Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Information Security Automation
Information Security Automationadded 2025/11/13 1:56 p.m.11 views

About Remote Code Execution – Microsoft SharePoint “ToolShell” (CVE-2025-49704) vulnerability

About Remote Code Execution - Microsoft SharePoint "ToolShell" CVE-2025-49704 vulnerability. This vulnerability is from the Microsoft's July Patch Tuesday. SharePoint is a web application developed by Microsoft for corporate intranet portals, document management, and collaborative work...

9.8CVSS8.3AI score0.99982EPSS
Exploits41
Metasploit
Metasploitadded 2025/08/07 6:52 p.m.673 views

Microsoft SharePoint Server ToolPane Unauthenticated Remote Code Execution (aka ToolShell)

This module exploits the authentication bypass vulnerabilities CVE-2025-49706 and CVE-2025-53771, and an unsafe deserialization vulnerability CVE-2025-49704, to achieve unauthenticated RCE against a vulnerable Microsoft SharePoint Server. The vulnerability CVE-2025-53770 was disclosed as being a...

9.8CVSS7.4AI score0.99982EPSS
Exploits41
Securelist
Securelistadded 2025/07/25 7:0 a.m.12 views

ToolShell: a story of five vulnerabilities in Microsoft SharePoint

On July 19–20, 2025, various security companies and national CERTs published alerts about active exploitation of on-premise SharePoint servers. According to the reports, observed attacks did not require authentication, allowed attackers to gain full control over the infected servers, and were...

9.8CVSS9AI score0.99982EPSS
Exploits51
CISA KEV Catalog
CISA KEV Catalogadded 2025/07/22 12:0 a.m.16 views

Microsoft SharePoint Code Injection Vulnerability

Microsoft SharePoint contains a code injection vulnerability that could allow an authorized attacker to execute code over a network. This vulnerability could be chained with CVE-2025-49706. CVE-2025-53770 is a patch bypass for CVE-2025-49704, and the updates for CVE-2025-53770 include more robust...

9.8CVSS8.9AI score0.99982EPSS
In wildExploits41
CISA KEV Catalog
CISA KEV Catalogadded 2025/07/22 12:0 a.m.39 views

Microsoft SharePoint Improper Authentication Vulnerability

Microsoft SharePoint contains an improper authentication vulnerability that allows an authorized attacker to perform spoofing over a network. Successfully exploitation could allow an attacker to view sensitive information and make some changes to disclosed information. This vulnerability could be...

6.5CVSS7.5AI score0.99879EPSS
In wildExploits9
VulnCheck KEV
VulnCheck KEVadded 2025/07/18 12:0 a.m.3 views

VulnCheck KEV: CVE-2025-49704

Improper control of generation of code 'code injection' in Microsoft Office SharePoint allows an authorized attacker to execute code over a network...

9.8CVSS7.3AI score0.99982EPSS
In wildExploits41References223
Cvelist
Cvelistadded 2025/07/08 4:58 p.m.17 views

CVE-2025-49704 Microsoft SharePoint Remote Code Execution Vulnerability

...

8.8CVSS0.99907EPSS
Exploits7References1
Vulnrichment
Vulnrichmentadded 2025/07/08 4:58 p.m.8 views

CVE-2025-49704 Microsoft SharePoint Remote Code Execution Vulnerability

...

8.8CVSS7.2AI score0.99907EPSS
Exploits7References1
Circl
Circladded 2025/07/08 3:0 a.m.8 views

CVE-2025-49704

creationtimestamp| type| source ---|---|--- 2025-07-08 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-581/ 2025-07-08 15:56:31+00:00| seen| https://www.thezdi.com/blog/2025/7/8/the-july-2025-security-update-review 2025-07-08 20:17:43+00:00| seen|...

8.8CVSS7.4AI score0.99907EPSS
Exploits7References105
Rows per page
Query Builder