Sharepoint Enterprise Server Security Vulnerabilities and Issues — Page 4 of Sharepoint Enterprise Server CVE List

Lucene search

MicrosoftSharepoint Enterprise Server

253 matches found

CVE•added 2020/04/15 3:15 p.m.•89 views

CVE-2020-0933

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0924, CVE-2020-0925...

5.4CVSS5.2AI score0.01102EPSS

CVE•added 2020/09/11 5:15 p.m.•89 views

CVE-2020-1460

A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls. An authenticated attacker who successfully exploited the vulnerability could use a specially crafted page to perform actions in the security context...

8.8CVSS8.9AI score0.05451EPSS

CVE•added 2020/08/17 7:15 p.m.•89 views

CVE-2020-1500

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.The attacke...

5.5CVSS6.2AI score0.01955EPSS

CVE•added 2021/03/11 4:15 p.m.•89 views

CVE-2021-27052

Microsoft SharePoint Server Information Disclosure Vulnerability

6.5CVSS5.3AI score0.08862EPSS

CVE•added 2020/02/11 10:15 p.m.•88 views

CVE-2020-0694

5.4CVSS5.1AI score0.00923EPSS

CVE•added 2020/03/12 4:15 p.m.•88 views

CVE-2020-0891

This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server, aka 'Microsoft SharePoint R...

5.4CVSS5.3AI score0.00622EPSS

CVE•added 2020/04/15 3:15 p.m.•88 views

CVE-2020-0924

5.4CVSS5.2AI score0.01102EPSS

CVE•added 2020/09/11 5:15 p.m.•88 views

CVE-2020-1227

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...

5.4CVSS6.4AI score0.0043EPSS

CVE•added 2020/09/11 5:15 p.m.•88 views

CVE-2020-1453

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint s...

8.6CVSS8.6AI score0.01833EPSS

CVE•added 2019/03/06 12:0 a.m.•87 views

CVE-2019-0668

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'.

8.8CVSS8.9AI score0.04047EPSS

CVE•added 2019/08/14 9:15 p.m.•87 views

CVE-2019-1202

An information disclosure vulnerability exists in the way Microsoft SharePoint handles session objects. An authenticated attacker who successfully exploited the vulnerability could hijack the session of another user.To exploit this vulnerability, the attacker could run a specially crafted applicati...

4.4CVSS4.4AI score0.00599EPSS

CVE•added 2020/08/17 7:15 p.m.•87 views

CVE-2020-1580

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...

5.4CVSS6.1AI score0.00528EPSS

CVE•added 2020/04/15 3:15 p.m.•86 views

CVE-2020-0977

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-0972, CVE-2020-0975, CVE-2020-0976.

5.4CVSS5.3AI score0.00612EPSS

CVE•added 2020/07/14 11:15 p.m.•86 views

CVE-2020-1454

5.4CVSS6.8AI score0.00607EPSS

CVE•added 2021/10/13 1:15 a.m.•86 views

CVE-2021-40484

Microsoft SharePoint Server Spoofing Vulnerability

7.6CVSS5.4AI score0.06439EPSS

CVE•added 2025/04/08 6:16 p.m.•86 views

CVE-2025-29820

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

7.8CVSS7.8AI score0.00079EPSS

CVE•added 2018/03/14 5:29 p.m.•85 views

CVE-2018-0909

Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0910, CVE-2018-0...

8.8CVSS8.5AI score0.07376EPSS

CVE•added 2020/09/11 5:15 p.m.•85 views

CVE-2020-1200

8.6CVSS8.6AI score0.01578EPSS

CVE•added 2020/09/11 5:15 p.m.•85 views

CVE-2020-1514

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...

5.4CVSS6.4AI score0.00416EPSS

CVE•added 2021/02/25 11:15 p.m.•85 views

CVE-2021-24071

Microsoft SharePoint Information Disclosure Vulnerability

6.5CVSS5.7AI score0.08862EPSS

CVE•added 2019/10/10 2:15 p.m.•84 views

CVE-2019-1070

5.4CVSS5.2AI score0.0125EPSS

CVE•added 2019/03/06 12:0 a.m.•83 views

CVE-2019-0670

A spoofing vulnerability exists in Microsoft SharePoint when the application does not properly parse HTTP content, aka 'Microsoft SharePoint Spoofing Vulnerability'.

