Lucene search
K
MicrosoftSharepoint Designer

11 matches found

CVE
CVE
added 2020/10/16 10:18 p.m.129 views

CVE-2020-16946

The CVE-2020-16946 entry refers to a cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server where crafted web requests are not properly sanitized. The authenticated attacker could execute scripts in the user’s browser context, potentially reading restricted content and performing...

8.7CVSS7.7AI score0.01492EPSS
CVE
CVE
added 2020/08/17 7:13 p.m.110 views

CVE-2020-1573

CVE-2020-1573 is a Microsoft SharePoint Server cross-site scripting (XSS) vulnerability. The root cause is improper sanitization of crafted web requests, which an authenticated attacker could exploit to execute scripts in the user’s browser context, potentially reading restricted data, acting on ...

5.5CVSS6.2AI score0.01882EPSS
CVE
CVE
added 2016/09/14 10:0 a.m.106 views

CVE-2016-3358

CVE-2016-3358 affects Microsoft Office and Excel components across Windows and Mac platforms (Excel 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016; Office Online Server; Office Viewer; SharePoint Excel Services). The vulnerability is described as a memory corruption in Office applications that a...

9.3CVSS7.7AI score0.18434EPSS
CVE
CVE
added 2016/09/14 10:0 a.m.98 views

CVE-2016-3360

CVE-2016-3360 affects multiple Microsoft Office components, notably PowerPoint and related Office apps. The vulnerability is a memory corruption issue in which a crafted document can cause remote code execution on the affected host. Affected products include PowerPoint 2007 SP3, 2010 SP2, 2013 SP...

9.3CVSS7.7AI score0.17235EPSS
CVE
CVE
added 2014/05/14 10:0 a.m.95 views

CVE-2014-0251

CVE-2014-0251 affects Microsoft SharePoint products including Windows SharePoint Services 3.0 SP3, SharePoint Server 2007 SP3, 2010 SP1/SP2, 2013 Gold/SP1, SharePoint Foundation 2010 SP1/SP2/2013 Gold/SP1, Project Server 2010 SP1/SP2/2013 Gold/SP1, Web Applications 2010 SP1/SP2, Office Web Apps S...

9CVSS7.2AI score0.14199EPSS
CVE
CVE
added 2016/04/12 11:0 p.m.91 views

CVE-2016-0136

CVE-2016-0136 affects Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, and Excel Services on SharePoint Server 2007 SP3/2010 SP2. The root cause is memory corruption from improper handling of objects in memory, enabling remote code execution when a crafted Office document ...

9.3CVSS7.8AI score0.20717EPSS
CVE
CVE
added 2015/07/14 9:0 p.m.89 views

CVE-2015-2376

CVE-2015-2376 affects multiple Microsoft Office components (Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1/RT SP1, Office for Mac 2011, Excel Viewer 2007 SP3, Office Compatibility Pack SP3, and Excel Services on SharePoint Server 2007 SP3/2010 SP2/2013 SP1). The vulnerability is a memory corrupti...

9.3CVSS7.7AI score0.15746EPSS
CVE
CVE
added 2016/09/14 10:0 a.m.88 views

CVE-2016-3362

CVE-2016-3362 and CVE-2016-3365 are memory‑corruption vulnerabilities in Microsoft Office components (notably Excel across multiple versions and Office/SharePoint services) that allow remote code execution via a crafted document. The root cause is memory handling flaws in Office components when p...

9.3CVSS7.6AI score0.17466EPSS
CVE
CVE
added 2016/02/10 11:0 a.m.81 views

CVE-2016-0054

CVE-2016-0054 affects multiple Microsoft Office components (notably Excel across Windows and macOS, including Office viewers/SharePoint services). The underlying issue is memory corruption triggered by processing a crafted Office document, enabling remote code execution. Public references describ...

9.3CVSS7.7AI score0.16074EPSS
CVE
CVE
added 2016/09/14 10:0 a.m.81 views

CVE-2016-3365

CVE-2016-3365 is a Microsoft Office memory corruption vulnerability affecting Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Exc...

9.3CVSS7.6AI score0.19867EPSS
CVE
CVE
added 2008/07/07 11:0 p.m.65 views

CVE-2008-3068

Microsoft Crypto API 5.131.2600.2180 through 6.0 (used in Outlook, Windows Live Mail, and Office 2007) performs CRL checks by using an arbitrary URL from a certificate embedded in an S/MIME email or a signed document via the Authority Information Access (AIA) extension. This allows remote attacke...

7.5CVSS6.7AI score0.17404EPSS