Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
MicrosoftSharepoint Foundation

230 matches found

CVE
CVEadded 2019/03/06 12:0 a.m.1570 views

CVE-2019-0604

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0594.

9.8CVSS9.5AI score0.94411EPSS
CVE
CVEadded 2023/02/14 8:15 p.m.575 views

CVE-2023-21716

Microsoft Word Remote Code Execution Vulnerability

9.8CVSS9.6AI score0.91212EPSS
CVE
CVEadded 2022/02/09 5:15 p.m.548 views

CVE-2022-22005

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.06013EPSS
CVE
CVEadded 2020/07/14 11:15 p.m.514 views

CVE-2020-1025

An elevation of privilege vulnerability exists when Microsoft SharePoint Server and Skype for Business Server improperly handle OAuth token validation. An attacker who successfully exploited the vulnerability could bypass authentication and achieve improper access.To exploit this vulnerability, an ...

9.8CVSS9.4AI score0.09917EPSS
CVE
CVEadded 2020/03/12 4:15 p.m.409 views

CVE-2020-0894

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0893.

5.4CVSS5.1AI score0.00898EPSS
CVE
CVEadded 2020/04/15 3:15 p.m.400 views

CVE-2020-0929

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0920, CVE-2020-0931, CVE-2020-0932, CVE-2020-0971, C...

8.8CVSS8.3AI score0.30943EPSS
CVE
CVEadded 2020/10/16 11:15 p.m.378 views

CVE-2020-16952

<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoin...

8.6CVSS8.1AI score0.77373EPSS
CVE
CVEadded 2020/09/11 5:15 p.m.331 views

CVE-2020-1210

<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoin...

9.9CVSS9.2AI score0.01305EPSS
CVE
CVEadded 2020/06/09 8:15 p.m.326 views

CVE-2020-1181

A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls, aka 'Microsoft SharePoint Server Remote Code Execution Vulnerability'.

8.8CVSS8.6AI score0.50181EPSS
CVE
CVEadded 2020/04/15 3:15 p.m.298 views

CVE-2020-0932

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0920, CVE-2020-0929, CVE-2020-0931, CVE-2020-0971, C...

8.8CVSS8.3AI score0.30943EPSS
CVE
CVEadded 2019/07/15 7:15 p.m.271 views

CVE-2019-1006

An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'.

7.5CVSS7.8AI score0.03045EPSS
CVE
CVEadded 2022/02/09 5:15 p.m.258 views

CVE-2022-21968

Microsoft SharePoint Server Security Feature Bypass Vulnerability

4.3CVSS6.1AI score0.01618EPSS
CVE
CVEadded 2022/05/10 9:15 p.m.256 views

CVE-2022-29108

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.03829EPSS
CVE
CVEadded 2020/10/16 11:15 p.m.244 views

CVE-2020-16951

<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoin...

8.6CVSS8.1AI score0.01431EPSS
CVE
CVEadded 2019/03/06 12:0 a.m.241 views

CVE-2019-0594

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0604.

8.8CVSS9.5AI score0.94411EPSS
CVE
CVEadded 2021/05/11 7:15 p.m.240 views

CVE-2021-31181

Microsoft SharePoint Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.18584EPSS
CVE
CVEadded 2017/05/12 2:29 p.m.238 views

CVE-2017-0281

Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2016, Office Online Server 2016, Office Web Apps 2010 SP2,Office Web Apps 2013 SP1, Project Server 2013 SP1, SharePoint Enterprise Server 2013 SP1, SharePoint Enterprise Server 2016, SharePoint Foundation 2013 SP1, Sharepoint Serve...

9.3CVSS8.1AI score0.92255EPSS
CVE
CVEadded 2020/04/15 3:15 p.m.212 views

CVE-2020-0931

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0920, CVE-2020-0929, CVE-2020-0932, CVE-2020-0971, C...

8.8CVSS8.3AI score0.30943EPSS
CVE
CVEadded 2021/10/13 1:15 a.m.205 views

CVE-2021-41344

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS7.8AI score0.06488EPSS
CVE
CVEadded 2023/01/10 10:15 p.m.197 views

CVE-2023-21742

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.16675EPSS
CVE
CVEadded 2021/06/08 11:15 p.m.192 views

CVE-2021-31950

Microsoft SharePoint Server Spoofing Vulnerability

8.1CVSS7.4AI score0.02015EPSS
CVE
CVEadded 2022/01/11 9:15 p.m.184 views

CVE-2022-21837

Microsoft SharePoint Server Remote Code Execution Vulnerability

9CVSS8.6AI score0.09593EPSS
CVE
CVEadded 2021/10/13 1:15 a.m.173 views

CVE-2021-40487

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS7.8AI score0.01524EPSS
CVE
CVEadded 2021/05/11 7:15 p.m.172 views

CVE-2021-28474

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.11384EPSS
CVE
CVEadded 2023/03/14 5:15 p.m.170 views

CVE-2023-23395

Microsoft SharePoint Server Spoofing Vulnerability

3.1CVSS4AI score0.00854EPSS
CVE
CVEadded 2011/09/15 12:26 p.m.165 views

CVE-2011-0653

Cross-site scripting (XSS) vulnerability in Microsoft Office SharePoint Server 2010 Gold and SP1, and SharePoint Foundation 2010, allows remote attackers to inject arbitrary web script or HTML via the URI, aka "XSS in SharePoint Calendar Vulnerability."