6.1CVSS7.4AI score0.00506EPSS

CVE•added 2020/04/15 3:15 p.m.•83 views

CVE-2020-0925

5.4CVSS5.2AI score0.01102EPSS

CVE•added 2020/04/15 3:15 p.m.•83 views

CVE-2020-0975

5.4CVSS5.3AI score0.00612EPSS

CVE•added 2020/05/21 11:15 p.m.•83 views

CVE-2020-1106

6.1CVSS5.1AI score0.01851EPSS

CVE•added 2020/06/09 8:15 p.m.•83 views

CVE-2020-1298

5.4CVSS5.1AI score0.00773EPSS

CVE•added 2020/07/14 11:15 p.m.•83 views

CVE-2020-1451

5.4CVSS5.1AI score0.00656EPSS

CVE•added 2020/09/11 5:15 p.m.•83 views

CVE-2020-1576

8.8CVSS8.6AI score0.00403EPSS

CVE•added 2022/09/13 7:15 p.m.•83 views

CVE-2022-38009

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.04734EPSS

CVE•added 2017/06/15 1:29 a.m.•82 views

CVE-2017-8512

A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8511, CVE-2017-0260, and CVE-2017-8506.

9.3CVSS7.2AI score0.36403EPSS

CVE•added 2019/09/11 10:15 p.m.•82 views

CVE-2019-1296

A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1257, CVE-2019-1295.

8.8CVSS8.8AI score0.38462EPSS

CVE•added 2019/11/12 7:15 p.m.•82 views

CVE-2019-1443

An information disclosure vulnerability exists in Microsoft SharePoint when an attacker uploads a specially crafted file to the SharePoint Server.An authenticated attacker who successfully exploited this vulnerability could potentially leverage SharePoint functionality to obtain SMB hashes.The secu...

6.5CVSS5.8AI score0.15084EPSS

CVE•added 2020/06/09 8:15 p.m.•82 views

CVE-2020-1183

5.4CVSS5.1AI score0.00773EPSS

CVE•added 2020/09/11 5:15 p.m.•82 views

CVE-2020-1482

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...

6.3CVSS6.7AI score0.00438EPSS

CVE•added 2019/09/11 10:15 p.m.•81 views

CVE-2019-1257

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1295, CVE-2019-1296.

8.8CVSS8.8AI score0.38462EPSS

CVE•added 2020/04/15 3:15 p.m.•81 views

CVE-2020-0972

5.4CVSS5.3AI score0.00612EPSS

CVE•added 2020/05/21 11:15 p.m.•81 views

CVE-2020-1024

8.8CVSS8.3AI score0.46247EPSS

CVE•added 2019/04/09 9:29 p.m.•80 views

CVE-2019-0830

5.4CVSS5AI score0.00578EPSS

CVE•added 2019/07/29 2:13 p.m.•80 views

CVE-2019-1134

5.4CVSS5.7AI score0.00578EPSS

CVE•added 2020/05/21 11:15 p.m.•80 views

CVE-2020-1101

5.4CVSS5.1AI score0.01851EPSS

CVE•added 2020/07/14 11:15 p.m.•80 views

CVE-2020-1443

5.4CVSS6.9AI score0.01514EPSS

CVE•added 2019/06/12 2:29 p.m.•79 views

CVE-2019-1032

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...

5.4CVSS5.1AI score0.00528EPSS

CVE•added 2022/09/13 7:15 p.m.•79 views

CVE-2022-38008

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.04734EPSS

CVE•added 2020/05/21 11:15 p.m.•78 views

CVE-2020-1104

5.4CVSS5.4AI score0.00675EPSS

CVE•added 2022/09/13 7:15 p.m.•78 views

CVE-2022-35823

Microsoft SharePoint Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.36344EPSS

CVE•added 2017/10/13 1:29 p.m.•77 views

CVE-2017-11775

Microsoft SharePoint Enterprise Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an attacker to exploit a cross-site scripting (XSS) vulnerability by sending a specially crafted request to an affected SharePoint server, due to how SharePoint Server sanitizes web requests, aka "...

5.4CVSS5.2AI score0.00855EPSS

CVE•added 2019/01/08 9:29 p.m.•77 views

CVE-2019-0562

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoin...

5.4CVSS6.2AI score0.00495EPSS

CVE•added 2020/05/21 11:15 p.m.•77 views

CVE-2020-1105

5.4CVSS5.4AI score0.00675EPSS

CVE•added 2021/12/15 3:15 p.m.•77 views

CVE-2021-43242

Microsoft SharePoint Server Spoofing Vulnerability

7.6CVSS6.4AI score0.00826EPSS

CVE•added 2017/12/12 9:29 p.m.•76 views

CVE-2017-11936

Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability due to the way web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability".

8.8CVSS8.6AI score0.11619EPSS

Total number of security vulnerabilities253