Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MicrosoftSharepoint Server

460 matches found

cve
cveadded 2015/05/13 10:59 a.m.74 views

CVE-2015-1682

Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1, Office 2013 RT SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Office for Mac 2011, Excel for Mac 2011, PowerPoint for Mac 2011, Word...

9.3CVSS7.4AI score0.28203EPSS
cve
cveadded 2016/02/10 11:59 a.m.74 views

CVE-2016-0022

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps Server 2013 SP1, and SharePoint Server 2013 ...

9.3CVSS7.7AI score0.21675EPSS
cve
cveadded 2016/11/10 6:59 a.m.74 views

CVE-2016-7236

Microsoft Excel 2010 SP2, Excel for Mac 2011, Excel 2016 for Mac, and Excel Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

9.3CVSS7.7AI score0.43214EPSS
cve
cveadded 2017/03/17 12:59 a.m.74 views

CVE-2017-0105

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from out-of-bound memory via a crafted Office docume...

5.5CVSS5.5AI score0.36469EPSS
cve
cveadded 2018/05/09 7:29 p.m.74 views

CVE-2018-8161

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Word, Word, Microsoft Office, Microsoft SharePoint. This CVE ID is unique from C...

9.3CVSS7.7AI score0.24873EPSS
cve
cveadded 2018/09/13 12:29 a.m.74 views

CVE-2018-8431

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoin...

5.4CVSS5.6AI score0.00427EPSS
cve
cveadded 2020/06/09 8:15 p.m.74 views

CVE-2020-1295

An elevation of privilege vulnerability exists in Microsoft SharePoint, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'.

8.8CVSS8.2AI score0.09864EPSS
cve
cveadded 2016/02/10 11:59 a.m.73 views

CVE-2016-0052

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps Server 2013 SP1, and SharePoint Server 2013 ...

9.3CVSS7.7AI score0.21675EPSS
cve
cveadded 2016/12/20 6:59 a.m.73 views

CVE-2016-7268

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word Viewer, Word for Mac 2011, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from process memory or cause a denial o...

7.1CVSS6.7AI score0.09192EPSS
cve
cveadded 2019/01/08 9:29 p.m.73 views

CVE-2019-0557

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint. This CVE ID is unique from CVE-2019...

5.4CVSS5.1AI score0.00485EPSS
cve
cveadded 2019/05/16 7:29 p.m.73 views

CVE-2019-0956

An information disclosure vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Server Information Disclosure Vulnerability'.

6.5CVSS6.2AI score0.10949EPSS
cve
cveadded 2021/12/15 3:15 p.m.73 views

CVE-2021-42294

Microsoft SharePoint Server Remote Code Execution Vulnerability

7.2CVSS7.8AI score0.00685EPSS
cve
cveadded 2014/05/14 11:13 a.m.72 views

CVE-2014-0251

Microsoft Windows SharePoint Services 3.0 SP3; SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 Gold and SP1; SharePoint Foundation 2010 SP1 and SP2 and 2013 Gold and SP1; Project Server 2010 SP1 and SP2 and 2013 Gold and SP1; Web Applications 2010 SP1 and SP2; Office Web Apps Server 2013 Gol...

9CVSS7.2AI score0.15421EPSS
cve
cveadded 2015/11/11 11:59 a.m.72 views

CVE-2015-6038

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3, 2010 SP2, and 2013 SP1 allow remote attackers to execute arbitrary code via...

9.3CVSS7.5AI score0.40819EPSS
cve
cveadded 2016/11/10 6:59 a.m.72 views

CVE-2016-7234

Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Excel for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web A...

9.3CVSS7.7AI score0.38399EPSS
cve
cveadded 2018/03/14 5:29 p.m.72 views

CVE-2018-0919

Microsoft Office 2010 SP2, 2013 SP1, and 2016, Microsoft Office 2016 Click-to-Run Microsoft Office 2016 for Mac, Microsoft Office Web Apps 2010 SP2, Microsoft Office Web Apps 2013 SP1, Microsoft SharePoint Enterprise Server 2013 SP1, Microsoft SharePoint Enterprise Server 2016, Microsoft SharePoint...

4.3CVSS4.9AI score0.06725EPSS
cve
cveadded 2015/04/14 8:59 p.m.71 views

CVE-2015-1650

Use-after-free vulnerability in Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, and Office Web Apps Server 2010 SP2 and 2013 SP1 allows remote a...

