Powerpoint Microsoft Powerpoint

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Microsoft Powerpoint.

Recent Microsoft Powerpoint Security Advisories

Advisory Title Published
CVE-2024-38171 CVE-2024-38171 Microsoft PowerPoint Remote Code Execution Vulnerability August 13, 2024
CVE-2022-37962 Microsoft PowerPoint Remote Code Execution Vulnerability September 13, 2022

Known Exploited Microsoft Powerpoint Vulnerabilities

The following Microsoft Powerpoint vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.

Title Description Added
Microsoft PowerPoint Buffer Overflow Vulnerability Microsoft PowerPoint contains a buffer overflow vulnerability that alllows for remote code execution.
CVE-2010-2572 Exploit Probability: 71.5%
June 8, 2022
Microsoft PowerPoint Memory Corruption Vulnerability Microsoft PowerPoint allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document.
CVE-2015-2424 Exploit Probability: 19.5%
March 3, 2022

2 known exploited Microsoft Powerpoint vulnerabilities are in the top 5% (95th percentile or greater) of the EPSS exploit probability rankings.

By the Year

In 2025 there have been 0 vulnerabilities in Microsoft Powerpoint. Last year, in 2024 Powerpoint had 3 security vulnerabilities published. Right now, Powerpoint is on track to have less security vulnerabilities in 2025 than it did last year.




Year Vulnerabilities Average Score
2025 0 0.00
2024 3 7.57
2023 0 0.00
2022 1 7.80
2021 1 7.80
2020 2 8.30
2019 1 7.80
2018 3 8.47

It may take a day or so for new Powerpoint vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Powerpoint Security Vulnerabilities

Microsoft PowerPoint Library Injection Vulnerability on macOS

CVE-2024-39804 7.1 - High - December 18, 2024

A library injection vulnerability exists in Microsoft PowerPoint 16.83 for macOS. A specially crafted library can leverage PowerPoint's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions.

Improper Verification of Cryptographic Signature

Microsoft PowerPoint Remote Code Execution Vulnerability

CVE-2024-38171 7.8 - High - August 13, 2024

Microsoft PowerPoint Remote Code Execution Vulnerability

Dangling pointer

Microsoft Office Remote Code Execution Vulnerability

CVE-2024-20673 7.8 - High - February 13, 2024

Microsoft Office Remote Code Execution Vulnerability

Windows Graphics Component Remote Code Execution Vulnerability

CVE-2022-26903 7.8 - High - April 15, 2022

Windows Graphics Component Remote Code Execution Vulnerability

Microsoft PowerPoint Remote Code Execution Vulnerability

CVE-2021-27056 7.8 - High - March 11, 2021

Microsoft PowerPoint Remote Code Execution Vulnerability

Microsoft PowerPoint Remote Code Execution Vulnerability

CVE-2020-17124 7.8 - High - December 10, 2020

Microsoft PowerPoint Remote Code Execution Vulnerability

A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries

CVE-2020-0760 8.8 - High - April 15, 2020

A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991.

Improper Input Validation

A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory

CVE-2019-1462 7.8 - High - December 10, 2019

A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka 'Microsoft PowerPoint Remote Code Execution Vulnerability'.

Use of Uninitialized Resource

A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory

CVE-2018-8628 7.8 - High - December 12, 2018

A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft PowerPoint, Microsoft SharePoint, Microsoft PowerPoint Viewer, Office Online Server, Microsoft SharePoint Server.

A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in Protected View

CVE-2018-8501 8.8 - High - October 10, 2018

A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in Protected View, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Office 365 ProPlus, PowerPoint Viewer, Microsoft Office, Microsoft PowerPoint.

A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory

CVE-2018-8376 8.8 - High - August 15, 2018

A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft PowerPoint.

Microsoft PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, Word 2010 SP2, PowerPoint 2013 SP1, Word 2013 SP1, and PowerPoint 2013 RT SP1

CVE-2015-2424 8.8 - High - July 14, 2015

Microsoft PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, Word 2010 SP2, PowerPoint 2013 SP1, Word 2013 SP1, and PowerPoint 2013 RT SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

Memory Corruption

Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3

CVE-2010-2572 7.8 - High - November 10, 2010

Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint 95 document, aka "PowerPoint Parsing Buffer Overflow Vulnerability."

Classic Buffer Overflow

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Powerpoint or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

subscribe