Sharepoint Foundation Security Vulnerabilities and Issues — Sharepoint Foundation CVE List

Lucene search

MicrosoftSharepoint Foundation

15 matches found

CVE•added 2019/07/15 7:15 p.m.•271 views

CVE-2019-1006

An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'.

7.5CVSS7.8AI score0.03045EPSS

CVE•added 2013/03/13 12:55 a.m.•138 views

CVE-2013-0084

Directory traversal vulnerability in Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allows remote attackers to bypass intended read restrictions for content, and hijack user accounts, via a crafted URL, aka "SharePoint Directory Traversal Vulnerability."

7.5CVSS6.5AI score0.28777EPSS

CVE•added 2021/06/08 11:15 p.m.•138 views

CVE-2021-31966

Microsoft SharePoint Server Remote Code Execution Vulnerability

7.2CVSS7.2AI score0.13101EPSS

CVE•added 2021/05/11 7:15 p.m.•137 views

CVE-2021-26418

Microsoft SharePoint Server Spoofing Vulnerability

7.1CVSS5.2AI score0.00773EPSS

CVE•added 2021/05/11 7:15 p.m.•137 views

CVE-2021-31172

Microsoft SharePoint Server Spoofing Vulnerability

7.1CVSS6.8AI score0.04736EPSS

CVE•added 2020/09/11 5:15 p.m.•133 views

CVE-2020-1198

<p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoi...

7.4CVSS7AI score0.00518EPSS

CVE•added 2013/03/13 12:55 a.m.•130 views

CVE-2013-0080

Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allow remote attackers to bypass intended read restrictions for content, and hijack user accounts, via a crafted URL, aka "Callback Function Vulnerability."

7.5CVSS6.5AI score0.41937EPSS

CVE•added 2021/05/11 7:15 p.m.•125 views

CVE-2021-28478

Microsoft SharePoint Server Spoofing Vulnerability

7.6CVSS7.1AI score0.02955EPSS

CVE•added 2020/09/11 5:15 p.m.•105 views

CVE-2020-1345

7.4CVSS7.3AI score0.00536EPSS

CVE•added 2021/09/15 12:15 p.m.•103 views

CVE-2021-38652

Microsoft SharePoint Server Spoofing Vulnerability

7.6CVSS5.2AI score0.01283EPSS

CVE•added 2021/09/15 12:15 p.m.•95 views

CVE-2021-38651

Microsoft SharePoint Server Spoofing Vulnerability

7.6CVSS5.2AI score0.0108EPSS

CVE•added 2021/10/13 1:15 a.m.•86 views

CVE-2021-40484

Microsoft SharePoint Server Spoofing Vulnerability

7.6CVSS5.4AI score0.06439EPSS

CVE•added 2021/12/15 3:15 p.m.•77 views

CVE-2021-43242

Microsoft SharePoint Server Spoofing Vulnerability

7.6CVSS6.4AI score0.00826EPSS

CVE•added 2021/12/15 3:15 p.m.•73 views

CVE-2021-42294

Microsoft SharePoint Server Remote Code Execution Vulnerability

7.2CVSS7.8AI score0.00685EPSS

CVE•added 2013/03/13 12:55 a.m.•47 views

CVE-2013-0085

Buffer overflow in Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allows remote attackers to cause a denial of service (W3WP process crash and site outage) via a crafted URL, aka "Buffer Overflow Vulnerability."

7.8CVSS6.8AI score0.68083EPSS