Sharepoint Foundation Security Vulnerabilities and Issues — Sharepoint Foundation CVE List

Lucene search

MicrosoftSharepoint Foundation

63 matches found

CVE•added 2020/03/12 4:15 p.m.•409 views

CVE-2020-0894

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0893.

5.4CVSS5.1AI score0.00898EPSS

CVE•added 2019/09/11 10:15 p.m.•161 views

CVE-2019-1262

5.4CVSS5.1AI score0.0048EPSS

CVE•added 2021/03/11 4:15 p.m.•151 views

CVE-2021-24104

Microsoft SharePoint Server Spoofing Vulnerability

5.8CVSS4.9AI score0.00618EPSS

CVE•added 2021/07/14 6:15 p.m.•136 views

CVE-2021-34519

Microsoft SharePoint Server Information Disclosure Vulnerability

5.3CVSS5.2AI score0.01132EPSS

CVE•added 2013/09/11 2:3 p.m.•131 views

CVE-2013-0081

Microsoft SharePoint Portal Server 2003 SP3 and SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 do not properly process unassigned workflows, which allows remote attackers to cause a denial of service (W3WP process hang) via a crafted URL, aka "SharePoint Denial of Service Vulnerability."

5CVSS6.4AI score0.60252EPSS

CVE•added 2013/03/13 12:55 a.m.•128 views

CVE-2013-0086

Microsoft OneNote 2010 SP1 does not properly determine buffer sizes during memory allocation, which allows remote attackers to obtain sensitive information via a crafted OneNote file, aka "Buffer Size Validation Vulnerability."

5CVSS6.1AI score0.24539EPSS

CVE•added 2021/01/12 8:15 p.m.•125 views

CVE-2021-1641

Microsoft SharePoint Server Spoofing Vulnerability

5.8CVSS5.5AI score0.00978EPSS

CVE•added 2021/07/14 6:15 p.m.•125 views

CVE-2021-34517

Microsoft SharePoint Server Spoofing Vulnerability

5.3CVSS6.2AI score0.01211EPSS

CVE•added 2020/08/17 7:15 p.m.•119 views

CVE-2020-1501

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.The attacke...

5.5CVSS6.2AI score0.01772EPSS

CVE•added 2020/04/15 3:15 p.m.•116 views

CVE-2020-0976

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-0972, CVE-2020-0975, CVE-2020-0977.

5.4CVSS5.3AI score0.00612EPSS

CVE•added 2020/05/21 11:15 p.m.•116 views

CVE-2020-1107

5.4CVSS5.4AI score0.00675EPSS

CVE•added 2020/06/09 8:15 p.m.•110 views

CVE-2020-1177

5.4CVSS5.1AI score0.00773EPSS

CVE•added 2020/03/12 4:15 p.m.•107 views

CVE-2020-0795

This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server, aka 'Microsoft SharePoint R...

5.4CVSS5.3AI score0.00622EPSS

CVE•added 2020/10/16 11:15 p.m.•106 views

CVE-2020-16941

<p>An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages. An attacker who took advantage of this information disclosure could view the folder path of scripts loaded on the page.</p><p>To take advan...

5.5CVSS5.1AI score0.00344EPSS

CVE•added 2019/04/09 3:29 a.m.•103 views

CVE-2019-0778

5.4CVSS5.7AI score0.00579EPSS

CVE•added 2020/04/15 3:15 p.m.•103 views

CVE-2020-0923

5.4CVSS5.2AI score0.01102EPSS

CVE•added 2017/05/12 2:29 p.m.•98 views

CVE-2017-0255

Microsoft SharePoint Foundation 2013 SP1 allows an elevation of privilege vulnerability when it does not properly sanitize a specially crafted web request, aka "Microsoft SharePoint XSS Vulnerability".

5.4CVSS5.3AI score0.01164EPSS

CVE•added 2020/08/17 7:15 p.m.•98 views

CVE-2020-1499

5.5CVSS6.2AI score0.01717EPSS

CVE•added 2020/08/17 7:15 p.m.•97 views

CVE-2020-1573

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...

5.5CVSS6.1AI score0.01125EPSS

CVE•added 2019/04/09 9:29 p.m.•96 views

CVE-2019-0831

5.4CVSS5AI score0.00578EPSS

CVE•added 2021/01/12 8:15 p.m.•96 views

CVE-2021-1717

Microsoft SharePoint Server Spoofing Vulnerability

5.8CVSS5.5AI score0.00978EPSS

CVE•added 2020/04/15 3:15 p.m.•95 views

CVE-2020-0978

5.4CVSS5.2AI score0.01102EPSS

CVE•added 2020/06/09 8:15 p.m.•95 views

CVE-2020-1320

5.4CVSS5.1AI score0.00773EPSS

CVE•added 2020/06/09 8:15 p.m.•94 views

CVE-2020-1297

5.4CVSS5.1AI score0.00773EPSS

CVE•added 2020/08/17 7:15 p.m.•93 views

CVE-2020-1505

An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.To exploit the vulnerability, an attacker would have...

5.5CVSS6.3AI score0.01174EPSS

CVE•added 2019/05/16 7:29 p.m.•92 views

CVE-2019-0949

5.7CVSS5.4AI score0.07161EPSS

CVE•added 2020/05/21 11:15 p.m.•91 views

CVE-2020-1100

5.4CVSS5.1AI score0.01851EPSS

CVE•added 2019/06/12 2:29 p.m.•90 views

CVE-2019-1031

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...

5.4CVSS5.1AI score0.00528EPSS

CVE•added 2019/06/12 2:29 p.m.•90 views

CVE-2019-1036

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...

5.4CVSS5.1AI score0.00528EPSS

CVE•added 2019/10/10 2:15 p.m.•90 views

CVE-2019-1328

5.4CVSS5.8AI score0.00595EPSS

CVE•added 2020/04/15 3:15 p.m.•89 views

CVE-2020-0933

5.4CVSS5.2AI score0.01102EPSS

CVE•added 2020/03/12 4:15 p.m.•88 views

CVE-2020-0891

5.4CVSS5.3AI score0.00622EPSS

CVE•added 2020/04/15 3:15 p.m.•88 views

CVE-2020-0924

5.4CVSS5.2AI score0.01102EPSS

CVE•added 2020/09/11 5:15 p.m.•88 views

CVE-2020-1227

<p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoi...

5.4CVSS6.4AI score0.0043EPSS

CVE•added 2020/08/17 7:15 p.m.•87 views

CVE-2020-1580

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...

5.4CVSS6.1AI score0.00528EPSS

CVE•added 2020/09/11 5:15 p.m.•85 views

CVE-2020-1514

5.4CVSS6.4AI score0.00416EPSS

CVE•added 2019/10/10 2:15 p.m.•84 views

CVE-2019-1070

5.4CVSS5.2AI score0.0125EPSS

CVE•added 2020/04/15 3:15 p.m.•83 views

CVE-2020-0925

5.4CVSS5.2AI score0.01102EPSS

CVE•added 2020/04/15 3:15 p.m.•83 views

CVE-2020-0975