Sharepoint Enterprise Server Security Vulnerabilities and Issues — Sharepoint Enterprise Server CVE List

Lucene search

MicrosoftSharepoint Enterprise Server

90 matches found

CVE•added 2020/03/12 4:15 p.m.•409 views

CVE-2020-0894

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0893.

5.4CVSS5.1AI score0.00898EPSS

CVE•added 2020/04/15 3:15 p.m.•166 views

CVE-2020-0927

5.4CVSS5.2AI score0.01102EPSS

CVE•added 2021/03/11 4:15 p.m.•151 views

CVE-2021-24104

Microsoft SharePoint Server Spoofing Vulnerability

5.8CVSS4.9AI score0.00618EPSS

CVE•added 2020/06/09 8:15 p.m.•131 views

CVE-2020-1148

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-1289.

5.4CVSS5.7AI score0.00605EPSS

CVE•added 2021/01/12 8:15 p.m.•125 views

CVE-2021-1641

Microsoft SharePoint Server Spoofing Vulnerability

5.8CVSS5.5AI score0.00978EPSS

CVE•added 2020/04/15 3:15 p.m.•122 views

CVE-2020-0973

5.4CVSS5.2AI score0.01102EPSS

CVE•added 2020/08/17 7:15 p.m.•119 views

CVE-2020-1501

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.The attacke...

5.5CVSS6.2AI score0.01772EPSS

CVE•added 2020/04/15 3:15 p.m.•116 views

CVE-2020-0976

5.4CVSS5.3AI score0.00612EPSS

CVE•added 2020/05/21 11:15 p.m.•116 views

CVE-2020-1107

5.4CVSS5.4AI score0.00675EPSS

CVE•added 2020/04/15 3:15 p.m.•115 views

CVE-2020-0954

5.4CVSS5.2AI score0.01102EPSS

CVE•added 2020/04/15 3:15 p.m.•114 views

CVE-2020-0930

5.4CVSS5.2AI score0.01102EPSS

CVE•added 2020/07/14 11:15 p.m.•113 views

CVE-2020-1342

An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka 'Microsoft Office Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1445.

5.5CVSS6AI score0.28299EPSS

CVE•added 2020/06/09 8:15 p.m.•110 views

CVE-2020-1177

5.4CVSS5.1AI score0.00773EPSS

CVE•added 2020/08/17 7:15 p.m.•110 views

CVE-2020-1503

An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data.To exploit the vulnerability, an attacker could craft a special documen...

5.5CVSS6.3AI score0.25763EPSS

CVE•added 2020/03/12 4:15 p.m.•107 views

CVE-2020-0795

This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server, aka 'Microsoft SharePoint R...

5.4CVSS5.3AI score0.00622EPSS

CVE•added 2020/09/11 5:15 p.m.•107 views

CVE-2020-1224

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data.To exploit the vulnerability, an attacker could craft a spec...

5.5CVSS5.9AI score0.21879EPSS

CVE•added 2020/04/15 3:15 p.m.•106 views

CVE-2020-0926

5.4CVSS5.2AI score0.01102EPSS

CVE•added 2020/10/16 11:15 p.m.•106 views

CVE-2020-16941

An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages. An attacker who took advantage of this information disclosure could view the folder path of scripts loaded on the page.To take advan...

5.5CVSS5.1AI score0.00344EPSS

CVE•added 2019/08/14 9:15 p.m.•104 views

CVE-2019-1203

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...

5.4CVSS5.2AI score0.00529EPSS

CVE•added 2019/04/09 3:29 a.m.•103 views

CVE-2019-0778

5.4CVSS5.7AI score0.00579EPSS

CVE•added 2020/04/15 3:15 p.m.•103 views

CVE-2020-0923

5.4CVSS5.2AI score0.01102EPSS

CVE•added 2022/11/09 10:15 p.m.•102 views

CVE-2022-41103

Microsoft Word Information Disclosure Vulnerability

5.5CVSS6.1AI score0.00285EPSS

CVE•added 2020/05/21 11:15 p.m.•99 views

CVE-2020-1099

5.4CVSS5.1AI score0.01851EPSS

CVE•added 2020/07/14 11:15 p.m.•99 views

CVE-2020-1456

5.4CVSS5.1AI score0.00656EPSS

CVE•added 2020/08/17 7:15 p.m.•98 views

CVE-2020-1499

5.5CVSS6.2AI score0.01717EPSS

CVE•added 2020/08/17 7:15 p.m.•97 views

CVE-2020-1573

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...

