Microsoft Powerpoint
Recent Microsoft Powerpoint Security Advisories
Advisory | Title | Published |
---|---|---|
CVE-2022-37962 | Microsoft PowerPoint Remote Code Execution Vulnerability | September 13, 2022 |
Known Exploited Microsoft Powerpoint Vulnerabilities
The following Microsoft Powerpoint vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.
Title | Description | Added |
---|---|---|
Microsoft PowerPoint Buffer Overflow Vulnerability | Microsoft PowerPoint contains a buffer overflow vulnerability that alllows for remote code execution. CVE-2010-2572 | June 8, 2022 |
Microsoft PowerPoint Memory Corruption Vulnerability | Microsoft PowerPoint allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document. CVE-2015-2424 | March 3, 2022 |
By the Year
In 2024 there have been 1 vulnerability in Microsoft Powerpoint with an average score of 7.8 out of ten. Powerpoint did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2024 as compared to last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 1 | 7.80 |
2023 | 0 | 0.00 |
2022 | 1 | 7.80 |
2021 | 1 | 7.80 |
2020 | 2 | 8.30 |
2019 | 1 | 7.80 |
2018 | 3 | 8.47 |
It may take a day or so for new Powerpoint vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Powerpoint Security Vulnerabilities
Microsoft Office Remote Code Execution Vulnerability
CVE-2024-20673
7.8 - High
- February 13, 2024
Microsoft Office Remote Code Execution Vulnerability
Windows Graphics Component Remote Code Execution Vulnerability
CVE-2022-26903
7.8 - High
- April 15, 2022
Windows Graphics Component Remote Code Execution Vulnerability
Microsoft PowerPoint Remote Code Execution Vulnerability
CVE-2021-27056
7.8 - High
- March 11, 2021
Microsoft PowerPoint Remote Code Execution Vulnerability
Microsoft PowerPoint Remote Code Execution Vulnerability
CVE-2020-17124
7.8 - High
- December 10, 2020
Microsoft PowerPoint Remote Code Execution Vulnerability
A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries
CVE-2020-0760
8.8 - High
- April 15, 2020
A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991.
Improper Input Validation
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory
CVE-2019-1462
7.8 - High
- December 10, 2019
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka 'Microsoft PowerPoint Remote Code Execution Vulnerability'.
Use of Uninitialized Resource
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory
CVE-2018-8628
7.8 - High
- December 12, 2018
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft PowerPoint, Microsoft SharePoint, Microsoft PowerPoint Viewer, Office Online Server, Microsoft SharePoint Server.
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in Protected View
CVE-2018-8501
8.8 - High
- October 10, 2018
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in Protected View, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Office 365 ProPlus, PowerPoint Viewer, Microsoft Office, Microsoft PowerPoint.
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory
CVE-2018-8376
8.8 - High
- August 15, 2018
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft PowerPoint.
Microsoft PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, Word 2010 SP2, PowerPoint 2013 SP1, Word 2013 SP1, and PowerPoint 2013 RT SP1
CVE-2015-2424
8.8 - High
- July 14, 2015
Microsoft PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, Word 2010 SP2, PowerPoint 2013 SP1, Word 2013 SP1, and PowerPoint 2013 RT SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
Memory Corruption
Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3
CVE-2010-2572
7.8 - High
- November 10, 2010
Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint 95 document, aka "PowerPoint Parsing Buffer Overflow Vulnerability."
Classic Buffer Overflow
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Powerpoint or by Microsoft? Click the Watch button to subscribe.
![subscribe](/images/undraw_subscriber_vabu.png)