9.3CVSS7.5AI score0.55659EPSS
cve
cveadded 2016/07/13 1:59 a.m.71 views

CVE-2016-3281

Microsoft Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Micro...

9.3CVSS7.7AI score0.41944EPSS
cve
cveadded 2018/05/09 7:29 p.m.71 views

CVE-2018-8160

An information disclosure vulnerability exists in Outlook when a message is opened, aka "Microsoft Outlook Information Disclosure Vulnerability." This affects Word, Microsoft Office.

6.5CVSS6.1AI score0.19761EPSS
cve
cveadded 2019/01/08 9:29 p.m.71 views

CVE-2019-0556

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint. This CVE ID is unique from CVE-2019...

5.4CVSS5.1AI score0.00485EPSS
cve
cveadded 2025/04/08 6:16 p.m.71 views

CVE-2025-27746

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

7.8CVSS7.8AI score0.00079EPSS
cve
cveadded 2010/12/16 7:33 p.m.70 views

CVE-2010-3964

Unrestricted file upload vulnerability in the Document Conversions Launcher Service in Microsoft Office SharePoint Server 2007 SP2, when the Document Conversions Load Balancer Service is enabled, allows remote attackers to execute arbitrary code via a crafted SOAP request to TCP port 8082, aka "Mal...

7.5CVSS7.7AI score0.90105EPSS
cve
cveadded 2013/09/11 2:3 p.m.70 views

CVE-2013-3849

Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corrupti...

9.3CVSS7.5AI score0.61623EPSS
cve
cveadded 2015/03/11 10:59 a.m.70 views

CVE-2015-0085

Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 Gold and SP1, Word 2013 Gold and SP1, Office 2013 RT Gold and SP1, Word 2013 RT Gold and SP1, Excel Viewer,...

9.3CVSS7.4AI score0.34099EPSS
cve
cveadded 2018/10/10 1:29 p.m.70 views

CVE-2018-8504

A remote code execution vulnerability exists in Microsoft Word software when the software fails to properly handle objects in Protected View, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Microsoft SharePoint Server, Office 365 ProPlus, Microsoft Office, Microsoft Word.

9.3CVSS8.8AI score0.17486EPSS
cve
cveadded 2021/12/29 11:15 p.m.70 views

CVE-2021-43876

Microsoft SharePoint Elevation of Privilege Vulnerability

8.8CVSS8.6AI score0.0101EPSS
cve
cveadded 2022/10/11 7:15 p.m.70 views

CVE-2022-41037

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.06087EPSS
cve
cveadded 2015/08/15 12:59 a.m.69 views

CVE-2015-2468

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office for Mac 2011, Office for Mac 2016, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Word Web Apps 2010 SP2, and Office Web Apps Server 201...

9.3CVSS7.4AI score0.64436EPSS
cve
cveadded 2015/11/11 12:59 p.m.69 views

CVE-2015-6094

Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, and Excel Services on SharePoint Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

9.3CVSS7.5AI score0.41007EPSS
cve
cveadded 2018/11/14 1:29 a.m.69 views

CVE-2018-8572

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoin...

5.4CVSS6.3AI score0.00427EPSS
cve
cveadded 2010/10/13 7:0 p.m.68 views

CVE-2010-3243

Cross-site scripting (XSS) vulnerability in the toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2 and Office SharePoint Server 2007 SP2, allows remote attackers to inject arbitrary web script or HTML via unspecified ve...

4.3CVSS7AI score0.39622EPSS
cve
cveadded 2018/03/14 5:29 p.m.68 views

CVE-2018-0922

Microsoft Office 2010 SP2, 2013 SP1, and 2016, Microsoft Office 2016 Click-to-Run Microsoft Office 2016 for Mac, Microsoft Office Compatibility Pack SP2, Microsoft Office Web Apps 2010 SP2, Microsoft Office Web Apps 2013 SP1, Microsoft Office Word Viewer, Microsoft SharePoint Enterprise Server 2013...

9.3CVSS7.8AI score0.19242EPSS
cve
cveadded 2018/12/12 12:29 a.m.68 views

CVE-2018-8635

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted authentication request to an affected SharePoint server, aka "Microsoft SharePoint Server Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, M...

