191 matches found
CVE-2019-0604
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0594.
CVE-2023-21716
Microsoft Word Remote Code Execution Vulnerability
CVE-2022-22005
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2020-1025
An elevation of privilege vulnerability exists when Microsoft SharePoint Server and Skype for Business Server improperly handle OAuth token validation. An attacker who successfully exploited the vulnerability could bypass authentication and achieve improper access.To exploit this vulnerability, an ...
CVE-2020-0894
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0893.
CVE-2020-0929
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0920, CVE-2020-0931, CVE-2020-0932, CVE-2020-0971, C...
CVE-2020-16952
<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoin...
CVE-2020-1210
<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoin...
CVE-2020-1181
A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls, aka 'Microsoft SharePoint Server Remote Code Execution Vulnerability'.
CVE-2020-0932
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0920, CVE-2020-0929, CVE-2020-0931, CVE-2020-0971, C...
CVE-2019-1006
An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'.
CVE-2022-21968
Microsoft SharePoint Server Security Feature Bypass Vulnerability
CVE-2022-29108
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2020-16951
<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoin...
CVE-2019-0594
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0604.
CVE-2021-31181
Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2017-0281
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2016, Office Online Server 2016, Office Web Apps 2010 SP2,Office Web Apps 2013 SP1, Project Server 2013 SP1, SharePoint Enterprise Server 2013 SP1, SharePoint Enterprise Server 2016, SharePoint Foundation 2013 SP1, Sharepoint Serve...
CVE-2020-0931
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0920, CVE-2020-0929, CVE-2020-0932, CVE-2020-0971, C...
CVE-2021-41344
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2023-21742
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2021-31950
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2022-21837
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2021-40487
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2021-28474
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2023-23395
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2023-28288
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2019-1262
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'.
CVE-2021-34520
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2021-34467
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2021-34468
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2022-24472
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2020-16945
<p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoi...
CVE-2021-24104
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2021-26420
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2020-17118
Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2023-21744
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2021-27076
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2021-31966
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2021-26418
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2021-31172
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2021-34519
Microsoft SharePoint Server Information Disclosure Vulnerability
CVE-2020-0850
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0851, CVE-2020-0852, CVE-2020-0855, CVE-2020-0892.
CVE-2020-1198
<p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoi...
CVE-2021-31173
Microsoft SharePoint Server Information Disclosure Vulnerability
CVE-2020-17121
Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2013-0081
Microsoft SharePoint Portal Server 2003 SP3 and SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 do not properly process unassigned workflows, which allows remote attackers to cause a denial of service (W3WP process hang) via a crafted URL, aka "SharePoint Denial of Service Vulnerability."
CVE-2021-31963
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2023-21717
Microsoft SharePoint Server Elevation of Privilege Vulnerability
CVE-2019-1295
A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1257, CVE-2019-1296.
CVE-2022-41122
Microsoft SharePoint Server Spoofing Vulnerability