23 matches found
CVE-2020-1147
A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.
CVE-2023-24955
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2019-1006
An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'.
CVE-2021-40442
Microsoft Excel Remote Code Execution Vulnerability
CVE-2021-40486
Microsoft Word Remote Code Execution Vulnerability
CVE-2020-16929
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ...
CVE-2021-36940
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2022-21842
Microsoft Word Remote Code Execution Vulnerability
CVE-2021-1714
Microsoft Excel Remote Code Execution Vulnerability
CVE-2020-1198
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...
CVE-2022-41061
Microsoft Word Remote Code Execution Vulnerability
CVE-2021-40485
Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-27747
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2020-1345
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...
CVE-2021-38652
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2025-29793
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2021-38651
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2021-40484
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2025-29820
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2021-43242
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2021-42294
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2025-47168
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-47169
Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.