Lucene search

K
MicrosoftProject Server

25 matches found

CVE
CVE
added 2017/05/12 2:29 p.m.238 views

CVE-2017-0281

Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2016, Office Online Server 2016, Office Web Apps 2010 SP2,Office Web Apps 2013 SP1, Project Server 2013 SP1, SharePoint Enterprise Server 2013 SP1, SharePoint Enterprise Server 2016, SharePoint Foundation 2013 SP1, Sharepoint Serve...

9.3CVSS8.1AI score0.92255EPSS
CVE
CVE
added 2020/04/15 3:15 p.m.115 views

CVE-2020-0954

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0924, CVE-2020-0925...

5.4CVSS5.2AI score0.01102EPSS
CVE
CVE
added 2018/07/11 12:29 a.m.93 views

CVE-2018-8284

A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microso...

9.3CVSS7.3AI score0.53408EPSS
CVE
CVE
added 2017/11/15 3:29 a.m.92 views

CVE-2017-11876

Microsoft Project Server and Microsoft SharePoint Enterprise Server 2016 allow an attacker to use cross-site forgery to read content that they are not authorized to read, use the victim's identity to take actions on the web application on behalf of the victim, such as change permissions and delete ...

8.8CVSS7.8AI score0.01218EPSS
CVE
CVE
added 2019/06/12 2:29 p.m.90 views

CVE-2019-1031

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...

5.4CVSS5.1AI score0.00528EPSS
CVE
CVE
added 2019/06/12 2:29 p.m.90 views

CVE-2019-1036

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...

5.4CVSS5.1AI score0.00528EPSS
CVE
CVE
added 2015/11/11 11:59 a.m.85 views

CVE-2015-2503

Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 SP2, OneNote 2010 SP2, PowerPoint 2010 SP2, Projec...

9.3CVSS6.8AI score0.20241EPSS
CVE
CVE
added 2018/03/14 5:29 p.m.85 views

CVE-2018-0909

Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0910, CVE-2018-0...

8.8CVSS8.5AI score0.07376EPSS
CVE
CVE
added 2017/06/15 1:29 a.m.76 views

CVE-2017-8551

An elevation of privilege vulnerability exists when Microsoft SharePoint software fails to properly sanitize a specially crafted requests, aka "Microsoft SharePoint XSS vulnerability".

6.1CVSS5.4AI score0.00669EPSS
CVE
CVE
added 2019/06/12 2:29 p.m.76 views

CVE-2019-1033

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...

5.4CVSS5.1AI score0.00528EPSS
CVE
CVE
added 2014/05/14 11:13 a.m.72 views

CVE-2014-0251

Microsoft Windows SharePoint Services 3.0 SP3; SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 Gold and SP1; SharePoint Foundation 2010 SP1 and SP2 and 2013 Gold and SP1; Project Server 2010 SP1 and SP2 and 2013 Gold and SP1; Web Applications 2010 SP1 and SP2; Office Web Apps Server 2013 Gol...

9CVSS7.2AI score0.15421EPSS
CVE
CVE
added 2018/11/14 1:29 a.m.72 views

CVE-2018-8575

A remote code execution vulnerability exists in Microsoft Project software when it fails to properly handle objects in memory, aka "Microsoft Project Remote Code Execution Vulnerability." This affects Microsoft Project, Office 365 ProPlus, Microsoft Project Server.

9.3CVSS8AI score0.20332EPSS
CVE
CVE
added 2015/04/14 8:59 p.m.71 views

CVE-2015-1640

Cross-site scripting (XSS) vulnerability in Microsoft Project Server 2010 SP2 and 2013 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability."

4.3CVSS5AI score0.08963EPSS
CVE
CVE
added 2018/03/14 5:29 p.m.71 views

CVE-2018-0944

Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-...

8.8CVSS8.4AI score0.07376EPSS
CVE
CVE
added 2018/03/14 5:29 p.m.66 views

CVE-2018-0911

Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0...

8.8CVSS8.5AI score0.07376EPSS
CVE
CVE
added 2018/03/14 5:29 p.m.66 views

CVE-2018-0914

Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0...

8.8CVSS8.5AI score0.07376EPSS
CVE
CVE
added 2018/06/14 12:29 p.m.66 views

CVE-2018-8254

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft Project Server, Microsoft SharePoint. ...

5.4CVSS5.5AI score0.00869EPSS
CVE
CVE
added 2018/05/09 7:29 p.m.64 views

CVE-2018-8156

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint, Microsoft Project Server. ...

5.4CVSS5.5AI score0.00473EPSS
CVE
CVE
added 2018/03/14 5:29 p.m.63 views

CVE-2018-0916

Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0...

8.8CVSS8.5AI score0.07376EPSS
CVE
CVE
added 2018/03/14 5:29 p.m.59 views

CVE-2018-0915

Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0...

8.8CVSS8.5AI score0.07376EPSS
CVE
CVE
added 2018/03/14 5:29 p.m.58 views

CVE-2018-0912

Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0...

8.8CVSS8.5AI score0.07376EPSS
CVE
CVE
added 2018/03/14 5:29 p.m.56 views

CVE-2018-0910

Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0...

8.8CVSS8.5AI score0.07376EPSS
CVE
CVE
added 2018/03/14 5:29 p.m.55 views

CVE-2018-0913

Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0...

8.8CVSS8.5AI score0.07376EPSS
CVE
CVE
added 2009/12/09 6:30 p.m.37 views

CVE-2009-0102

Microsoft Project 2000 SR1 and 2002 SP1, and Office Project 2003 SP3, does not properly handle memory allocation for Project files, which allows remote attackers to execute arbitrary code via a malformed file, aka "Project Memory Validation Vulnerability."

9.3CVSS7.4AI score0.65426EPSS
CVE
CVE
added 2006/12/18 11:28 a.m.35 views

CVE-2006-6617

projectserver/logon/pdsrequest.asp in Microsoft Project Server 2003 allows remote authenticated users to obtain the MSProjectUser password for a SQL database via a GetInitializationData request, which includes the information in the UserName and Password tags of the response.

6.5CVSS6.9AI score0.31352EPSS