Lucene search

K
MicrosoftSharepoint Foundation

230 matches found

CVE
CVE
added 2020/06/09 8:15 p.m.70 views

CVE-2020-1289

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-1148.

5.4CVSS5.7AI score0.00605EPSS
CVE
CVE
added 2022/10/11 7:15 p.m.70 views

CVE-2022-41037

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.06087EPSS
CVE
CVE
added 2018/07/11 12:29 a.m.69 views

CVE-2018-8299

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint. This CVE ID is unique from...

5.4CVSS5.6AI score0.00432EPSS
CVE
CVE
added 2018/11/14 1:29 a.m.69 views

CVE-2018-8572

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoin...

5.4CVSS6.3AI score0.00427EPSS
CVE
CVE
added 2022/10/11 7:15 p.m.68 views

CVE-2022-41036

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.06087EPSS
CVE
CVE
added 2019/05/16 7:29 p.m.67 views

CVE-2019-0963

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'.

5.4CVSS5.5AI score0.00578EPSS
CVE
CVE
added 2015/03/11 10:59 a.m.66 views

CVE-2015-1636

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2013 Gold and SP1 and SharePoint Server 2013 Gold and SP1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability."

3.5CVSS4.6AI score0.07905EPSS
CVE
CVE
added 2018/06/14 12:29 p.m.66 views

CVE-2018-8254

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft Project Server, Microsoft SharePoint. ...

5.4CVSS5.5AI score0.00869EPSS
CVE
CVE
added 2015/03/11 10:59 a.m.63 views

CVE-2015-1633

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2010 SP2, SharePoint Server 2010 SP2, SharePoint Foundation 2013 Gold and SP1, and SharePoint Server 2013 Gold and SP1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted request, aka "Mic...

3.5CVSS4.6AI score0.07905EPSS
CVE
CVE
added 2018/06/14 12:29 p.m.63 views

CVE-2018-8252

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint. This CVE ID is unique from...

5.4CVSS5.5AI score0.00869EPSS
CVE
CVE
added 2015/04/14 8:59 p.m.62 views

CVE-2015-1653

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2013 SP1 and SharePoint Server 2013 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability."

4.3CVSS5AI score0.08963EPSS
CVE
CVE
added 2016/01/13 5:59 a.m.62 views

CVE-2016-0011

Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) attacks by modifying a webpart, aka "Microsoft SharePoint Security Feature Bypass," a different vulne...

5.4CVSS5.3AI score0.01683EPSS
CVE
CVE
added 2015/09/09 12:59 a.m.61 views

CVE-2015-2522

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2013 SP1 allows remote authenticated users to inject arbitrary web script or HTML via crafted content, aka "Microsoft SharePoint XSS Spoofing Vulnerability."

3.5CVSS4.7AI score0.10059EPSS
CVE
CVE
added 2016/02/10 11:59 a.m.61 views

CVE-2016-0039

Cross-site scripting (XSS) vulnerability in SharePoint Server in Microsoft SharePoint Foundation 2013 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability."

6.1CVSS5.7AI score0.01457EPSS
CVE
CVE
added 2016/02/10 11:59 a.m.61 views

CVE-2016-0054

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Services on SharePoint Serv...

9.3CVSS7.7AI score0.28449EPSS
CVE
CVE
added 2013/09/11 2:3 p.m.60 views

CVE-2013-3847

Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corrupti...

9.3CVSS7.5AI score0.61623EPSS
CVE
CVE
added 2016/01/13 5:59 a.m.59 views

CVE-2015-6117

Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) attacks by modifying a webpart, aka "Microsoft SharePoint Security Feature Bypass," a different vulne...

6.1CVSS5.3AI score0.01683EPSS
CVE
CVE
added 2012/10/09 9:55 p.m.58 views

CVE-2012-2520

Cross-site scripting (XSS) vulnerability in Microsoft InfoPath 2007 SP2 and SP3 and 2010 SP1, Communicator 2007 R2, Lync 2010 and 2010 Attendee, SharePoint Server 2007 SP2 and SP3 and 2010 SP1, Groove Server 2010 SP1, Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010 SP1, and Office W...

