Lucene search

K
MicrosoftSharepoint Enterprise Server

106 matches found

CVE
CVE
added 2020/08/17 7:15 p.m.98 views

CVE-2020-1499

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.The attacke...

5.5CVSS6.2AI score0.01717EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.98 views

CVE-2020-1595

A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm accoun...

9.9CVSS9.3AI score0.00829EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.98 views

CVE-2020-16944

This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successful...

8.7CVSS8.1AI score0.00584EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.97 views

CVE-2020-1178

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted authentication request to an affected SharePoint server, aka 'Microsoft SharePoint Server Elevation of Privilege Vulnerability'.

8.8CVSS8.3AI score0.06667EPSS
CVE
CVE
added 2020/07/14 11:15 p.m.97 views

CVE-2020-1448

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1446, CVE-2020-1447.

8.8CVSS8.8AI score0.43263EPSS
CVE
CVE
added 2020/08/17 7:15 p.m.97 views

CVE-2020-1573

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...

5.5CVSS6.1AI score0.01125EPSS
CVE
CVE
added 2020/04/15 3:15 p.m.96 views

CVE-2020-0920

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0929, CVE-2020-0931, CVE-2020-0932, CVE-2020-0971, C...

8.8CVSS8.3AI score0.30943EPSS
CVE
CVE
added 2020/04/15 3:15 p.m.95 views

CVE-2020-0978

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0924, CVE-2020-0925...

5.4CVSS5.2AI score0.01102EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.95 views

CVE-2020-1320

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1177, CVE-2020-1183, CVE-2020-1297...

5.4CVSS5.1AI score0.00773EPSS
CVE
CVE
added 2020/03/12 4:15 p.m.94 views

CVE-2020-0893

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0894.

5.4CVSS5.1AI score0.00898EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.94 views

CVE-2020-1205

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.The attacke...

4.9CVSS6AI score0.01427EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.94 views

CVE-2020-1297

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1177, CVE-2020-1183, CVE-2020-1298...

5.4CVSS5.1AI score0.00773EPSS
CVE
CVE
added 2020/07/14 11:15 p.m.94 views

CVE-2020-1445

An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka 'Microsoft Office Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1342.

5.5CVSS6.1AI score0.28299EPSS
CVE
CVE
added 2020/07/14 11:15 p.m.94 views

CVE-2020-1450

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1451, CVE-2020-1456.

5.4CVSS5.1AI score0.00656EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.94 views

CVE-2020-16942

An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages. An attacker who took advantage of this information disclosure could view the folder path of scripts loaded on the page.To take advantage of th...

4.4CVSS5.7AI score0.00323EPSS
CVE
CVE
added 2020/11/11 7:15 a.m.94 views

CVE-2020-17060

Microsoft SharePoint Server Spoofing Vulnerability

5.8CVSS6.7AI score0.00617EPSS
CVE
CVE
added 2020/08/17 7:15 p.m.93 views

CVE-2020-1505

An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.To exploit the vulnerability, an attacker would have...

5.5CVSS6.3AI score0.01174EPSS
CVE
CVE
added 2020/11/11 7:15 a.m.93 views

CVE-2020-16979

Microsoft SharePoint Information Disclosure Vulnerability

6.5CVSS5.2AI score0.0305EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.92 views

CVE-2020-1323

An open redirect vulnerability exists in Microsoft SharePoint that could lead to spoofing.To exploit the vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link, aka 'SharePoint Open Redirect Vulnerability'.

6.1CVSS6.5AI score0.01545EPSS
CVE
CVE
added 2020/11/11 7:15 a.m.92 views

CVE-2020-17015

Microsoft SharePoint Server Spoofing Vulnerability

6.5CVSS4.8AI score0.01235EPSS
CVE
CVE
added 2020/11/11 7:15 a.m.92 views

CVE-2020-17016

Microsoft SharePoint Server Spoofing Vulnerability

8.8CVSS8AI score0.16892EPSS
CVE
CVE
added 2020/05/21 11:15 p.m.91 views

CVE-2020-1100

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1099, CVE-2020-1101, CVE-2020-1106...

5.4CVSS5.1AI score0.01851EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.91 views

CVE-2020-1440

A tampering vulnerability exists when Microsoft SharePoint Server fails to properly handle profile data. An attacker who successfully exploited this vulnerability could modify a targeted user's profile data.To exploit the vulnerability, an attacker would need to be authenticated on an affected Shar...

6.3CVSS7.2AI score0.01697EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.91 views

CVE-2020-1452

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint s...

