Sharepoint Foundation@2013 Security Vulnerabilities and Issues — Page 3 of Sharepoint Foundation@2013 CVE List

Lucene search

MicrosoftSharepoint Foundation2013

191 matches found

CVE•added 2020/06/09 8:15 p.m.•95 views

CVE-2020-1320

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1177, CVE-2020-1183, CVE-2020-1297...

5.4CVSS5.1AI score0.00773EPSS

CVE•added 2021/09/15 12:15 p.m.•95 views

CVE-2021-38651

Microsoft SharePoint Server Spoofing Vulnerability

7.6CVSS5.2AI score0.0108EPSS

CVE•added 2020/09/11 5:15 p.m.•94 views

CVE-2020-1205

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.T...

4.9CVSS6AI score0.01581EPSS

CVE•added 2020/06/09 8:15 p.m.•94 views

CVE-2020-1297

5.4CVSS5.1AI score0.00773EPSS

CVE•added 2020/10/16 11:15 p.m.•94 views

CVE-2020-16942

An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages. An attacker who took advantage of this information disclosure could view the folder path of scripts loaded on the page.To take advan...

4.4CVSS5.7AI score0.00334EPSS

CVE•added 2018/07/11 12:29 a.m.•93 views

CVE-2018-8284

A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microso...

9.3CVSS7.3AI score0.53408EPSS

CVE•added 2020/08/17 7:15 p.m.•93 views

CVE-2020-1505

An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.To exploit the vulnerability, an attacker would have...

5.5CVSS6.3AI score0.01174EPSS

CVE•added 2020/11/11 7:15 a.m.•93 views

CVE-2020-16979

Microsoft SharePoint Information Disclosure Vulnerability

6.5CVSS5.2AI score0.0305EPSS

CVE•added 2019/05/16 7:29 p.m.•92 views

CVE-2019-0949

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-0950, CVE-2019-0951.

5.7CVSS5.4AI score0.07161EPSS

CVE•added 2020/11/11 7:15 a.m.•92 views

CVE-2020-17015

Microsoft SharePoint Server Spoofing Vulnerability

6.5CVSS4.8AI score0.01235EPSS

CVE•added 2022/10/11 7:15 p.m.•92 views

CVE-2022-38053

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.51084EPSS

CVE•added 2022/11/09 10:15 p.m.•92 views

CVE-2022-41062

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.02164EPSS

CVE•added 2020/05/21 11:15 p.m.•91 views

CVE-2020-1100

5.4CVSS5.1AI score0.01851EPSS

CVE•added 2020/09/11 5:15 p.m.•91 views

CVE-2020-1452

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoin...

8.6CVSS8.6AI score0.02468EPSS

CVE•added 2019/06/12 2:29 p.m.•90 views

CVE-2019-1031

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...

5.4CVSS5.1AI score0.00528EPSS

CVE•added 2019/06/12 2:29 p.m.•90 views

CVE-2019-1036

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...

5.4CVSS5.1AI score0.00528EPSS

CVE•added 2019/10/10 2:15 p.m.•90 views

CVE-2019-1328

5.4CVSS5.8AI score0.00595EPSS

CVE•added 2020/05/21 11:15 p.m.•90 views

CVE-2020-1069

A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls, aka 'Microsoft SharePoint Server Remote Code Execution Vulnerability'.

8.8CVSS8.4AI score0.34532EPSS

CVE•added 2020/05/21 11:15 p.m.•90 views

CVE-2020-1103

An information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulnerable to cross-site search attacks (a variant of cross-site request forgery, CSRF).When users are simultaneously logged in to Microsoft SharePoint Server and visit a mal...

6.5CVSS6.4AI score0.08862EPSS

CVE•added 2021/01/12 8:15 p.m.•90 views

CVE-2021-1712

Microsoft SharePoint Elevation of Privilege Vulnerability

8CVSS7.8AI score0.01091EPSS

CVE•added 2020/04/15 3:15 p.m.•89 views

CVE-2020-0933

5.4CVSS5.2AI score0.01102EPSS

CVE•added 2020/09/11 5:15 p.m.•89 views

CVE-2020-1460

A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls. An authenticated attacker who successfully exploited the vulnerability could use a specially crafted page to perform actions in the security cont...

8.8CVSS8.9AI score0.05451EPSS

CVE•added 2022/12/13 7:15 p.m.•89 views

CVE-2022-44693

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.04061EPSS

CVE•added 2016/09/14 10:59 a.m.•88 views

CVE-2016-3357

Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Word for Mac 2011, Word 2016 for Mac, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, SharePoint Server 2013 SP1, Excel Automation Services on SharePoint Server 2013 SP1, Word Automati...