4.3CVSS5.6AI score0.2805EPSS
CVE
CVE
added 2014/08/12 9:55 p.m.57 views

CVE-2014-2816

Microsoft SharePoint Server 2013 Gold and SP1 and SharePoint Foundation 2013 Gold and SP1 allow remote authenticated users to gain privileges via a Trojan horse app that executes a custom action in the context of the SharePoint extensibility model, aka "SharePoint Page Content Vulnerability."

9.3CVSS6.4AI score0.38643EPSS
CVE
CVE
added 2018/05/09 7:29 p.m.56 views

CVE-2018-8155

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint. This CVE ID is unique from...

5.4CVSS5.5AI score0.00473EPSS
CVE
CVE
added 2011/09/15 12:26 p.m.55 views

CVE-2011-1893

Cross-site scripting (XSS) vulnerability in Microsoft Office SharePoint Server 2010, Windows SharePoint Services 2.0 and 3.0 SP2, and SharePoint Foundation 2010 allows remote attackers to inject arbitrary web script or HTML via the URI, aka "SharePoint XSS Vulnerability."

4.3CVSS5.1AI score0.47875EPSS
CVE
CVE
added 2015/10/14 1:59 a.m.55 views

CVE-2015-6039

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allows remote authenticated users to inject arbitrary web script or HTML via crafted content in an Office Marketplace instance, aka "Microsoft SharePoint Security Feature Bypass Vulne...

3.5CVSS5.3AI score0.0902EPSS
CVE
CVE
added 2011/09/15 12:26 p.m.54 views

CVE-2011-1891

Cross-site scripting (XSS) vulnerability in Microsoft Windows SharePoint Services 3.0 SP2, and SharePoint Foundation 2010 Gold and SP1, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters in a request to a script, aka "Contact Details Reflected XSS Vulnerabilit...

4.3CVSS5.1AI score0.47875EPSS
CVE
CVE
added 2013/09/11 2:3 p.m.54 views

CVE-2013-3179

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "SharePoint XSS Vulnerability."

4.3CVSS5AI score0.11881EPSS
CVE
CVE
added 2011/09/15 12:26 p.m.52 views

CVE-2011-1890

Cross-site scripting (XSS) vulnerability in EditForm.aspx in Microsoft Office SharePoint Server 2010 and SharePoint Foundation 2010 allows remote attackers to inject arbitrary web script or HTML via a post, aka "Editform Script Injection Vulnerability."

4.3CVSS5.8AI score0.40973EPSS
CVE
CVE
added 2015/10/14 1:59 a.m.51 views

CVE-2015-6037

Cross-site scripting (XSS) vulnerability in Microsoft Excel Services on SharePoint Server 2010 SP2 and 2013 SP1, Office Web Apps 2010 SP2, Excel Web App 2010 SP2, Office Web Apps Server 2013 SP1, and SharePoint Foundation 2013 SP1 allows remote authenticated users to inject arbitrary web script or ...

3.5CVSS4.7AI score0.10637EPSS
CVE
CVE
added 2014/11/11 10:55 p.m.49 views

CVE-2014-4116

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2010 SP2 allows remote authenticated users to inject arbitrary web script or HTML via a modified list, aka "SharePoint Elevation of Privilege Vulnerability."

4.3CVSS5.2AI score0.12319EPSS
CVE
CVE
added 2015/05/13 10:59 a.m.48 views

CVE-2015-1700

Microsoft SharePoint Server 2007 SP3, SharePoint Foundation 2010 SP2, SharePoint Server 2010 SP2, and SharePoint Foundation 2013 SP1 allow remote authenticated users to execute arbitrary code via crafted page content, aka "Microsoft SharePoint Page Content Vulnerabilities."

6CVSS7.3AI score0.28764EPSS
CVE
CVE
added 2013/03/13 12:55 a.m.47 views

CVE-2013-0085

Buffer overflow in Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allows remote attackers to cause a denial of service (W3WP process crash and site outage) via a crafted URL, aka "Buffer Overflow Vulnerability."

7.8CVSS6.8AI score0.68083EPSS
CVE
CVE
added 2013/04/09 10:55 p.m.47 views

CVE-2013-1289

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1, Groove Server 2010 SP1, SharePoint Foundation 2010 SP1, and Office Web Apps 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted string, aka "HTML Sanitization Vulnerability."

4.3CVSS5.4AI score0.61898EPSS
Total number of security vulnerabilities230