5.5CVSS6.1AI score0.01125EPSS

CVE•added 2019/04/09 9:29 p.m.•96 views

CVE-2019-0831

5.4CVSS5AI score0.00578EPSS

CVE•added 2021/01/12 8:15 p.m.•96 views

CVE-2021-1717

Microsoft SharePoint Server Spoofing Vulnerability

5.8CVSS5.5AI score0.00978EPSS

CVE•added 2020/04/15 3:15 p.m.•95 views

CVE-2020-0978

5.4CVSS5.2AI score0.01102EPSS

CVE•added 2020/06/09 8:15 p.m.•95 views

CVE-2020-1320

5.4CVSS5.1AI score0.00773EPSS

CVE•added 2019/11/12 7:15 p.m.•94 views

CVE-2019-1446

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.

5.5CVSS5.6AI score0.08477EPSS

CVE•added 2020/03/12 4:15 p.m.•94 views

CVE-2020-0893

5.4CVSS5.1AI score0.00898EPSS

CVE•added 2020/06/09 8:15 p.m.•94 views

CVE-2020-1297

5.4CVSS5.1AI score0.00773EPSS

CVE•added 2020/07/14 11:15 p.m.•94 views

CVE-2020-1445

An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka 'Microsoft Office Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1342.

5.5CVSS6.1AI score0.28299EPSS

CVE•added 2020/07/14 11:15 p.m.•94 views

CVE-2020-1450

5.4CVSS5.1AI score0.00656EPSS

CVE•added 2020/11/11 7:15 a.m.•94 views

CVE-2020-17060

Microsoft SharePoint Server Spoofing Vulnerability

5.8CVSS6.7AI score0.00617EPSS

CVE•added 2020/08/17 7:15 p.m.•93 views

CVE-2020-1505

An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.To exploit the vulnerability, an attacker would have...

5.5CVSS6.3AI score0.01174EPSS

CVE•added 2020/05/21 11:15 p.m.•91 views

CVE-2020-1100

5.4CVSS5.1AI score0.01851EPSS

CVE•added 2022/11/09 10:15 p.m.•91 views

CVE-2022-41060

Microsoft Word Information Disclosure Vulnerability

5.5CVSS6.1AI score0.00285EPSS

CVE•added 2019/06/12 2:29 p.m.•90 views

CVE-2019-1031

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...

5.4CVSS5.1AI score0.00528EPSS

CVE•added 2019/06/12 2:29 p.m.•90 views

CVE-2019-1036

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...

5.4CVSS5.1AI score0.00528EPSS

CVE•added 2019/10/10 2:15 p.m.•90 views

CVE-2019-1328

5.4CVSS5.8AI score0.00595EPSS

CVE•added 2017/10/13 1:29 p.m.•89 views

CVE-2017-11820

Microsoft SharePoint Enterprise Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an attacker to exploit a cross-site scripting (XSS) vulnerability by sending a specially crafted request to an affected SharePoint server, due to how SharePoint Server sanitizes web requests, aka "...

5.4CVSS5.2AI score0.00855EPSS

CVE•added 2020/02/11 10:15 p.m.•89 views

CVE-2020-0693

5.4CVSS5.1AI score0.00923EPSS

CVE•added 2020/04/15 3:15 p.m.•89 views

CVE-2020-0933

5.4CVSS5.2AI score0.01102EPSS

CVE•added 2020/08/17 7:15 p.m.•89 views

CVE-2020-1500

5.5CVSS6.2AI score0.01955EPSS

CVE•added 2020/02/11 10:15 p.m.•88 views

CVE-2020-0694

5.4CVSS5.1AI score0.00923EPSS

CVE•added 2020/03/12 4:15 p.m.•88 views

CVE-2020-0891

5.4CVSS5.3AI score0.00622EPSS

CVE•added 2020/04/15 3:15 p.m.•88 views

CVE-2020-0924

5.4CVSS5.2AI score0.01102EPSS

CVE•added 2020/09/11 5:15 p.m.•88 views

CVE-2020-1227

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoi...

5.4CVSS6.4AI score0.0043EPSS

Total number of security vulnerabilities90