9.3CVSS7.6AI score0.29428EPSS

CVE•added 2020/03/12 4:15 p.m.•88 views

CVE-2020-0891

This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server, aka 'Microsoft SharePoint R...

5.4CVSS5.3AI score0.00622EPSS

CVE•added 2020/04/15 3:15 p.m.•88 views

CVE-2020-0924

5.4CVSS5.2AI score0.01102EPSS

CVE•added 2020/09/11 5:15 p.m.•88 views

CVE-2020-1227

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoi...

5.4CVSS6.4AI score0.0043EPSS

CVE•added 2020/09/11 5:15 p.m.•88 views

CVE-2020-1453

8.6CVSS8.6AI score0.01833EPSS

CVE•added 2019/08/14 9:15 p.m.•87 views

CVE-2019-1202

An information disclosure vulnerability exists in the way Microsoft SharePoint handles session objects. An authenticated attacker who successfully exploited the vulnerability could hijack the session of another user.To exploit this vulnerability, the attacker could run a specially crafted applicati...

4.4CVSS4.4AI score0.00599EPSS

CVE•added 2020/08/17 7:15 p.m.•87 views

CVE-2020-1580

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...

5.4CVSS6.1AI score0.00528EPSS

CVE•added 2021/10/13 1:15 a.m.•86 views

CVE-2021-40484

Microsoft SharePoint Server Spoofing Vulnerability

7.6CVSS5.4AI score0.06439EPSS

CVE•added 2020/09/11 5:15 p.m.•85 views

CVE-2020-1200

8.6CVSS8.6AI score0.01578EPSS

CVE•added 2020/09/11 5:15 p.m.•85 views

CVE-2020-1514

5.4CVSS6.4AI score0.00416EPSS

CVE•added 2021/02/25 11:15 p.m.•85 views

CVE-2021-24071

Microsoft SharePoint Information Disclosure Vulnerability

6.5CVSS5.7AI score0.08862EPSS

CVE•added 2019/03/06 12:0 a.m.•83 views

CVE-2019-0670

A spoofing vulnerability exists in Microsoft SharePoint when the application does not properly parse HTTP content, aka 'Microsoft SharePoint Spoofing Vulnerability'.

6.1CVSS7.4AI score0.00506EPSS

CVE•added 2020/04/15 3:15 p.m.•83 views

CVE-2020-0925

5.4CVSS5.2AI score0.01102EPSS

CVE•added 2020/04/15 3:15 p.m.•83 views

CVE-2020-0975

5.4CVSS5.3AI score0.00612EPSS

CVE•added 2020/05/21 11:15 p.m.•83 views

CVE-2020-1106

6.1CVSS5.1AI score0.01851EPSS

CVE•added 2020/06/09 8:15 p.m.•83 views

CVE-2020-1298

5.4CVSS5.1AI score0.00773EPSS

CVE•added 2020/09/11 5:15 p.m.•83 views

CVE-2020-1576

8.8CVSS8.6AI score0.00403EPSS

CVE•added 2022/09/13 7:15 p.m.•83 views

CVE-2022-38009

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.04734EPSS

CVE•added 2019/09/11 10:15 p.m.•82 views

CVE-2019-1296

A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1257, CVE-2019-1295.

8.8CVSS8.8AI score0.38462EPSS

CVE•added 2019/11/12 7:15 p.m.•82 views

CVE-2019-1443

An information disclosure vulnerability exists in Microsoft SharePoint when an attacker uploads a specially crafted file to the SharePoint Server.An authenticated attacker who successfully exploited this vulnerability could potentially leverage SharePoint functionality to obtain SMB hashes.The secu...

6.5CVSS5.8AI score0.15084EPSS

CVE•added 2020/06/09 8:15 p.m.•82 views

CVE-2020-1183

5.4CVSS5.1AI score0.00773EPSS

CVE•added 2020/09/11 5:15 p.m.•82 views

CVE-2020-1482

6.3CVSS6.7AI score0.00438EPSS

CVE•added 2019/09/11 10:15 p.m.•81 views

CVE-2019-1257

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1295, CVE-2019-1296.

8.8CVSS8.8AI score0.38462EPSS

CVE•added 2020/04/15 3:15 p.m.•81 views

CVE-2020-0972

5.4CVSS5.3AI score0.00612EPSS

CVE•added 2020/05/21 11:15 p.m.•81 views

CVE-2020-1024

8.8CVSS8.3AI score0.46247EPSS

CVE•added 2019/04/09 9:29 p.m.•80 views

CVE-2019-0830

5.4CVSS5AI score0.00578EPSS

CVE•added 2020/05/21 11:15 p.m.•80 views

CVE-2020-1101