Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Sharepoint Enterprise Server 2013 Security Vulnerabilities

cve
cve

CVE-2018-1005

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint. This CVE ID is unique from...

5.4CVSS

5.5AI Score

0.005EPSS

2018-04-12 01:29 AM
42
cve
cve

CVE-2018-1014

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint. This CVE ID is unique from...

5.4CVSS

5.5AI Score

0.005EPSS

2018-04-12 01:29 AM
39
cve
cve

CVE-2018-1032

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoin...

5.4CVSS

5.5AI Score

0.005EPSS

2018-04-12 01:29 AM
44
cve
cve

CVE-2018-8149

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoin...

5.4CVSS

5.5AI Score

0.005EPSS

2018-05-09 07:29 PM
47
cve
cve

CVE-2018-8168

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoin...

5.4CVSS

5.5AI Score

0.005EPSS

2018-05-09 07:29 PM
50
cve
cve

CVE-2018-8299

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint. This CVE ID is unique from...

5.4CVSS

5.6AI Score

0.005EPSS

2018-07-11 12:29 AM
56
cve
cve

CVE-2018-8323

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint. This CVE ID is unique from...

5.4CVSS

5.6AI Score

0.005EPSS

2018-07-11 12:29 AM
40
cve
cve

CVE-2018-8378

An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Office Information Disclosure Vulnerability." This affects Word, Microsoft SharePoint Server, Microso...

5.5CVSS

4.9AI Score

0.002EPSS

2018-08-15 05:29 PM
153
cve
cve

CVE-2018-8426

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint.

5.4CVSS

5.5AI Score

0.002EPSS

2018-09-13 12:29 AM
155
cve
cve

CVE-2018-8428

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint. This CVE ID is unique from...

5.4CVSS

5.6AI Score

0.005EPSS

2018-09-13 12:29 AM
39
cve
cve

CVE-2018-8431

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoin...

5.4CVSS

5.6AI Score

0.005EPSS

2018-09-13 12:29 AM
57
cve
cve

CVE-2018-8488

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint. This CVE ID is unique from...

5.4CVSS

5.6AI Score

0.006EPSS

2018-10-10 01:29 PM
45
cve
cve

CVE-2018-8498

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint. This CVE ID is unique from...

5.4CVSS

5.6AI Score

0.006EPSS

2018-10-10 01:29 PM
44
cve
cve

CVE-2018-8518

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint. This CVE ID is unique from...

5.4CVSS

5.6AI Score

0.006EPSS

2018-10-10 01:29 PM
58
cve
cve

CVE-2018-8568

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoin...

5.4CVSS

6.3AI Score

0.006EPSS

2018-11-14 01:29 AM
52
cve
cve

CVE-2018-8578

An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages, aka "Microsoft SharePoint Information Disclosure Vulnerability." This affects Microsoft SharePoint.

4.3CVSS

5.3AI Score

0.002EPSS

2018-11-14 01:29 AM
50
cve
cve

CVE-2018-8580

An information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulnerable to cross-site search attacks (a variant of cross-site request forgery, CSRF), aka "Microsoft SharePoint Information Disclosure Vulnerability." This affects Microso...

4.3CVSS

4AI Score

0.004EPSS

2018-12-12 12:29 AM
67
cve
cve

CVE-2018-8635

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted authentication request to an affected SharePoint server, aka "Microsoft SharePoint Server Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, M...

8.8CVSS

4.9AI Score

0.001EPSS

2018-12-12 12:29 AM
51
cve
cve

CVE-2019-0556

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint. This CVE ID is unique from CVE-2019...

5.4CVSS

5.1AI Score

0.001EPSS

2019-01-08 09:29 PM
53
cve
cve

CVE-2019-0558

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint, Micros...

5.4CVSS

5.1AI Score

0.001EPSS

2019-01-08 09:29 PM
62
cve
cve

CVE-2019-0562

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoin...

5.4CVSS

6.2AI Score

0.002EPSS

2019-01-08 09:29 PM
60
cve
cve

CVE-2019-0585

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft SharePoint, Microsof...

8.8CVSS

8.3AI Score

0.235EPSS

2019-01-08 09:29 PM
1075
cve
cve

CVE-2019-0668

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'.

8.8CVSS

8.9AI Score

0.001EPSS

2019-03-06 12:00 AM
67
cve
cve

CVE-2019-0670

A spoofing vulnerability exists in Microsoft SharePoint when the application does not properly parse HTTP content, aka 'Microsoft SharePoint Spoofing Vulnerability'.

6.1CVSS

7.4AI Score

0.001EPSS

2019-03-06 12:00 AM
64
cve
cve

CVE-2019-0831

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2019-0830.

5.4CVSS

5AI Score

0.001EPSS

2019-04-09 09:29 PM
69
cve
cve

CVE-2019-1006

An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'.

