Show filters
111 Total Results
Displaying 1-10 of 111
Sort by:
Attacker Value
Unknown
CVE-2015-2424
Disclosure Date: July 14, 2015 (last updated July 17, 2024)
Microsoft PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, Word 2010 SP2, PowerPoint 2013 SP1, Word 2013 SP1, and PowerPoint 2013 RT SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
2
Attacker Value
Unknown
CVE-2017-8742
Disclosure Date: September 13, 2017 (last updated November 26, 2024)
A remote code execution vulnerability exists in Microsoft PowerPoint 2007 Service Pack 3, Microsoft PowerPoint 2010 Service Pack 2, Microsoft PowerPoint 2013 Service Pack 1, Microsoft PowerPoint 2013 RT Service Pack 1, Microsoft PowerPoint 2016, Microsoft PowerPoint Viewer 2007, Microsoft SharePoint Server 2013 Service Pack 1, Microsoft SharePoint Enterprise Server 2016, Microsoft Office Web Apps 2010 Service Pack 2, and Microsoft Office Compatibility Pack Service Pack 3 when they fail to properly handle objects in memory, aka "PowerPoint Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8743.
1
Attacker Value
Unknown
CVE-2017-8743
Disclosure Date: September 13, 2017 (last updated November 26, 2024)
A remote code execution vulnerability exists in Microsoft PowerPoint 2016, Microsoft SharePoint Enterprise Server 2016, and Office Online Server when they fail to properly handle objects in memory, aka "PowerPoint Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8742.
1
Attacker Value
Unknown
Microsoft Tagged Image File Format Heap Overflow
Disclosure Date: November 06, 2013 (last updated July 25, 2024)
GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote attackers to execute arbitrary code via a crafted TIFF image, as demonstrated by an image in a Word document, and exploited in the wild in October and November 2013.
0
Attacker Value
Unknown
CVE-2025-1043
Disclosure Date: February 20, 2025 (last updated February 21, 2025)
The Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.7.5 via the 'embeddoc' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
0
Attacker Value
Unknown
CVE-2024-39804
Disclosure Date: December 18, 2024 (last updated December 19, 2024)
A library injection vulnerability exists in Microsoft PowerPoint 16.83 for macOS. A specially crafted library can leverage PowerPoint's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions.
0
Attacker Value
Unknown
CVE-2024-38171
Disclosure Date: August 13, 2024 (last updated August 17, 2024)
Microsoft PowerPoint Remote Code Execution Vulnerability
0
Attacker Value
Unknown
CVE-2024-20673
Disclosure Date: February 13, 2024 (last updated January 12, 2025)
Microsoft Office Remote Code Execution Vulnerability
0
Attacker Value
Unknown
CVE-2022-26903
Disclosure Date: April 15, 2022 (last updated November 29, 2024)
Windows Graphics Component Remote Code Execution Vulnerability
0
Attacker Value
Unknown
CVE-2021-27056
Disclosure Date: March 11, 2021 (last updated November 28, 2024)
Microsoft PowerPoint Remote Code Execution Vulnerability
0
