Sharepoint Server Security Vulnerabilities and Issues — Page 10 of Sharepoint Server CVE List

Lucene search

MicrosoftSharepoint Server

464 matches found

CVE•added 2011/09/15 12:26 p.m.•50 views

CVE-2011-1990

Microsoft Excel 2007 SP2; Excel in Office 2007 SP2; Excel Viewer SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and Excel Services on Office SharePoint Server 2007 SP2 do not properly validate the sign of an unspecified array index, which allows remote attacke...

9.3CVSS7.5AI score0.58631EPSS

CVE•added 2013/03/13 12:55 a.m.•50 views

CVE-2013-0085

Buffer overflow in Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allows remote attackers to cause a denial of service (W3WP process crash and site outage) via a crafted URL, aka "Buffer Overflow Vulnerability."

7.8CVSS6.8AI score0.68083EPSS

CVE•added 2013/04/09 10:55 p.m.•50 views

CVE-2013-1289

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1, Groove Server 2010 SP1, SharePoint Foundation 2010 SP1, and Office Web Apps 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted string, aka "HTML Sanitization Vulnerability."

4.3CVSS5.4AI score0.61898EPSS

CVE•added 2025/06/10 5:23 p.m.•49 views

CVE-2025-47166

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

8.8CVSS8.7AI score0.03546EPSS

CVE•added 2025/05/13 5:16 p.m.•46 views

CVE-2025-30382

Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.

7.8CVSS7.7AI score0.00323EPSS

CVE•added 2025/05/13 5:16 p.m.•45 views

CVE-2025-30384

Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.

7.4CVSS7.4AI score0.00704EPSS

CVE•added 2008/04/18 9:5 p.m.•38 views

CVE-2008-1888

Cross-site scripting (XSS) vulnerability in Microsoft Windows SharePoint Services 2.0 allows remote attackers to inject arbitrary web script or HTML via the Picture Source (aka picture object source) field in the Rich Text Editor.

4.3CVSS5.7AI score0.24964EPSS

CVE•added 2009/10/30 8:30 p.m.•37 views

CVE-2009-3830

The download functionality in Team Services in Microsoft Office SharePoint Server 2007 12.0.0.4518 and 12.0.0.6219 allows remote attackers to read ASP.NET source code via pathnames in the SourceUrl and Source parameters to _layouts/download.aspx.

5CVSS6.7AI score0.73857EPSS

CVE•added 2025/07/08 5:15 p.m.•29 views

CVE-2025-49703

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

7.8CVSS7.3AI score0.00068EPSS

CVE•added 2025/07/08 5:15 p.m.•25 views

CVE-2025-49701

Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

8.8CVSS6.8AI score0.00145EPSS

CVE•added 2 days ago•9 views

CVE-2025-49712

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

8.8CVSS7.4AI score0.0052EPSS

CVE•added 2 days ago•7 views

CVE-2025-53733

Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally.

8.4CVSS7.5AI score0.00114EPSS

CVE•added 2 days ago•4 views

CVE-2025-53736

Buffer over-read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

6.8CVSS6.7AI score0.00037EPSS

CVE•added 2 days ago•4 views

CVE-2025-53760

Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network.

7.1CVSS7.1AI score0.00046EPSS

Total number of security vulnerabilities464