Microsoft Powerpoint
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Microsoft Powerpoint.
Recent Microsoft Powerpoint Security Advisories
| Advisory | Title | Published |
|---|---|---|
| CVE-2024-38171 | CVE-2024-38171 Microsoft PowerPoint Remote Code Execution Vulnerability | August 13, 2024 |
| CVE-2022-37962 | Microsoft PowerPoint Remote Code Execution Vulnerability | September 13, 2022 |
Known Exploited Microsoft Powerpoint Vulnerabilities
The following Microsoft Powerpoint vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.
| Title | Description | Added |
|---|---|---|
| Microsoft PowerPoint Buffer Overflow Vulnerability |
Microsoft PowerPoint contains a buffer overflow vulnerability that alllows for remote code execution. CVE-2010-2572 Exploit Probability: 75.6% |
June 8, 2022 |
| Microsoft PowerPoint Memory Corruption Vulnerability |
Microsoft PowerPoint allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document. CVE-2015-2424 Exploit Probability: 60.0% |
March 3, 2022 |
2 known exploited Microsoft Powerpoint vulnerabilities are in the top 5% (95th percentile or greater) of the EPSS exploit probability rankings.
By the Year
In 2025 there have been 0 vulnerabilities in Microsoft Powerpoint. Last year, in 2024 Powerpoint had 3 security vulnerabilities published. Right now, Powerpoint is on track to have less security vulnerabilities in 2025 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 0 | 0.00 |
| 2024 | 3 | 7.57 |
| 2023 | 0 | 0.00 |
| 2022 | 1 | 7.80 |
| 2021 | 1 | 7.80 |
| 2020 | 2 | 8.30 |
| 2019 | 1 | 7.80 |
| 2018 | 3 | 8.47 |
It may take a day or so for new Powerpoint vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Powerpoint Security Vulnerabilities
Microsoft PowerPoint Library Injection Vulnerability on macOS
CVE-2024-39804
7.1 - High
- December 18, 2024
A library injection vulnerability exists in Microsoft PowerPoint 16.83 for macOS. A specially crafted library can leverage PowerPoint's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions.
Improper Verification of Cryptographic Signature
Microsoft PowerPoint Remote Code Execution Vulnerability
CVE-2024-38171
7.8 - High
- August 13, 2024
Microsoft PowerPoint Remote Code Execution Vulnerability
Dangling pointer
Microsoft Office Remote Code Execution Vulnerability
CVE-2024-20673
7.8 - High
- February 13, 2024
Microsoft Office Remote Code Execution Vulnerability
Windows Graphics Component Remote Code Execution Vulnerability
CVE-2022-26903
7.8 - High
- April 15, 2022
Windows Graphics Component Remote Code Execution Vulnerability
Microsoft PowerPoint Remote Code Execution Vulnerability
CVE-2021-27056
7.8 - High
- March 11, 2021
Microsoft PowerPoint Remote Code Execution Vulnerability
Microsoft PowerPoint Remote Code Execution Vulnerability
CVE-2020-17124
7.8 - High
- December 10, 2020
Microsoft PowerPoint Remote Code Execution Vulnerability
A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries
CVE-2020-0760
8.8 - High
- April 15, 2020
A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991.
Improper Input Validation
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory
CVE-2019-1462
7.8 - High
- December 10, 2019
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka 'Microsoft PowerPoint Remote Code Execution Vulnerability'.
Use of Uninitialized Resource
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory
CVE-2018-8628
7.8 - High
- December 12, 2018
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft PowerPoint, Microsoft SharePoint, Microsoft PowerPoint Viewer, Office Online Server, Microsoft SharePoint Server.
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in Protected View
CVE-2018-8501
8.8 - High
- October 10, 2018
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in Protected View, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Office 365 ProPlus, PowerPoint Viewer, Microsoft Office, Microsoft PowerPoint.
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory
CVE-2018-8376
8.8 - High
- August 15, 2018
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft PowerPoint.
Microsoft PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, Word 2010 SP2, PowerPoint 2013 SP1, Word 2013 SP1, and PowerPoint 2013 RT SP1
CVE-2015-2424
8.8 - High
- July 14, 2015
Microsoft PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, Word 2010 SP2, PowerPoint 2013 SP1, Word 2013 SP1, and PowerPoint 2013 RT SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
Memory Corruption
Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3
CVE-2010-2572
7.8 - High
- November 10, 2010
Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint 95 document, aka "PowerPoint Parsing Buffer Overflow Vulnerability."
Classic Buffer Overflow
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Powerpoint or by Microsoft? Click the Watch button to subscribe.
