Sharepoint Server Security Vulnerabilities and Issues — Page 5 of Sharepoint Server CVE List

Lucene search

MicrosoftSharepoint Server

464 matches found

CVE•added 2024/06/11 5:15 p.m.•101 views

CVE-2024-30100

Microsoft SharePoint Server Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.00831EPSS

CVE•added 2019/09/11 10:15 p.m.•100 views

CVE-2019-1260

An elevation of privilege vulnerability exists in Microsoft SharePoint, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'.

6.5CVSS7.2AI score0.11221EPSS

CVE•added 2020/09/11 5:15 p.m.•100 views

CVE-2020-1335

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ...

8.8CVSS7.8AI score0.10314EPSS

CVE•added 2020/08/17 7:15 p.m.•100 views

CVE-2020-1502

An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data.To exploit the vulnerability, an attacker could craft a special documen...

5.5CVSS6.3AI score0.22521EPSS

CVE•added 2019/06/12 2:29 p.m.•99 views

CVE-2019-1034

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fi...

9.3CVSS7.6AI score0.12927EPSS

CVE•added 2020/04/15 3:15 p.m.•99 views

CVE-2020-0920

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0929, CVE-2020-0931, CVE-2020-0932, CVE-2020-0971, C...

8.8CVSS8.3AI score0.30943EPSS

CVE•added 2020/05/21 11:15 p.m.•99 views

CVE-2020-1099

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1100, CVE-2020-1101, CVE-2020-1106...

5.4CVSS5.1AI score0.01851EPSS

CVE•added 2020/07/14 11:15 p.m.•99 views

CVE-2020-1456

5.4CVSS5.1AI score0.00656EPSS

CVE•added 2020/11/11 7:15 a.m.•99 views

CVE-2020-17061

Microsoft SharePoint Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.11137EPSS

CVE•added 2022/10/11 7:15 p.m.•99 views

CVE-2022-41038

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.05429EPSS

CVE•added 2016/05/11 1:59 a.m.•98 views

CVE-2016-0183

The Windows font library in Microsoft Office 2010 SP2, Word 2010 SP2, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allows remote attackers to execute arbitrary code via a crafted embedded font, aka "Microsoft Office Graphics RCE Vulnerability."

9.3CVSS8.2AI score0.35188EPSS

CVE•added 2020/08/17 7:15 p.m.•98 views

CVE-2020-1499

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.The attacke...

5.5CVSS6.2AI score0.01717EPSS

CVE•added 2020/09/11 5:15 p.m.•98 views

CVE-2020-1595

A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm accoun...

9.9CVSS9.3AI score0.00829EPSS

CVE•added 2020/10/16 11:15 p.m.•98 views

CVE-2020-16944

This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successful...

8.7CVSS8.1AI score0.00584EPSS

CVE•added 2021/01/12 8:15 p.m.•98 views

CVE-2021-1719

Microsoft SharePoint Elevation of Privilege Vulnerability

8CVSS7.8AI score0.01091EPSS

CVE•added 2022/02/09 5:15 p.m.•98 views

CVE-2022-21987

Microsoft SharePoint Server Spoofing Vulnerability

8CVSS8AI score0.05596EPSS

CVE•added 2020/06/09 8:15 p.m.•97 views

CVE-2020-1178

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted authentication request to an affected SharePoint server, aka 'Microsoft SharePoint Server Elevation of Privilege Vulnerability'.

8.8CVSS8.3AI score0.08786EPSS

CVE•added 2020/07/14 11:15 p.m.•97 views

CVE-2020-1448

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1446, CVE-2020-1447.

8.8CVSS8.8AI score0.43263EPSS

CVE•added 2020/08/17 7:15 p.m.•97 views

CVE-2020-1573

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...

5.5CVSS6.1AI score0.01125EPSS

CVE•added 2017/04/12 2:59 p.m.•96 views

CVE-2017-0195

Microsoft Excel Services on Microsoft SharePoint Server 2010 SP1 and SP2, Microsoft Excel Web Apps 2010 SP2, Microsoft Office Web Apps 2010 SP2, Microsoft Office Web Apps Server 2013 SP1 and Office Online Server allows remote attackers to perform cross-site scripting and run script with local user ...

5.4CVSS5.2AI score0.01103EPSS

CVE•added 2017/09/13 1:29 a.m.•96 views

CVE-2017-8742

A remote code execution vulnerability exists in Microsoft PowerPoint 2007 Service Pack 3, Microsoft PowerPoint 2010 Service Pack 2, Microsoft PowerPoint 2013 Service Pack 1, Microsoft PowerPoint 2013 RT Service Pack 1, Microsoft PowerPoint 2016, Microsoft PowerPoint Viewer 2007, Microsoft SharePoin...

9.3CVSS8AI score0.32412EPSS

CVE•added 2018/07/11 12:29 a.m.•96 views

CVE-2018-8284

A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microso...

