Lucene search
K
MicrosoftProject Server

24 matches found

CVE
CVE
added 2017/05/12 2:0 p.m.307 views

CVE-2017-0281

CVE-2017-0281 / CVE-2017-0262 describe a remote code execution flaw in Microsoft Office and related components triggered by memory handling errors while processing specially crafted Office files (EPS in particular). Affected products include Office 2010 SP2, Office 2013 SP1, Office 2016, and broa...

9.3CVSS8.1AI score0.80734EPSS
In wild
CVE
CVE
added 2018/07/11 12:0 a.m.129 views

CVE-2018-8284

CVE-2018-8284 is a remote code execution vulnerability in the Microsoft .NET Framework caused by improper input validation. The NVD entry lists affected runtimes across multiple versions (e.g., .NET Framework 2.0/3.0/3.5/3.5.1 and 4.x releases up to 4.7.2, including 4.6.x and 4.7.x). Microsoft MS...

9.3CVSS7.3AI score0.4287EPSS
CVE
CVE
added 2020/04/15 3:13 p.m.129 views

CVE-2020-0954

Technical details for CVE-2020-0954 are not publicly available in the provided documents. Monitor for updates from official sources.

5.4CVSS5.2AI score0.01515EPSS
CVE
CVE
added 2015/11/11 11:0 a.m.114 views

CVE-2015-2503

CVE-2015-2503 is an Office Elevation of Privilege vulnerability that can be triggered via a crafted web site loaded in Internet Explorer to bypass sandbox protections and gain privileges. The initial CVE entry lists Microsoft Office 2007–2016 products (Word, Excel, PowerPoint, Access, InfoPath, V...

9.3CVSS6.8AI score0.1684EPSS
CVE
CVE
added 2017/11/15 3:0 a.m.114 views

CVE-2017-11876

CVE-2017-11876 affects Microsoft Project Server and SharePoint Enterprise Server 2016. The vulnerability arises from improper session handling that enables cross-site request forgery, allowing an attacker to read restricted content and impersonate the victim to perform actions (e.g., change permi...

8.8CVSS7.8AI score0.02474EPSS
CVE
CVE
added 2019/06/12 1:49 p.m.106 views

CVE-2019-1031

Microsoft SharePoint Server has an XSS vulnerability (CVE-2019-1031) due to improper sanitization of crafted web requests. An authenticated attacker could run scripts in the user’s browser, read restricted content, and perform actions on the SharePoint site (e.g., change permissions, delete conte...

5.4CVSS5.1AI score0.01662EPSS
CVE
CVE
added 2019/06/12 1:49 p.m.105 views

CVE-2019-1036

CVE-2019-1036 describes a cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server where an attacker with authentication can exploit insufficient sanitization of crafted web requests. Successful exploitation could allow the attacker to execute scripts in the user’s browser, read co...

5.4CVSS5.1AI score0.01662EPSS
CVE
CVE
added 2018/03/14 5:0 p.m.97 views

CVE-2018-0909

Technical details for CVE-2018-0909, including affected products and remediation, are not publicly provided in the connected documents. Monitor official advisories for updates on impact and fixes.

8.8CVSS8.5AI score0.04708EPSS
CVE
CVE
added 2014/05/14 10:0 a.m.95 views

CVE-2014-0251

CVE-2014-0251 affects Microsoft SharePoint products including Windows SharePoint Services 3.0 SP3, SharePoint Server 2007 SP3, 2010 SP1/SP2, 2013 Gold/SP1, SharePoint Foundation 2010 SP1/SP2/2013 Gold/SP1, Project Server 2010 SP1/SP2/2013 Gold/SP1, Web Applications 2010 SP1/SP2, Office Web Apps S...

9CVSS7.2AI score0.14199EPSS
CVE
CVE
added 2019/06/12 1:49 p.m.94 views

CVE-2019-1033

Technical details for CVE-2019-1033 are not publicly available in the provided documents. No specifics on affected versions, root cause, or fixes are present here. Monitor for updates via the cited sources.

5.4CVSS5.1AI score0.01662EPSS
CVE
CVE
added 2017/06/15 1:0 a.m.88 views

CVE-2017-8551

CVE-2017-8551 is a Microsoft SharePoint Server elevation-of-privilege vulnerability caused by improper sanitization of crafted web requests, enabling potential cross-site scripting and actions on behalf of a user. Affected products include SharePoint Server (and SharePoint-related components) wit...

