Sharepoint Enterprise Server@2013 Security Vulnerabilities and Issues — Sharepoint Enterprise Server@2013 CVE List

Lucene search

MicrosoftSharepoint Enterprise Server2013

11 matches found

CVE•added 2019/07/15 7:15 p.m.•271 views

CVE-2019-1006

An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'.

7.5CVSS7.8AI score0.03045EPSS

CVE•added 2019/08/14 9:15 p.m.•155 views

CVE-2019-1201

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. The file could then...

9.3CVSS7.8AI score0.12398EPSS

CVE•added 2019/08/14 9:15 p.m.•104 views

CVE-2019-1203

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...

5.4CVSS5.2AI score0.00529EPSS

CVE•added 2019/06/12 2:29 p.m.•99 views

CVE-2019-1034

9.3CVSS7.6AI score0.12927EPSS

CVE•added 2019/04/09 9:29 p.m.•96 views

CVE-2019-0831

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2019-0830.

5.4CVSS5AI score0.00578EPSS

CVE•added 2019/11/12 7:15 p.m.•94 views

CVE-2019-1446

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.

5.5CVSS5.6AI score0.08477EPSS

CVE•added 2019/03/06 12:0 a.m.•87 views

CVE-2019-0668

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'.

8.8CVSS8.9AI score0.04047EPSS

CVE•added 2019/10/10 2:15 p.m.•84 views

CVE-2019-1070

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'.

5.4CVSS5.2AI score0.0125EPSS

CVE•added 2019/03/06 12:0 a.m.•83 views

CVE-2019-0670

A spoofing vulnerability exists in Microsoft SharePoint when the application does not properly parse HTTP content, aka 'Microsoft SharePoint Spoofing Vulnerability'.

6.1CVSS7.4AI score0.00506EPSS

CVE•added 2019/07/29 2:13 p.m.•80 views

CVE-2019-1134

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'.

5.4CVSS5.7AI score0.00578EPSS

CVE•added 2019/01/08 9:29 p.m.•77 views

CVE-2019-0562

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoin...

5.4CVSS6.2AI score0.00495EPSS