8.6CVSS8.6AI score0.02468EPSS
CVE
CVE
added 2020/05/21 11:15 p.m.90 views

CVE-2020-1069

A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls, aka 'Microsoft SharePoint Server Remote Code Execution Vulnerability'.

8.8CVSS8.4AI score0.34532EPSS
CVE
CVE
added 2020/05/21 11:15 p.m.90 views

CVE-2020-1103

An information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulnerable to cross-site search attacks (a variant of cross-site request forgery, CSRF).When users are simultaneously logged in to Microsoft SharePoint Server and visit a mal...

6.5CVSS6.4AI score0.08862EPSS
CVE
CVE
added 2020/02/11 10:15 p.m.89 views

CVE-2020-0693

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0694.

5.4CVSS5.1AI score0.00923EPSS
CVE
CVE
added 2020/04/15 3:15 p.m.89 views

CVE-2020-0933

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0924, CVE-2020-0925...

5.4CVSS5.2AI score0.01102EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.89 views

CVE-2020-1460

A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls. An authenticated attacker who successfully exploited the vulnerability could use a specially crafted page to perform actions in the security context...

8.8CVSS8.9AI score0.05451EPSS
CVE
CVE
added 2020/08/17 7:15 p.m.89 views

CVE-2020-1500

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.The attacke...

5.5CVSS6.2AI score0.01955EPSS
CVE
CVE
added 2020/02/11 10:15 p.m.88 views

CVE-2020-0694

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0693.

5.4CVSS5.1AI score0.00923EPSS
CVE
CVE
added 2020/03/12 4:15 p.m.88 views

CVE-2020-0891

This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server, aka 'Microsoft SharePoint R...

5.4CVSS5.3AI score0.00622EPSS
CVE
CVE
added 2020/04/15 3:15 p.m.88 views

CVE-2020-0924

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0925, CVE-2020-0926...

5.4CVSS5.2AI score0.01102EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.88 views

CVE-2020-1227

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...

5.4CVSS6.4AI score0.0043EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.88 views

CVE-2020-1453

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint s...

8.6CVSS8.6AI score0.01833EPSS
CVE
CVE
added 2020/08/17 7:15 p.m.87 views

CVE-2020-1580

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...

5.4CVSS6.1AI score0.00528EPSS
CVE
CVE
added 2020/04/15 3:15 p.m.86 views

CVE-2020-0977

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-0972, CVE-2020-0975, CVE-2020-0976.

5.4CVSS5.3AI score0.00612EPSS
CVE
CVE
added 2020/07/14 11:15 p.m.86 views

CVE-2020-1454

This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server, aka 'Microsoft SharePoint R...

5.4CVSS6.8AI score0.00607EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.85 views

CVE-2020-1200

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint s...

8.6CVSS8.6AI score0.01578EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.85 views

CVE-2020-1514

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...

5.4CVSS6.4AI score0.00416EPSS
CVE
CVE
added 2020/04/15 3:15 p.m.83 views

CVE-2020-0925

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0924, CVE-2020-0926...

5.4CVSS5.2AI score0.01102EPSS
CVE
CVE
added 2020/04/15 3:15 p.m.83 views

CVE-2020-0975

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-0972, CVE-2020-0976, CVE-2020-0977.

5.4CVSS5.3AI score0.00612EPSS
CVE
CVE
added 2020/05/21 11:15 p.m.83 views

CVE-2020-1106

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1099, CVE-2020-1100, CVE-2020-1101...

6.1CVSS5.1AI score0.01851EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.83 views

CVE-2020-1298

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1177, CVE-2020-1183, CVE-2020-1297...

5.4CVSS5.1AI score0.00773EPSS
CVE
CVE
added 2020/07/14 11:15 p.m.83 views

CVE-2020-1451

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1450, CVE-2020-1456.

5.4CVSS5.1AI score0.00656EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.83 views

CVE-2020-1576

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint s...

8.8CVSS8.6AI score0.00297EPSS
CVE
CVE
added 2020/05/21 11:15 p.m.82 views

CVE-2020-1024

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1023, CVE-2020-1102.

8.8CVSS8.3AI score0.46247EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.82 views

CVE-2020-1183

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1177, CVE-2020-1297, CVE-2020-1298...

5.4CVSS5.1AI score0.00773EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.82 views

CVE-2020-1482

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...

6.3CVSS6.7AI score0.00438EPSS
CVE
CVE
added 2020/04/15 3:15 p.m.81 views

CVE-2020-0972

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-0975, CVE-2020-0976, CVE-2020-0977.

5.4CVSS5.3AI score0.00612EPSS
Total number of security vulnerabilities106