7.5CVSS

7.8AI Score

0.002EPSS

2019-07-15 07:15 PM
233
cve
cve

CVE-2019-1034

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1035.

7.8CVSS

7.7AI Score

0.014EPSS

2019-06-12 02:29 PM
74
cve
cve

CVE-2019-1134

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'.

5.4CVSS

5.7AI Score

0.001EPSS

2019-07-29 02:13 PM
59
cve
cve

CVE-2019-1331

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1327.

8.8CVSS

8.8AI Score

0.047EPSS

2019-10-10 02:15 PM
90
cve
cve

CVE-2019-1446

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.

5.5CVSS

5.6AI Score

0.003EPSS

2019-11-12 07:15 PM
74
cve
cve

CVE-2020-0850

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0851, CVE-2020-0852, CVE-2020-0855, CVE-2020-0892.

8.8CVSS

7.9AI Score

0.047EPSS

2020-03-12 04:15 PM
108
cve
cve

CVE-2020-0892

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0850, CVE-2020-0851, CVE-2020-0852, CVE-2020-0855.

7.8CVSS

8AI Score

0.047EPSS

2020-03-12 04:15 PM
93
cve
cve

CVE-2020-0893

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0894.

5.4CVSS

5.1AI Score

0.001EPSS

2020-03-12 04:15 PM
74
cve
cve

CVE-2020-0923

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0924, CVE-2020-0925, CVE-2020-0926...

5.4CVSS

5.2AI Score

0.001EPSS

2020-04-15 03:15 PM
80
cve
cve

CVE-2020-0926

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0924, CVE-2020-0925...

5.4CVSS

5.2AI Score

0.001EPSS

2020-04-15 03:15 PM
84
cve
cve

CVE-2020-0930

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0924, CVE-2020-0925...

5.4CVSS

5.2AI Score

0.001EPSS

2020-04-15 03:15 PM
90
cve
cve

CVE-2020-0931

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0920, CVE-2020-0929, CVE-2020-0932, CVE-2020-0971, C...

8.8CVSS

8.3AI Score

0.089EPSS

2020-04-15 03:15 PM
184
cve
cve

CVE-2020-0973

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0924, CVE-2020-0925...

5.4CVSS

5.2AI Score

0.001EPSS

2020-04-15 03:15 PM
77
cve
cve

CVE-2020-0977

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-0972, CVE-2020-0975, CVE-2020-0976.

5.4CVSS

5.3AI Score

0.001EPSS

2020-04-15 03:15 PM
70
cve
cve

CVE-2020-0980

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'.

7.8CVSS

8.3AI Score

0.015EPSS

2020-04-15 03:15 PM
100
cve
cve

CVE-2020-1100

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1099, CVE-2020-1101, CVE-2020-1106...

5.4CVSS

5.1AI Score

0.002EPSS

2020-05-21 11:15 PM
64
cve
cve

CVE-2020-1107

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-1104, CVE-2020-1105.

5.4CVSS

5.4AI Score

0.001EPSS

2020-05-21 11:15 PM
96
cve
cve

CVE-2020-1147

A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.

7.8CVSS

8.1AI Score

0.862EPSS

2020-07-14 11:15 PM
1157
In Wild
2
cve
cve

CVE-2020-1148

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-1289.

5.4CVSS

5.7AI Score

0.001EPSS

2020-06-09 08:15 PM
101
cve
cve

CVE-2020-1178

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted authentication request to an affected SharePoint server, aka 'Microsoft SharePoint Server Elevation of Privilege Vulnerability'.

8.8CVSS

8.3AI Score

0.001EPSS

2020-06-09 08:15 PM
82
cve
cve

CVE-2020-1295

An elevation of privilege vulnerability exists in Microsoft SharePoint, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'.

8.8CVSS

8.2AI Score

0.001EPSS

2020-06-09 08:15 PM
60
cve
cve

CVE-2020-1318

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1177, CVE-2020-1183, CVE-2020-1297...

5.4CVSS

5.1AI Score

0.001EPSS

2020-06-09 08:15 PM
59
cve
cve

CVE-2020-1342

An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka 'Microsoft Office Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1445.

5.5CVSS

6AI Score

0.007EPSS

2020-07-14 11:15 PM
81
cve
cve

CVE-2020-1439

A remote code execution vulnerability exists in PerformancePoint Services for SharePoint Server when the software fails to check the source markup of XML file input, aka 'PerformancePoint Services Remote Code Execution Vulnerability'.

8.8CVSS

9.2AI Score

0.013EPSS

2020-07-14 11:15 PM
80
cve
cve

CVE-2020-1445

An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka 'Microsoft Office Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1342.

5.5CVSS

6.1AI Score

0.007EPSS

2020-07-14 11:15 PM
78
Total number of security vulnerabilities55