threat
engine
.sh
Back
·
··:··
Home
/
Product
/
microsoft powerpoint
Product
microsoft powerpoint
73 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-41102
< 16.0.19822.20190
Improper access control in Microsoft Office PowerPoint allows an authorized attacker to perform spoofing locally.
7.1
HIGH
CVE-2026-32200
all versions
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2026-26133
< 16.0.19822.20038
AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.
7.1
HIGH
CVE-2025-59238
all versions
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-54908
all versions
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-53761
all versions
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-49705
all versions
Heap-based buffer overflow in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2025-49699
all versions
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
7.0
HIGH
CVE-2025-47175
all versions
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2024-39804
all versions
A library injection vulnerability exists in Microsoft PowerPoint 16.83 for macOS. A specially crafted library can leverage PowerPo
7.1
HIGH
CVE-2024-38171
all versions
Microsoft PowerPoint Remote Code Execution Vulnerability
7.8
HIGH
CVE-2024-20673
all versions
Microsoft Office Remote Code Execution Vulnerability
7.8
HIGH
CVE-2022-26903
all versions
Windows Graphics Component Remote Code Execution Vulnerability
7.8
HIGH
CVE-2021-27056
all versions
Microsoft PowerPoint Remote Code Execution Vulnerability
7.8
HIGH
CVE-2020-17124
all versions
Microsoft PowerPoint Remote Code Execution Vulnerability
7.8
HIGH
CVE-2020-0760
all versions
A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Offic
8.8
HIGH
CVE-2019-1462
all versions
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects i
7.8
HIGH
CVE-2018-8628
all versions
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects i
7.8
HIGH
CVE-2018-8501
all versions
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects i
8.8
HIGH
CVE-2018-8376
all versions
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects i
8.8
HIGH
CVE-2017-8743
all versions
A remote code execution vulnerability exists in Microsoft PowerPoint 2016, Microsoft SharePoint Enterprise Server 2016, and Office
7.8
HIGH
CVE-2017-8742
all versions
A remote code execution vulnerability exists in Microsoft PowerPoint 2007 Service Pack 3, Microsoft PowerPoint 2010 Service Pack 2
7.8
HIGH
CVE-2017-8513
all versions
A remote code execution vulnerability exists in Microsoft PowerPoint when the software fails to properly handle objects in memory,
7.8
HIGH
CVE-2016-7230
all versions
Microsoft PowerPoint 2010 SP2, PowerPoint Viewer, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code vi
7.8
HIGH
CVE-2016-3360
all versions
Microsoft PowerPoint 2007 SP3, PowerPoint 2010 SP2, PowerPoint 2013 SP1, PowerPoint 2013 RT SP1, PowerPoint 2016 for Mac, Office C
7.8
HIGH
CVE-2016-3279
all versions
Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1,
5.5
MEDIUM
CVE-2016-0012
all versions
Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, Po
4.3
MEDIUM
CVE-2015-2503
all versions
Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2
CVE-2015-2423
all versions
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold a
CVE-2015-2424
all versions
Microsoft PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, Word 2010 SP2, PowerPoint 2013 SP1, Word 2013 SP1, and PowerPoi
8.8
HIGH
CVE-2015-1682
all versions
Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP
CVE-2015-0097
all versions
Microsoft Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Excel 2010 SP2, PowerPoint 2010 SP2, and Word 2010 SP2 allow remote
CVE-2015-0085
all versions
Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Ex
CVE-2011-3413
all versions
Microsoft PowerPoint 2007 SP2; Office 2008 for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP
CVE-2011-3396
all versions
Untrusted search path vulnerability in Microsoft PowerPoint 2007 SP2 and 2010 allows local users to gain privileges via a Trojan h
CVE-2011-1270
all versions
Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Powe
CVE-2011-1269
all versions
Microsoft PowerPoint 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; and O
CVE-2011-0656
all versions
Microsoft PowerPoint 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter f
CVE-2011-0655
all versions
Microsoft PowerPoint 2007 SP2 and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Office Compat
CVE-2011-0976
all versions
Microsoft PowerPoint 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Offic
CVE-2010-2573
all versions