8.8CVSS4.9AI score0.12974EPSS
cve
cveadded 2022/10/11 7:15 p.m.68 views

CVE-2022-41036

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.06087EPSS
cve
cveadded 2008/10/15 12:12 a.m.67 views

CVE-2008-4019

Integer overflow in the REPT function in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 SP3; Office Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office SharePoint Server 2007 Gold and S...

9.3CVSS7.5AI score0.59492EPSS
cve
cveadded 2012/07/10 9:55 p.m.67 views

CVE-2012-1860

Microsoft Office SharePoint Server 2007 SP2 and SP3, SharePoint Server 2010 Gold and SP1, and Office Web Apps 2010 Gold and SP1 do not properly check permissions for search scopes, which allows remote authenticated users to obtain sensitive information or cause a denial of service (data modificatio...

5.5CVSS6.3AI score0.01445EPSS
cve
cveadded 2024/09/10 5:15 p.m.67 views

CVE-2024-38227

Microsoft SharePoint Server Remote Code Execution Vulnerability

7.2CVSS7.8AI score0.01843EPSS
cve
cveadded 2024/09/10 5:15 p.m.67 views

CVE-2024-38228

Microsoft SharePoint Server Remote Code Execution Vulnerability

7.2CVSS7.8AI score0.01843EPSS
cve
cveadded 2024/12/12 2:4 a.m.67 views

CVE-2024-49070

Microsoft SharePoint Remote Code Execution Vulnerability

7.4CVSS7.6AI score0.00143EPSS
cve
cveadded 2010/04/29 9:30 p.m.66 views

CVE-2010-0817

Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in Microsoft SharePoint Server 2007 12.0.0.6421 and possibly earlier, and SharePoint Services 3.0 SP1 and SP2, versions, allows remote attackers to inject arbitrary web script or HTML via the cid0 parameter.

4.3CVSS5.6AI score0.49253EPSS
cve
cveadded 2015/03/11 10:59 a.m.66 views

CVE-2015-1636

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2013 Gold and SP1 and SharePoint Server 2013 Gold and SP1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability."

3.5CVSS4.6AI score0.07905EPSS
cve
cveadded 2015/07/14 9:59 p.m.66 views

CVE-2015-2375

Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel Viewer 2007 SP3, Excel Services on SharePoint Server 2010 SP2, and Excel Services on SharePoint Server 2013 SP1 allow remote attackers to bypass the ASLR protection mechanism via a crafted spreadsheet, aka "Microsoft Excel ASLR Bypa...

4.3CVSS6.4AI score0.19992EPSS
cve
cveadded 2018/05/09 7:29 p.m.66 views

CVE-2018-8168

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoin...

5.4CVSS5.5AI score0.00473EPSS
cve
cveadded 2018/06/14 12:29 p.m.66 views

CVE-2018-8254

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft Project Server, Microsoft SharePoint. ...

5.4CVSS5.5AI score0.00869EPSS
cve
cveadded 2024/09/10 5:15 p.m.66 views

CVE-2024-43466

Microsoft SharePoint Server Denial of Service Vulnerability

7.5CVSS7.2AI score0.12381EPSS
cve
cveadded 2015/11/11 12:59 p.m.65 views

CVE-2015-6093

Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted Office docu...

9.3CVSS7.5AI score0.39746EPSS
cve
cveadded 2017/06/15 1:29 a.m.65 views

CVE-2017-8513

A remote code execution vulnerability exists in Microsoft PowerPoint when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability".

9.3CVSS6.6AI score0.33258EPSS
cve
cveadded 2017/07/11 9:29 p.m.65 views

CVE-2017-8569

Microsoft SharePoint Server allows an elevation of privilege vulnerability due to the way that it sanitizes a specially crafted web request to an affected SharePoint server, aka "SharePoint Server XSS Vulnerability".

8.8CVSS8.2AI score0.08889EPSS
cve
cveadded 2024/12/12 2:4 a.m.65 views

CVE-2024-49068

Microsoft SharePoint Elevation of Privilege Vulnerability

8.2CVSS8.1AI score0.0226EPSS
cve
cveadded 2015/10/14 1:59 a.m.64 views

CVE-2015-2558

Use-after-free vulnerability in Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Excel Viewer, Office Compatibility Pack SP3, and Excel Services on SharePoint Server 2007 SP3, 2010 SP2, and 2013 SP1 allows remote attack...

9.3CVSS7.5AI score0.4881EPSS
Total number of security vulnerabilities460