Lucene search

K
MicrosoftSharepoint Foundation

230 matches found

CVE
CVE
added 2021/01/12 8:15 p.m.102 views

CVE-2021-1718

Microsoft SharePoint Server Tampering Vulnerability

8.8CVSS7.7AI score0.01536EPSS
CVE
CVE
added 2021/06/08 11:15 p.m.102 views

CVE-2021-31948

Microsoft SharePoint Server Spoofing Vulnerability

8.1CVSS7.4AI score0.04957EPSS
CVE
CVE
added 2020/11/11 7:15 a.m.101 views

CVE-2020-17017

Microsoft SharePoint Information Disclosure Vulnerability

6.8CVSS6.4AI score0.0305EPSS
CVE
CVE
added 2019/09/11 10:15 p.m.100 views

CVE-2019-1259

A spoofing vulnerability exists in Microsoft SharePoint when it improperly handles requests to authorize applications, resulting in cross-site request forgery (CSRF).To exploit this vulnerability, an attacker would need to create a page specifically designed to cause a cross-site request, aka 'Micr...

8.8CVSS8.2AI score0.05041EPSS
CVE
CVE
added 2019/09/11 10:15 p.m.100 views

CVE-2019-1260

An elevation of privilege vulnerability exists in Microsoft SharePoint, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'.

6.5CVSS7.2AI score0.11221EPSS
CVE
CVE
added 2022/12/13 7:15 p.m.100 views

CVE-2022-44690

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.33895EPSS
CVE
CVE
added 2020/11/11 7:15 a.m.99 views

CVE-2020-17061

Microsoft SharePoint Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.11137EPSS
CVE
CVE
added 2022/10/11 7:15 p.m.99 views

CVE-2022-41038

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.05111EPSS
CVE
CVE
added 2017/05/12 2:29 p.m.98 views

CVE-2017-0255

Microsoft SharePoint Foundation 2013 SP1 allows an elevation of privilege vulnerability when it does not properly sanitize a specially crafted web request, aka "Microsoft SharePoint XSS Vulnerability".

5.4CVSS5.3AI score0.01164EPSS
CVE
CVE
added 2020/04/15 3:15 p.m.98 views

CVE-2020-0971

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0920, CVE-2020-0929, CVE-2020-0931, CVE-2020-0932, C...

8.8CVSS8.3AI score0.30943EPSS
CVE
CVE
added 2020/08/17 7:15 p.m.98 views

CVE-2020-1499

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.The attacke...

5.5CVSS6.2AI score0.01717EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.98 views

CVE-2020-1595

<p>A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm acc...

9.9CVSS9.3AI score0.01122EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.98 views

CVE-2020-16944

<p>This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.</p><p>An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who ...

8.7CVSS8.1AI score0.00584EPSS
CVE
CVE
added 2022/02/09 5:15 p.m.98 views

CVE-2022-21987

Microsoft SharePoint Server Spoofing Vulnerability

8CVSS8AI score0.05327EPSS
CVE
CVE
added 2020/08/17 7:15 p.m.97 views

CVE-2020-1573

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...

5.5CVSS6.1AI score0.01125EPSS
CVE
CVE
added 2019/04/09 9:29 p.m.96 views

CVE-2019-0831

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2019-0830.

5.4CVSS5AI score0.00578EPSS
CVE
CVE
added 2021/01/12 8:15 p.m.96 views

CVE-2021-1717

Microsoft SharePoint Server Spoofing Vulnerability

5.8CVSS5.5AI score0.00978EPSS
CVE
CVE
added 2020/04/15 3:15 p.m.95 views

CVE-2020-0920

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0929, CVE-2020-0931, CVE-2020-0932, CVE-2020-0971, C...

8.8CVSS8.3AI score0.30943EPSS
CVE
CVE
added 2020/04/15 3:15 p.m.95 views

CVE-2020-0978

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0924, CVE-2020-0925...

5.4CVSS5.2AI score0.01102EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.95 views

CVE-2020-1320

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1177, CVE-2020-1183, CVE-2020-1297...

5.4CVSS5.1AI score0.00773EPSS
CVE
CVE
added 2021/09/15 12:15 p.m.95 views

CVE-2021-38651

Microsoft SharePoint Server Spoofing Vulnerability

7.6CVSS5.2AI score0.0108EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.94 views

CVE-2020-1205

<p>A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.</p><p>T...

4.9CVSS6AI score0.01581EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.94 views

CVE-2020-1297

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1177, CVE-2020-1183, CVE-2020-1298...

5.4CVSS5.1AI score0.00773EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.94 views

CVE-2020-16942

<p>An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages. An attacker who took advantage of this information disclosure could view the folder path of scripts loaded on the page.</p><p>To take advan...

4.4CVSS5.7AI score0.00334EPSS
CVE
CVE
added 2018/07/11 12:29 a.m.93 views

CVE-2018-8284

A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microso...