Integer underflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3, PowerPoint Viewer SP2, and Office 2004 for Mac allows remote atta
CVE-2010-2572
all versions
Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Powe
7.8
HIGH
CVE-2010-3142
all versions
Untrusted search path vulnerability in Microsoft Office PowerPoint 2007 allows local users, and possibly remote attackers, to exec
CVE-2010-3141
all versions
Untrusted search path vulnerability in Microsoft PowerPoint 2010 allows local users, and possibly remote attackers, to execute arb
CVE-2010-0034
all versions
Stack-based buffer overflow in Microsoft Office PowerPoint 2003 SP3 allows remote attackers to execute arbitrary code via a crafte
CVE-2010-0033
all versions
Stack-based buffer overflow in Microsoft Office PowerPoint 2003 SP3 allows remote attackers to execute arbitrary code via a crafte
CVE-2010-0032
all versions
Use-after-free vulnerability in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary cod
CVE-2010-0031
all versions
Array index error in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3, and PowerPoint in Office 2004 for Mac, allows remote attac
CVE-2010-0030
all versions
Heap-based buffer overflow in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code
CVE-2010-0029
all versions
Buffer overflow in Microsoft Office PowerPoint 2002 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint
CVE-2009-0224
all versions
Microsoft Office PowerPoint 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; PowerPoint Viewer 2003 and 2007 SP1 and SP2; Power
CVE-2009-0556
all versions
Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3, and PowerPoint in Microsoft Office 2004 for Mac, allows remote attac
8.8
HIGH
CVE-2008-3068
all versions
Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Rev
CVE-2007-0913
all versions
Unspecified vulnerability in Microsoft Powerpoint allows remote user-assisted attackers to execute arbitrary code via unknown atta
CVE-2007-0671
all versions
Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote u
8.8
HIGH
CVE-2006-5296
all versions
PowerPoint in Microsoft Office 2003 does not properly handle a container object whose position value exceeds the record length, wh
CVE-2006-3877
all versions
Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X fo
CVE-2006-3449
all versions
Unspecified vulnerability in Microsoft PowerPoint 2000 through 2003, possibly a buffer overflow, allows user-assisted remote attac
CVE-2006-3660
all versions
Unspecified vulnerability in Microsoft PowerPoint 2003 has unknown impact and user-assisted attack vectors related to powerpnt.exe
CVE-2006-3656
all versions
Unspecified vulnerability in Microsoft PowerPoint 2003 allows user-assisted attackers to cause memory corruption via a crafted Pow
CVE-2006-3655
all versions
Unspecified vulnerability in mso.dll in Microsoft PowerPoint 2003 allows user-assisted attackers to execute arbitrary code via a c
CVE-2006-3590
all versions
mso.dll, as used by Microsoft PowerPoint 2000 through 2003, allows user-assisted attackers to execute arbitrary commands via a mal
CVE-2006-0022
all versions
Unspecified vulnerability in Microsoft PowerPoint in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP1 and SP2, Office 200
CVE-2004-0848
all versions
Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location conta
CVE-2004-0200
all versions
Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, all
CVE-2002-0152
all versions
Buffer overflow in various Microsoft applications for Macintosh allows remote attackers to cause a denial of service (crash) or ex
CVE-2001-0718
<= 2002
Vulnerability in (1) Microsoft Excel 2002 and earlier and (2) Microsoft PowerPoint 2002 and earlier allows attackers to bypass mac
CVE-2001-0005
all versions
Buffer overflow in the parsing mechanism of the file loader in Microsoft PowerPoint 2000 allows attackers to execute arbitrary com
CVE-2000-0765
all versions
Buffer overflow in the HTML interpreter in Microsoft Office 2000 allows an attacker to execute arbitrary commands via a long embed
CVE-2000-0597
all versions
Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97 are marked as safe for scripting, which allows remote attackers to
CVE-2000-0419
all versions
The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activi
CVE-2000-0088
all versions
Buffer overflow in the conversion utilities for Japanese, Korean and Chinese Word 5 documents allows an attacker to execute comman
CVE-1999-1474
all versions
PowerPoint 95 and 97 allows remote attackers to cause an application to be run automatically without prompting the user, possibly
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin