Security Updates for Microsoft SharePoint Server Subscription Edition (April 2025)

The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing security updates. It is, therefore, affected by multiple Remote Code Execution vulnerabilities: - Remote Code Execution Vulnerabilites. CVE-2025-29793, CVE-2025-29794 %NASLMINLEVEL 70300 C Tenable, Inc...

PT-2024-9502 · Microsoft · Sharepoint Server +1

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Microsoft SharePoint Server Subscription Edition affected versions not specified Microsoft SharePoint Enterprise Server affected versions not specified Description: The issue is...

Description of the security update for SharePoint Server Subscription Edition: November 12, 2024 (KB5002651)

Description of the security update for SharePoint Server Subscription Edition: November 12, 2024 KB5002651 Summary This security update for SharePoint Server provides defense-in-depth updates to help improve security-related features. To learn more about the updates, see Microsoft Advisory...

Security Updates for Microsoft SharePoint Server Subscription Edition (October 2024)

The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing security updates. It is, therefore, affected by a privilage elevation vulnerability. %NASLMINLEVEL 70300 C Tenable, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Security Updates for Microsoft SharePoint Server Subscription Edition (September 2024)

The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A denial of service DoS vulnerability. An attacker can exploit this issue to cause the affected component to deny system or...

Security Updates for Microsoft SharePoint Server Subscription Edition (June 2024)

The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing security updates. It is, therefore, affected by a local code execution vulnerability. An attacker can exploit this with a specially crafted file to bypass authentication and execute unauthorized...

Insecure Direct Object Reference (IDOR)

org.bonitasoft.engine, bonita-server is vulnerable to Insecure Direct Object Reference IDOR. The vulnerability is due to the absence of dynamic permissions, which previously existed only in the Subscription edition and were not customizable in the Community edition...

CVE-2024-28087

In Bonitasoft runtime Community edition, the lack of dynamic permissions causes IDOR vulnerability. Dynamic permissions existed only in Subscription edition and have now been restored in Community edition, where they are not custmizable...

CVE-2024-28087

In Bonitasoft runtime Community edition, the lack of dynamic permissions causes IDOR vulnerability. Dynamic permissions existed only in Subscription edition and have now been restored in Community edition, where they are not custmizable...

Description of the security update for SharePoint Server Subscription Edition: May 14, 2024 (KB5002599)

Description of the security update for SharePoint Server Subscription Edition: May 14, 2024 KB5002599 Summary This security update resolves a Microsoft SharePoint Server information disclosure vulnerability and Microsoft SharePoint Server remote code execution vulnerability. To learn more about t...

Security Updates for Microsoft SharePoint Server Subscription Edition (May 2024)

The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitra...

Security Updates for Microsoft SharePoint Server Subscription Edition (April 2024)

The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing a security update. It is, therefore, affected by a session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. %NASLMINLEVEL 70300 C...

Description of the security update for SharePoint Server Subscription Edition: January 9, 2024 (KB5002540)

Description of the security update for SharePoint Server Subscription Edition: January 9, 2024 KB5002540 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposur...

Security Updates for Microsoft SharePoint Server Subscription Edition (January 2024)

The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing security updates. It is, therefore, affected by the following vulnerability: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized...

Description of the security update for SharePoint Server Subscription Edition: September 12, 2023 (KB5002474)

Description of the security update for SharePoint Server Subscription Edition: September 12, 2023 KB5002474 Summary This security update resolves a Microsoft SharePoint Server elevation of privilege vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and...

PT-2023-3908 · Microsoft · Sharepoint Server +1

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Microsoft SharePoint Server Subscription Edition affected versions not specified Microsoft SharePoint Enterprise Server affected versions not specified Description: The issue is...

Security Updates for Microsoft SharePoint Server Subscription Edition (July 2023)

The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing security updates. security updates. It is, therefore, affected by multiple vulnerabilities: - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security featur...

PT-2023-3183 · Microsoft · Sharepoint Server +1

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Microsoft SharePoint Server Subscription Edition affected versions not specified Description: The issue is related to errors in the user interface's representation of information. It...

Security Updates for Microsoft SharePoint Server Subscription Edition (June 2023)

The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A Sharepoint Server elevation of privilege vulnerabilty. CVE-2023-33142 - A Sharepoint Server spoofing vulnerability...

Security Updates for Microsoft SharePoint Server Subscription Edition (May 2023)

The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A Sharepoint Server spoofing vulnerability. CVE-2023-24950 - A Sharepoint Server information disclosure vulnerability...