4.3CVSS5.5AI score0.47875EPSS
CVE
CVEadded 2023/04/11 9:15 p.m.162 views

CVE-2023-28288

Microsoft SharePoint Server Spoofing Vulnerability

8.1CVSS7.8AI score0.07487EPSS
CVE
CVEadded 2019/09/11 10:15 p.m.161 views

CVE-2019-1262

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'.

5.4CVSS5.1AI score0.0048EPSS
CVE
CVEadded 2012/07/10 9:55 p.m.160 views

CVE-2012-1863

Cross-site scripting (XSS) vulnerability in Microsoft Office SharePoint Server 2007 SP2 and SP3 Windows SharePoint Services 3.0 SP2, and SharePoint Foundation 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via crafted JavaScript elements in a URL, aka "SharePoint R...

4.3CVSS5.4AI score0.61898EPSS
CVE
CVEadded 2021/07/14 6:15 p.m.160 views

CVE-2021-34520

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.1AI score0.04801EPSS
CVE
CVEadded 2021/07/16 9:15 p.m.158 views

CVE-2021-34467

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS7.5AI score0.01937EPSS
CVE
CVEadded 2021/07/14 6:15 p.m.157 views

CVE-2021-34468

Microsoft SharePoint Server Remote Code Execution Vulnerability

8CVSS7.5AI score0.01861EPSS
CVE
CVEadded 2022/04/15 7:15 p.m.154 views

CVE-2022-24472

Microsoft SharePoint Server Spoofing Vulnerability

8CVSS6.3AI score0.08455EPSS
CVE
CVEadded 2020/10/16 11:15 p.m.153 views

CVE-2020-16945

<p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoi...

8.7CVSS7.5AI score0.00452EPSS
CVE
CVEadded 2022/01/11 9:15 p.m.152 views

CVE-2022-21840

Microsoft Office Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.09199EPSS
CVE
CVEadded 2021/03/11 4:15 p.m.151 views

CVE-2021-24104

Microsoft SharePoint Server Spoofing Vulnerability

5.8CVSS4.9AI score0.00618EPSS
CVE
CVEadded 2021/06/08 11:15 p.m.148 views

CVE-2021-26420

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS7.2AI score0.0542EPSS
CVE
CVEadded 2012/07/10 9:55 p.m.147 views

CVE-2012-1859

Cross-site scripting (XSS) vulnerability in scriptresx.ashx in Microsoft SharePoint Server 2010 Gold and SP1, SharePoint Foundation 2010 Gold and SP1, and Office Web Apps 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via crafted JavaScript elements in a URL, aka "...

4.3CVSS5.6AI score0.61898EPSS
CVE
CVEadded 2020/12/10 12:15 a.m.146 views

CVE-2020-17118

Microsoft SharePoint Remote Code Execution Vulnerability

10CVSS8.4AI score0.11171EPSS
CVE
CVEadded 2023/01/10 10:15 p.m.142 views

CVE-2023-21744

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.02247EPSS
CVE
CVEadded 2013/09/11 2:3 p.m.140 views

CVE-2013-1330

The default configuration of Microsoft SharePoint Portal Server 2003 SP3, SharePoint Server 2007 SP3 and 2010 SP1 and SP2, and Office Web Apps 2010 does not set the EnableViewStateMac attribute, which allows remote attackers to execute arbitrary code by leveraging an unassigned workflow, aka "MAC D...

10CVSS7.4AI score0.67297EPSS
CVE
CVEadded 2021/03/11 4:15 p.m.140 views

CVE-2021-27076

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.09034EPSS
CVE
CVEadded 2013/03/13 12:55 a.m.138 views

CVE-2013-0084

Directory traversal vulnerability in Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allows remote attackers to bypass intended read restrictions for content, and hijack user accounts, via a crafted URL, aka "SharePoint Directory Traversal Vulnerability."

7.5CVSS6.5AI score0.28777EPSS
CVE
CVEadded 2021/06/08 11:15 p.m.138 views

CVE-2021-31966

Microsoft SharePoint Server Remote Code Execution Vulnerability

7.2CVSS7.2AI score0.13101EPSS
CVE
CVEadded 2021/05/11 7:15 p.m.137 views

CVE-2021-26418

Microsoft SharePoint Server Spoofing Vulnerability

7.1CVSS5.2AI score0.00773EPSS
CVE
CVEadded 2021/05/11 7:15 p.m.137 views

CVE-2021-31172

Microsoft SharePoint Server Spoofing Vulnerability

7.1CVSS6.8AI score0.04736EPSS
CVE
CVEadded 2021/07/14 6:15 p.m.136 views

CVE-2021-34519

Microsoft SharePoint Server Information Disclosure Vulnerability

5.3CVSS5.2AI score0.01132EPSS
CVE
CVEadded 2013/09/11 2:3 p.m.133 views

CVE-2013-1315

Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (...

9.3CVSS7.6AI score0.69342EPSS
CVE
CVEadded 2020/03/12 4:15 p.m.133 views

CVE-2020-0850

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0851, CVE-2020-0852, CVE-2020-0855, CVE-2020-0892.

8.8CVSS7.9AI score0.33652EPSS
CVE
CVEadded 2020/09/11 5:15 p.m.133 views

CVE-2020-1198

<p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoi...

7.4CVSS7AI score0.00518EPSS
Total number of security vulnerabilities230