9.3CVSS7.3AI score0.53408EPSS

CVE•added 2019/04/09 9:29 p.m.•96 views

CVE-2019-0831

5.4CVSS5AI score0.00485EPSS

CVE•added 2020/09/11 5:15 p.m.•96 views

CVE-2020-1338

8.8CVSS7.7AI score0.10314EPSS

CVE•added 2021/01/12 8:15 p.m.•96 views

CVE-2021-1717

Microsoft SharePoint Server Spoofing Vulnerability

5.8CVSS5.5AI score0.00978EPSS

CVE•added 2024/12/12 2:4 a.m.•96 views

CVE-2024-49062

Microsoft SharePoint Information Disclosure Vulnerability

6.5CVSS6.1AI score0.00669EPSS

CVE•added 2020/04/15 3:15 p.m.•95 views

CVE-2020-0978

5.4CVSS5.2AI score0.01102EPSS

CVE•added 2020/06/09 8:15 p.m.•95 views

CVE-2020-1320

5.4CVSS5.1AI score0.01048EPSS

CVE•added 2021/09/15 12:15 p.m.•95 views

CVE-2021-38651

Microsoft SharePoint Server Spoofing Vulnerability

7.6CVSS5.2AI score0.0108EPSS

CVE•added 2021/10/13 1:15 a.m.•95 views

CVE-2021-40483

Microsoft SharePoint Server Spoofing Vulnerability

7.6CVSS5.4AI score0.06132EPSS

CVE•added 2023/08/08 6:15 p.m.•95 views

CVE-2023-36892

Microsoft SharePoint Server Spoofing Vulnerability

8CVSS7.6AI score0.00247EPSS

CVE•added 2019/11/12 7:15 p.m.•94 views

CVE-2019-1446

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.

5.5CVSS5.6AI score0.08477EPSS

CVE•added 2020/03/12 4:15 p.m.•94 views

CVE-2020-0893

5.4CVSS5.1AI score0.00898EPSS

CVE•added 2020/09/11 5:15 p.m.•94 views

CVE-2020-1205

4.9CVSS6AI score0.01427EPSS

CVE•added 2020/06/09 8:15 p.m.•94 views

CVE-2020-1297

5.4CVSS5.1AI score0.01048EPSS

CVE•added 2020/07/14 11:15 p.m.•94 views

CVE-2020-1445

An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka 'Microsoft Office Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1342.

5.5CVSS6.1AI score0.28299EPSS

CVE•added 2020/07/14 11:15 p.m.•94 views

CVE-2020-1450

5.4CVSS5.1AI score0.00656EPSS

CVE•added 2020/10/16 11:15 p.m.•94 views

CVE-2020-16942

An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages. An attacker who took advantage of this information disclosure could view the folder path of scripts loaded on the page.To take advantage of th...

4.4CVSS5.7AI score0.00323EPSS

CVE•added 2020/11/11 7:15 a.m.•94 views

CVE-2020-17060

Microsoft SharePoint Server Spoofing Vulnerability

5.8CVSS6.7AI score0.01186EPSS

CVE•added 2016/05/11 1:59 a.m.•93 views

CVE-2016-0140

Microsoft Office 2007 SP3, Office 2010 SP2, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

9.3CVSS7.8AI score0.29275EPSS

CVE•added 2020/08/17 7:15 p.m.•93 views

CVE-2020-1505

An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.To exploit the vulnerability, an attacker would have...

5.5CVSS6.3AI score0.01174EPSS

CVE•added 2020/11/11 7:15 a.m.•93 views

CVE-2020-16979

Microsoft SharePoint Information Disclosure Vulnerability

6.5CVSS5.2AI score0.04175EPSS

CVE•added 2023/07/11 6:15 p.m.•93 views

CVE-2023-33134

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.00605EPSS

CVE•added 2024/07/09 5:15 p.m.•93 views

CVE-2024-32987

Microsoft SharePoint Server Information Disclosure Vulnerability

7.5CVSS7.2AI score0.16251EPSS

CVE•added 2024/07/09 5:15 p.m.•93 views

CVE-2024-38024

Microsoft SharePoint Server Remote Code Execution Vulnerability

7.2CVSS7.3AI score0.68797EPSS

CVE•added 2017/03/17 12:59 a.m.•92 views

CVE-2017-0052

Microsoft Office Compatibility Pack SP3, Excel 2007 SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." T...

9.3CVSS6.7AI score0.23473EPSS

CVE•added 2019/05/16 7:29 p.m.•92 views

CVE-2019-0949

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-0950, CVE-2019-0951.

5.7CVSS5.4AI score0.07161EPSS

CVE•added 2020/06/09 8:15 p.m.•92 views

CVE-2020-1323

An open redirect vulnerability exists in Microsoft SharePoint that could lead to spoofing.To exploit the vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link, aka 'SharePoint Open Redirect Vulnerability'.

6.1CVSS6.5AI score0.014EPSS

CVE•added 2020/11/11 7:15 a.m.•92 views

CVE-2020-17015

Microsoft SharePoint Server Spoofing Vulnerability

6.5CVSS4.8AI score0.02613EPSS

CVE•added 2020/11/11 7:15 a.m.•92 views

CVE-2020-17016

Microsoft SharePoint Server Spoofing Vulnerability

8.8CVSS8AI score0.16892EPSS

Total number of security vulnerabilities464