft Office PowerPoint that could allow a local attacker to execute arbitrary code. Connected sources confirm affected products include Microsoft PowerPoint/PowerPoint 2016 and related Office components; root cause is use-af...
CVE-2025-54908
CVE-2025-54908 describes a Use-After-Free vulnerability in Microsoft PowerPoint that allows local code execution when processing PowerPoint content. Multiple connected sources confirm a remote code execution risk in PowerPoint products due to this flaw, with Microsoft attributing the root cause t...
CVE-2025-59238
CVE-2025-59238 is a use-after-free vulnerability in Microsoft Office PowerPoint that allows an attacker to execute code locally. The CVE is associated with PowerPoint components affected by the vulnerability, with the attacker having local access (attack vector: LOCAL), needing user interaction (...
CVE-2025-53761
Summary (based on provided documents): CVE-2025-53761 is a use-after-free vulnerability in Microsoft Office PowerPoint that can allow an attacker with local access to execute code locally. The vulnerability is associated with PowerPoint and is addressed by the August 2025 security update (KB50027...
CVE-2026-55123
CVE-2026-55123 is a heap-based buffer overflow in Microsoft Office PowerPoint that allows local code execution when a user opens a malicious file or link. Affected component is PowerPoint within Microsoft Office; root cause is a heap-based overflow leading to arbitrary code execution. Microsoft’s...
CVE-2026-55120
CVE-2026-55120 is a heap-based buffer overflow in Microsoft Office PowerPoint that enables a local attacker to execute arbitrary code. The vulnerability is documented across multiple feeds (NVD, CIRCL, NCSC, CVE List) and is associated with PowerPoint, with exploitation requiring user interaction...
CVE-2026-55043
CVE-2026-55043 is a heap-based buffer overflow in Microsoft Office PowerPoint that allows an attacker to execute code locally. The vulnerability affects PowerPoint files (triggered by opening a crafted document) and is categorized with a high impact (local code execution) in CVSS 3.1, with exploi...