11 matches found
CVE-2020-16946
The CVE-2020-16946 entry refers to a cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server where crafted web requests are not properly sanitized. The authenticated attacker could execute scripts in the user’s browser context, potentially reading restricted content and performing...
CVE-2020-1573
CVE-2020-1573 is a Microsoft SharePoint Server cross-site scripting (XSS) vulnerability. The root cause is improper sanitization of crafted web requests, which an authenticated attacker could exploit to execute scripts in the user’s browser context, potentially reading restricted data, acting on ...
CVE-2016-3358
CVE-2016-3358 affects Microsoft Office and Excel components across Windows and Mac platforms (Excel 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016; Office Online Server; Office Viewer; SharePoint Excel Services). The vulnerability is described as a memory corruption in Office applications that a...
CVE-2016-3360
CVE-2016-3360 affects multiple Microsoft Office components, notably PowerPoint and related Office apps. The vulnerability is a memory corruption issue in which a crafted document can cause remote code execution on the affected host. Affected products include PowerPoint 2007 SP3, 2010 SP2, 2013 SP...
CVE-2014-0251
CVE-2014-0251 affects Microsoft SharePoint products including Windows SharePoint Services 3.0 SP3, SharePoint Server 2007 SP3, 2010 SP1/SP2, 2013 Gold/SP1, SharePoint Foundation 2010 SP1/SP2/2013 Gold/SP1, Project Server 2010 SP1/SP2/2013 Gold/SP1, Web Applications 2010 SP1/SP2, Office Web Apps S...
CVE-2016-0136
CVE-2016-0136 affects Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, and Excel Services on SharePoint Server 2007 SP3/2010 SP2. The root cause is memory corruption from improper handling of objects in memory, enabling remote code execution when a crafted Office document ...
CVE-2015-2376
CVE-2015-2376 affects multiple Microsoft Office components (Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1/RT SP1, Office for Mac 2011, Excel Viewer 2007 SP3, Office Compatibility Pack SP3, and Excel Services on SharePoint Server 2007 SP3/2010 SP2/2013 SP1). The vulnerability is a memory corrupti...
CVE-2016-3362
CVE-2016-3362 and CVE-2016-3365 are memory‑corruption vulnerabilities in Microsoft Office components (notably Excel across multiple versions and Office/SharePoint services) that allow remote code execution via a crafted document. The root cause is memory handling flaws in Office components when p...
CVE-2016-0054
CVE-2016-0054 affects multiple Microsoft Office components (notably Excel across Windows and macOS, including Office viewers/SharePoint services). The underlying issue is memory corruption triggered by processing a crafted Office document, enabling remote code execution. Public references describ...
CVE-2016-3365
CVE-2016-3365 is a Microsoft Office memory corruption vulnerability affecting Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Exc...
CVE-2008-3068
Microsoft Crypto API 5.131.2600.2180 through 6.0 (used in Outlook, Windows Live Mail, and Office 2007) performs CRL checks by using an arbitrary URL from a certificate embedded in an S/MIME email or a signed document via the Authority Information Access (AIA) extension. This allows remote attacke...