6.1CVSS5.4AI score0.03263EPSS
CVE
CVE
added 2015/04/14 8:0 p.m.84 views

CVE-2015-1640

CVE-2015-1640 describes a cross-site scripting (XSS) vulnerability impacting Microsoft Project Server 2010 SP2 and 2013 SP1, attributed to insufficient input filtering in SharePoint/Project Server components. The core issue is improper sanitization of crafted requests that allows an attacker to i...

4.3CVSS5AI score0.08863EPSS
CVE
CVE
added 2018/06/14 12:0 p.m.84 views

CVE-2018-8254

Root cause: elevation of privilege in Microsoft SharePoint Server due to improper filtering of certain web requests. Affected products include SharePoint Server and Project Server (e.g., SharePoint Enterprise Server 2016 and SharePoint Foundation 2013 SP1 per CNVD entries). CVSS metrics indicate ...

5.4CVSS5.5AI score0.02472EPSS
CVE
CVE
added 2018/03/14 5:0 p.m.82 views

CVE-2018-0944

Technical details for CVE-2018-0944 are not publicly available in the provided connected documents. Monitor for updates; based on current inputs, no concrete affected products, versions, exploit info, or remediation are disclosed here.

8.8CVSS8.4AI score0.04708EPSS
CVE
CVE
added 2018/03/14 5:0 p.m.79 views

CVE-2018-0911

Technical details about CVE-2018-0911 are not publicly available in the provided documents; monitor for updates.

8.8CVSS8.5AI score0.04708EPSS
CVE
CVE
added 2018/03/14 5:0 p.m.79 views

CVE-2018-0914

Technical details about CVE-2018-0914 are not publicly available in the provided documents. The connected EUVD entries mention malware without giving affected products, root cause, impact, or remediation for this CVE. Monitor for updates.

8.8CVSS8.5AI score0.04708EPSS
CVE
CVE
added 2018/05/09 7:0 p.m.75 views

CVE-2018-8156

CVE-2018-8156 is a Microsoft SharePoint Server elevation-of-privilege issue. Connected sources confirm the vulnerability arises when SharePoint Server (and related Project Server variants) fails to properly filter specially crafted web requests, enabling an attacker to escalate privileges. Severa...

5.4CVSS5.5AI score0.02618EPSS
CVE
CVE
added 2018/03/14 5:0 p.m.74 views

CVE-2018-0916

Technical details for CVE-2018-0916 are not publicly available in the provided documents; monitor for updates from official advisories.

8.8CVSS8.5AI score0.04708EPSS
CVE
CVE
added 2018/03/14 5:0 p.m.72 views

CVE-2018-0915

Technical details are not publicly available in the provided documents for CVE-2018-0915; no product/version specifics or remediation are disclosed here. Monitor for updates from official sources.

8.8CVSS8.5AI score0.04708EPSS
CVE
CVE
added 2018/03/14 5:0 p.m.70 views

CVE-2018-0912

No technical details for CVE-2018-0912 are present in the provided documents. Monitor for updates as more information becomes available.

8.8CVSS8.5AI score0.04708EPSS
CVE
CVE
added 2018/03/14 5:0 p.m.69 views

CVE-2018-0910

Technical details about CVE-2018-0910 are not publicly available in the provided documents; the connected EUVD entries refer to malware and do not specify affected products, impact, or remediation. Monitor for updates.

8.8CVSS8.5AI score0.04708EPSS
CVE
CVE
added 2018/03/14 5:0 p.m.69 views

CVE-2018-0913

Technical details for CVE-2018-0913 are not publicly available in the provided documents; monitor for updates.

8.8CVSS8.5AI score0.04708EPSS
CVE
CVE
added 2009/12/09 6:0 p.m.54 views

CVE-2009-0102

Summary: CVE-2009-0102 is a remote code execution vulnerability in Microsoft Office Project components. The flaw is rooted in how Project files are parsed; specifically, memory allocations are not properly validated when opening Project files, leading to memory corruption in winproj.exe and the a...

9.3CVSS7.4AI score0.23504EPSS
CVE
CVE
added 2006/12/18 11:0 a.m.51 views

CVE-2006-6617

CVE-2006-6617 affects Microsoft Project Server 2003. The vulnerability lies in projectserver/logon/pdsrequest.asp where a GetInitializationData response can expose the UserName and Password fields, allowing remote authenticated users to obtain the MSProjectUser password for the SQL database. The ...

6.5CVSS6.9AI score0.19639EPSS
Web