9.3CVSS7.3AI score0.53408EPSS
CVE
CVE
added 2020/08/17 7:15 p.m.93 views

CVE-2020-1505

An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.To exploit the vulnerability, an attacker would have...

5.5CVSS6.3AI score0.01174EPSS
CVE
CVE
added 2020/11/11 7:15 a.m.93 views

CVE-2020-16979

Microsoft SharePoint Information Disclosure Vulnerability

6.5CVSS5.2AI score0.0305EPSS
CVE
CVE
added 2019/05/16 7:29 p.m.92 views

CVE-2019-0949

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-0950, CVE-2019-0951.

5.7CVSS5.4AI score0.07161EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.92 views

CVE-2020-1323

An open redirect vulnerability exists in Microsoft SharePoint that could lead to spoofing.To exploit the vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link, aka 'SharePoint Open Redirect Vulnerability'.

6.1CVSS6.5AI score0.01545EPSS
CVE
CVE
added 2020/11/11 7:15 a.m.92 views

CVE-2020-17015

Microsoft SharePoint Server Spoofing Vulnerability

6.5CVSS4.8AI score0.01235EPSS
CVE
CVE
added 2020/11/11 7:15 a.m.92 views

CVE-2020-17016

Microsoft SharePoint Server Spoofing Vulnerability

8.8CVSS8AI score0.16892EPSS
CVE
CVE
added 2022/10/11 7:15 p.m.92 views

CVE-2022-38053

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.51084EPSS
CVE
CVE
added 2022/11/09 10:15 p.m.92 views

CVE-2022-41062

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.02164EPSS
CVE
CVE
added 2020/05/21 11:15 p.m.91 views

CVE-2020-1100

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1099, CVE-2020-1101, CVE-2020-1106...

5.4CVSS5.1AI score0.01851EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.91 views

CVE-2020-1452

<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoin...

8.6CVSS8.6AI score0.02468EPSS
CVE
CVE
added 2011/09/15 12:26 p.m.90 views

CVE-2011-1892

Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and SP1, Office Forms Server 2007 SP2, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Office Groove Data Bridge Server 2007 SP2, Office Groove Management Server 2007 SP2, Groove Server 2010 Gold and SP1...

4CVSS6.1AI score0.47594EPSS
CVE
CVE
added 2019/06/12 2:29 p.m.90 views

CVE-2019-1031

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...

5.4CVSS5.1AI score0.00528EPSS
CVE
CVE
added 2019/06/12 2:29 p.m.90 views

CVE-2019-1036

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...

5.4CVSS5.1AI score0.00528EPSS
CVE
CVE
added 2019/10/10 2:15 p.m.90 views

CVE-2019-1328

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'.

5.4CVSS5.8AI score0.00595EPSS
CVE
CVE
added 2020/05/21 11:15 p.m.90 views

CVE-2020-1069

A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls, aka 'Microsoft SharePoint Server Remote Code Execution Vulnerability'.

8.8CVSS8.4AI score0.34532EPSS
CVE
CVE
added 2020/05/21 11:15 p.m.90 views

CVE-2020-1103

An information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulnerable to cross-site search attacks (a variant of cross-site request forgery, CSRF).When users are simultaneously logged in to Microsoft SharePoint Server and visit a mal...

6.5CVSS6.4AI score0.08862EPSS
CVE
CVE
added 2021/01/12 8:15 p.m.90 views

CVE-2021-1712

Microsoft SharePoint Elevation of Privilege Vulnerability

8CVSS7.8AI score0.01091EPSS
CVE
CVE
added 2020/04/15 3:15 p.m.89 views

CVE-2020-0933

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0924, CVE-2020-0925...

5.4CVSS5.2AI score0.01102EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.89 views

CVE-2020-1460

<p>A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls. An authenticated attacker who successfully exploited the vulnerability could use a specially crafted page to perform actions in the security cont...

8.8CVSS8.9AI score0.05451EPSS
CVE
CVE
added 2022/12/13 7:15 p.m.89 views

CVE-2022-44693

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.04061EPSS
CVE
CVE
added 2016/09/14 10:59 a.m.88 views

CVE-2016-3357

Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Word for Mac 2011, Word 2016 for Mac, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, SharePoint Server 2013 SP1, Excel Automation Services on SharePoint Server 2013 SP1, Word Automati...

9.3CVSS7.6AI score0.29428EPSS
CVE
CVE
added 2020/03/12 4:15 p.m.88 views

CVE-2020-0891

This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server, aka 'Microsoft SharePoint R...

5.4CVSS5.3AI score0.00622EPSS
CVE
CVE
added 2020/04/15 3:15 p.m.88 views

CVE-2020-0924

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0925, CVE-2020-0926...

5.4CVSS5.2AI score0.01102EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.88 views

CVE-2020-1227

<p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoi...

5.4CVSS6.4AI score0.0043EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.88 views

CVE-2020-1453

<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoin...

8.6CVSS8.6AI score0.01833EPSS
Total number of security vulnerabilities230